xfantazy.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A60296599258%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A794114279%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Ast%3A1647359001&t=gdpr(14)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A60296599258%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A794114279%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Ast%3A1647359001&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 50

• https://mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A883909540%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647359001%3At%3AModelHub_com%20-%20Stepdaughter%20caught%20by%20stepdad%20gets%20a%20long%20fuck%20as%20punishment%20-%20XFantazy.com&t=gdpr(14)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A883909540%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647359001%3At%3AModelHub_com%20-%20Stepdaughter%20caught%20by%20stepdad%20gets%20a%20long%20fuck%20as%20punishment%20-%20XFantazy.com&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 74

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9578.vbyJiqtInNMB9RINMPsSzZiCL29i3ZZ_lU0Xgh8vEtKiybRc8PjTkbc_CoRH4eeN.f0gc2xvVCP9em1YUsgKL0S4HwU8%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9578.GL45If1aQB-BpZ5XfGJvh-ljic6AbdlmgQhaQlInsdDJ2sr05-T5JWZ_fGGedt2Elorz387HvrVTFQgwz4sCzIslK4mg8p-jhE5PWwjKXwE%2C.bt_eE4bNusgINjds2G5hnoTIIC4%2C

Request Chain 111

• https://tcimp.zog.link/in/banners?katds_ep=5DfG-0VRZETc4aLohf6PWeDfJqxJYOLuPThcC7IWyvS8Boi-sNCqIYZR1artEkd8PHqv2W5fzoaWAMr_AL4gaU-0w3VrKWHfs1edHeGx6ib40M51ICwlmIddnxdY2ZyCGT1AnOLBdvYb8KaAWUHjFWHZ9rJLLrERVvvIcXjFehbWIFM_1A3HC7xUvpzP3SuS8qlgBL03R6IH60vbW1aXtGx1TrzGFTUm1dwqrCU1zKboct2iSHW4apWRprakfbke1S8GT6bGKP4Ap46lGyTcXBP3FMejrC7XvJ-7mpm_ckNKQkOc_cVo193p0p2yLXUorg5SR9JI_uT-77bjeDY2rmZaD9twA2ogoD0NOx1dHEwZlxVi7xlsmZrfbzmk3eonDO5PyiH0fb8dbgwvR8HU2h2iRN4CtN_NdizyL0QCeTzzfNWZoyMl7Kk0INDayOHsIUMLDaI07qE4BbQzkLN0Nab6uKORG-unOZuo-ID11UeywlL9Qhx-cSrcW0owx6vbH3yTYmgb7RCYNv8CrVcDSxuXFC3ZDasAtpBuqMXlKnZl8A_492p-TRJX3__ecw3r6xTpvn7KSkDXAnj7xj7mpu8PXIeor7mpPNyl36iJXc1qQcORX7WzQmB49Nttxj7hpPGSn4160ZMzn1WYcwGlkUggQrSiqA6_IpSdYF6fd7tYFlXLoMYyS4jll6ppOvmWbTZAswCWstpniycysLM0d-lFGhyKTOXOXAneIM5OEQ0C7TMGyMv9OtZ2XeJ_CtcqDsTI2gDsqctV5GJiEBc9vnGMHmnYrbNMo0-OPjspsI4_OTmKwMtPiTHMy28gqRe2FIhSLZDRWglKa-FMv-kzr9PD_u76WLyzwYugQmuyybIxmdaO_TpYiYp2g8C-jrrRzpGmcHfwxfHnkFOtAxS4ZiznOoC0PX2jUo0F_kEgWCBlO0y6ivepeV1Epml9bMw4e0fUxfasZBLGk4xjCfycVs_9iA7O0nBAL6eQ-mt6Fgj8f8TYkpirdfERVaw12HUAc7ZJgH7vHgSSi5OCq-L_1edEpY07UuK-bw42XzQ4BkGC5m99oxgl9nFjs0IstiUht925OrJR1cBi8AP1pIf7bcLrTr6cxgeCD33u7HuTZYPRXYWaIiUmO-V3KDiY8Os9Xhugv_cUX_CQu7GBqlYJkan_PZc73gA2dRzG1JPWS5_SDOQGvfXbrKfUZYyoVYorRMLZFCArn0zJIGDUUX-rVSUM0wxl5BU2F8jTBc-6Ze5Uw3ijdgM-rLX1ZG-_uK7MZrk57IFIISR1Du-ePd6ysBBqVJDHSdosSUprce_ZTAI HTTP 302
• https://tb.baimgfroggd.site/in/1883/?user_id=923187157c5f7ee4f401959c1a75d4ed5a24206b&bid=0.042860&katds_labels=&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14&ts=1647359001&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Fb%2F3543_tIUgh65WJg30jsBM.jpg&tcbbc=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F789%2F%3Fkatds_ep%3DYJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N HTTP 302
• https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14

Request Chain 122

• https://tb.baimgfroggd.site/in/749?vid=sasPROregtU HTTP 302
• https://www.google.com/url?sa=D&q=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D%2A%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Request Chain 129

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5e56e9f7c89bfb1ad5b7c06f Show response xfantazy.com/video/	153 KB 26 KB	689ms 513ms	Document text/html	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 7cfed3c9f1307596d5db644cfbecb79f965f19565a25186918fa39ed9fb72707 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-type text/html; charset=utf-8 vary Origin x-powered-by Next.js cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieHYbD547IEPKfKASbvUrBaGX%2FNfFUGFxdnIB%2FnuLq8WzmCyisNunvZS5oM6t%2FMddn45bjp7MfZJXfqkx8JOuj1TuwE6bxZQT1rDQWd1jBiL7y8KeipZfXtxwzIm381rmzJctgljkLhbVm4%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ec65d335b24005b-LHR content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	238ms 107ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b40dc7015b19e80a9d1efe26f673355619a8e6b81a6eb7102b7335a64dee1706 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 15 Mar 2022 15:09:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 15 Mar 2022 15:43:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Mar 2022 15:43:20 GMT
GET H2	200	video.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	22 KB 8 KB	73ms 71ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/video.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c284e5a24dbe6008ba92b3d34ad7e1531e734ed2441bc09a1e66d3a6a4c24a8b Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:27 GMT server cloudflare age 455916 etag W/"5942-17f7310aea9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfto%2BOvE5gJ5ENauptHKJx9vBOqCwAzdtBwf6QrzTMR9bPtVGXwjNQd3V6O2zOgkOc1xF4%2F7HBIDMzcizw8rHWFFHuj6EuF2h%2FIXhIhthtia5tK3tYsd%2BBOIRttvxpFvJPwtY40pl21pyDk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf58005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	_app.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	132 KB 38 KB	85ms 83ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/_app.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54e0a7ca5f8f39a1c1e35bf44ef7267a0b442e821d3292b64b7d21b3386e59bf Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455987 etag W/"20e2f-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy4H%2BXqrcoPpkVReATmKOqzsIEsbyUcnPiPWVQ7T%2FZ3y%2FvpRqVWGvypGqKxaWquqU1HgB7qQ3ywoIUuH3tStIfsnKjpc9PRIGOGrWCfQs5dA%2BOfxb4XcoeOFnV3mtvAAL4qCyjz3Aefq5X4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf5f005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	commons.c6be2f5ddce0c474c306.js Show response xfantazy.com/_next/static/chunks/	1 MB 391 KB	123ms 121ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ce7a7d273d1b6bfaebc5cecc68948d1e896331a0c00f5c05d3ddd5954cd5e2c Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 11 Jun 2021 14:18:49 GMT server cloudflare age 13816105 etag W/"152f30-179fb7093d2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VymWjIEt0c2lB7tO8gY8zujRpUPeK7p0BJ%2FYR2a%2BF%2BnzSoIhCn79rKmr61rJ1%2Bh3Pe6XeVVT1OrL%2BbTmFY0mGfs0V%2BZLH6nZcXrsKU%2Bt7wVvP27UP48%2BQpwKOydhE9M7w%2BMYBbJEvp%2B9ZiM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf61005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	7.38d845e9473548212694.js Show response xfantazy.com/_next/static/chunks/	38 KB 11 KB	76ms 74ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71fc93dfa1cf93fa8f9c0c845c976013235d620d96d29db9f58cca6af83952ba Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:11 GMT server cloudflare age 12125990 etag W/"97ba-17c56c34819" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n63VP30Zgp8lifZIOcDtuBb32obtYRkAyJqDbJ8bci06bQON48SLb9R%2FtFsTUY76Du21XWCN3l2%2B3y33cCgF38%2FaVXjSvQuk5ZQ%2Bmnba6YsCz%2B%2FYw6XcdY7FG8LJLk3b%2FdJ7ZzgQiE4IvLo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf62005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	9.be198c87e436634bf765.js Show response xfantazy.com/_next/static/chunks/	39 KB 11 KB	118ms 117ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b04d9a0fab70ce856636ccb8728008a16355fe74951dce23725e710fb1836f4 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 11 Jun 2021 14:20:14 GMT server cloudflare age 13816105 etag W/"9c95-179fb71df05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejFvwrkwgy9azMfb8ZaQvvQu4GfdOvegv%2BiWGEdyD9bLJdewIxzQ0Wcolf8gPWZw8H3uSxMCc1wLfFcS%2F8ZTUjRrpGpVpSpNmH%2B5G5J3kaXpLq7%2FRw0mXAwpJ37bGnzAUB08t4pym8W2LgM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf64005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	16.2fcecc4fbe403da70f1d.js Show response xfantazy.com/_next/static/chunks/	20 KB 6 KB	73ms 72ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3595031ce9f58ed1758ff54c68f4243f3741112c9e4c82a2eb8eea3de2f31979 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:37 GMT server cloudflare age 12218476 etag W/"4f4a-17c56c3aeb1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZGbLp1FDl89BGLrIXijmv9P9zTF9N2q3Qnrl1NaA7YwRYF0k2b6oKR1KCDqGTOH6Wbsi8KVmaOdi0iRffAHZzOcA65KAlRTEcuklAPmuWlNxI%2B97fOr4wBevoWkjFHnS54r3n7DPcj%2FEps%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf65005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	59.edff5ae0d8d83054b552.js Show response xfantazy.com/_next/static/chunks/	3 KB 2 KB	78ms 77ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 036661808c9c3aeba760adfc9e75ff7276a1636bcdddf5695d937420d0550f89 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 11 Jun 2021 14:18:49 GMT server cloudflare age 13816105 etag W/"c8b-179fb7093da" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wKGoSpZtjBo4TBhZJecSTthQu3WNqPoThqsaw%2FbB0V5G8WObxWC%2BfIIxdRB119kaqiZbG8%2FZlzLUrqv86QOdQy545UehwS%2F%2FpSb%2BoF36ap4oPSdS7XwbwELTl1YHvycEvYR27HJLtBNBWQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf66005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	47.6c9a4510342e4dd3af77.js Show response xfantazy.com/_next/static/chunks/	2 KB 1 KB	77ms 76ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc49c5221a734035f5bb7a2e5e4d0065f4dcfc33d8eb4b0e927cfd4d3d27d42 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:37 GMT server cloudflare age 12485538 etag W/"620-17c56c3aeb5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIOQUuVydC8rQ7w4hKdK1G7ttWKcUnAx0hkFX8cWpGVvq5vVp0LTboiSzWoQ1JBhBKBMtF7EdBwOtPvwGo2urC8FkPmzAb%2Bvi7YgMKNvFhS1jfaYB1HqzYIX3J2CvhxvTf95ai6oQ0fOJ3U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf67005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	69.b3ff95d1d1b8e7cf25a2.js Show response xfantazy.com/_next/static/chunks/	2 KB 1 KB	78ms 78ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7126c70abcef790e6f74c6cfff8622335763e7141fef461eeb4bb442b54866a Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:37 GMT server cloudflare age 12126004 etag W/"61c-17c56c3aeb5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YOUE%2B%2BagFMMMJAeVDgIS2ICZ7nWquSnydUY97O1zmxkW%2F0keV64LE2l477dVoSP3cv0eKmJ6c9wCBJ5DmeCU6P5hbeBmcSEx8skBb7qsIRa0wnsaLOETo3wkslNObJsvhgFUbkGQ3YvDB0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf68005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	webpack-e836ae420181b78643a0.js Show response xfantazy.com/_next/static/runtime/	12 KB 5 KB	121ms 120ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 101e8f0748d03521002faeea490417c37964b2c2ab7f261b3448fdf7bd6a5e89 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:01:01 GMT server cloudflare age 12218459 etag W/"2fb2-17c56c40bc4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvn%2FB0NJaTR06ZZqEvizhqri3ER3mSVRv7fbazX5gwXJvgIvToK%2BPbjFKwHiRhNz%2FTKO0Kx0%2FF7lzkr1LHvyfFclmfWOYrGeY1M7yBJL6WkTcNx8i5A0DeH%2FimSy%2BSQmR2P5VJGmGHrDEfg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d36bf6e005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main-8daa673a54696bb62abb.js Show response xfantazy.com/_next/static/runtime/	71 KB 25 KB	130ms 129ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2700856b1aaf58e5ff28f5dd5014a1c5300b2afe36bee1b10dede18307372c35 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:18 GMT server cloudflare age 12126011 etag W/"11cd7-17c56c36665" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4%2F%2Fm%2BUQxEFlLIgr8vaR2HGCveKrS2CfuZ7ypHQfajp6V%2F3WFONpU07YKy8UQPUgSZT7K7v857XYukHGEqa2VA4Xudcpbm%2BXD%2FsLbK5m394u8tr1YLXPlogtQIUDefpKEOKsiEKPbwArEtw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d370fab005b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo-tv-light.svg xfantazy.com/static/	4 KB 2 KB	85ms 84ms	Image image/svg+xml	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xfantazy.com/static/logo-tv-light.svg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8156ad40b28324a07d6e88e26597079a3f8b991d03bd4efd14fb4353fb77b57 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 10 Mar 2022 08:58:47 GMT server cloudflare etag W/"101b-17f730d530c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prZGrh6OovZBx%2FsBBSaBXgJVqqblt7v%2BdJ515hyvjMe1oTf54P2vI%2FwNFYdO%2B1rFgK0EzxwAnruOMzHsFGDYUwm3uQDM5cbjT6cf1FWsUzR5Ft3ApW3zJGAgrv%2BuzvUbooJzALwHbjxs%2BKs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d383892775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JL-QuiL3mKvo8TiUqQ/w320h240/	12 KB 12 KB	262ms 148ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JL-QuiL3mKvo8TiUqQ/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 2fae29f4e0261520822f14f33a395093df9f846fb3216fcb94043f25ddab20a3 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12053 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JL7BuCD1w__q_D_B_A/w320h240/	13 KB 13 KB	213ms 99ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JL7BuCD1w__q_D_B_A/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash e96d07245c62106d2f472b92715621da2f04097c4ac5afa30b7a3298ed7bf145 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 13413 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	502	0.jpeg static-cache.k2s.cc/thumbnail/IL-Tv36lyaq9_j3D9w/w320h240/	0 0	213ms 99ms	Image text/html	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/IL-Tv36lyaq9_j3D9w/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/LO-XuSDznq24qmmeqg/w320h240/	9 KB 10 KB	264ms 150ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/LO-XuSDznq24qmmeqg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 687349065ce9f805d41faff61404d00e0d045260b25d75ee0eca9cf272ce3087 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 9637 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	email-decode.min.js Show response xfantazy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	48ms 48ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 11 Mar 2022 12:22:44 GMT server cloudflare etag W/"622b3f14-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG0JDLmjmA7OUSSTiDr0azrcIUHezT7TsCvtsQptzIWSAeJ6aPy0lSaQk3I8g%2FU65gqIGRWTMcaW1N47MJGYIKEHX4stAY0HEgak4PWqZmMFym9kknJ6J47S%2Bi2UDqgjppRPgeZh%2F5X3G2A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d38286b775b-LHR vary Accept-Encoding expires Thu, 17 Mar 2022 15:43:20 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	128 KB 46 KB	179ms 62ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5156d2135b28e19655a9dd42419a9a3da623769b212f043189aa6331fba33a3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46672 x-xss-protection 0 last-modified Tue, 15 Mar 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Mar 2022 15:43:20 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/9bf66dc894cf4/main/	66 KB 66 KB	211ms 100ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/9bf66dc894cf4/main/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 35ea1b9bf851deb8cf6c02183a8e4a962b864adb09047be1c7ba9700b809c437 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 67548 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	235ms 118ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 11 Mar 2022 09:48:03 GMT x-content-type-options nosniff age 366917 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 11 Mar 2023 09:48:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	170ms 54ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 14:02:00 GMT x-content-type-options nosniff age 6080 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Mar 2023 14:02:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	187ms 70ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 17:56:19 GMT x-content-type-options nosniff age 510421 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 09 Mar 2023 17:56:19 GMT
GET H3	200	styles.f80584c6.chunk.css xfantazy.com/_next/static/css/	191 KB 16 KB	163ms 162ms	Stylesheet text/css	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/css/styles.f80584c6.chunk.css Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4361f998f5c05b88a9b372b1a32b6d7331414af3b29e00edbcc6bcc7a51a4f8 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 10 Mar 2022 09:01:56 GMT server cloudflare etag W/"2fd40-17f731035b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x5XLT6%2FAYRiKX%2FzTTJn9Q0GUq6QXpB5yaWi%2FVhSbsJ9NhF6sKVSQXV3BzSbND0BmnaYmDv564QMyccWuZo%2BZaWVdKCYy7pqvVtG05yRuReh%2FJTB4F1AQDmHn5kK7D5KmqW4FiwwSWPTnqY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d399c34775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	styles.77acb212b856be16971e.js Show response xfantazy.com/_next/static/chunks/	85 B 666 B	65ms 65ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab8620079bb63c3fa28efc23400f1c2f1b57f0c71ff95a22e81e3c69da454b13 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:18 GMT server cloudflare age 12097219 etag W/"55-17c56c36665" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldlmIDJTv2iaJoblP842TQW8mKh2sQIFu7%2BSSCqZOI7zK6qMxms1VciE%2Bwsc0R9T4vPFqFKFfeQwiypPdynyf9wwZ44eDpAMbbO1HoaS6nvKLBO2Tf%2FdcKjUnPw4JiP37fOG%2FoGSWqZoiXE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d399c36775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	242.f2f17f1c570250fd1ab5.js Show response xfantazy.com/_next/static/chunks/	154 KB 37 KB	69ms 69ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/242.f2f17f1c570250fd1ab5.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8447605d596e98b85f2e5e2c26e3352436a95498208ac7876ea31d0183eda4b3 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:01:01 GMT server cloudflare age 12097219 etag W/"26625-17c56c40e74" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMURJPkPhI5muFuruiUCysVga97zLuDyrSPZ6VgSkV0tM9B25c3SJmTHb1%2F5pMxw17WiozTRWH55K8OZeGQUbk7qiP%2F34BaA6P5xkFXLtwAi7ksr%2BUGzuIy8y9f%2Beoc3R49OpbZ%2FOlvPLRA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d399c38775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	51.21792104df3f91cda445.js Show response xfantazy.com/_next/static/chunks/	3 KB 2 KB	107ms 106ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13b652377aae9e51c9d16856996c06aabe956d568dc16714cc14e51a581ddfd3 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:01:01 GMT server cloudflare age 12097212 etag W/"ce5-17c56c40bc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDK0V0piQPK%2BKxLkOmqi3JaiPqkpiQWeUjCTspxHRqZFjFc%2B39d0%2BZsvPQEq6E9nLs%2B5WuyFNQedAL9%2B8BMTImg%2BCdB9NHDThq4E4ERiuvmU89mY4OlybVcru%2BjPEci1E%2BHtCIwkrZF31Nk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d39fd08775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	70.aeba4e9e28ccf1bae13a.js Show response xfantazy.com/_next/static/chunks/	1 KB 1 KB	153ms 152ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-e836ae420181b78643a0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60f90aeed2b4364c0c3e8f6825d475c1a4652c22b759f316bdd3394e5ddd840a Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 18:00:18 GMT server cloudflare age 7910620 etag W/"56d-17c56c36495" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhAQN3doyNPgwrWMipyRE48BruWqi0hHfrZExSF9muRQVjaxh7d9SYPYg1VMa38UE0DJmkK4fV2g3xsqLiHRW4MzVtS39n1zOtIG0jNwr9q5pWg0edLHfiuXBs8Ke9ClXR6HeTRNh1ziflA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d39fd0a775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	login Show response xfantazy.com/api/auth/	2 B 1 KB	196ms 196ms	Fetch text/plain	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/auth/login Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/_app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Mar 2022 15:43:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybR%2FHAie9mDFBXtJqIK1v%2B%2BIsFkkGAy%2FiIVTNpdJs5nLDX2Dh5JaDoPFFTNCupOnGXU%2F3F5vpfCKKijvotRWSvIy7zvlwyqqaLLXJQuKQxRVr0tKnTofkAzCL0PNQ2lZFDFDXb%2FQHRLEJCE%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 6ec65d3a2d65775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2
POST H3	200	videoOpened Show response xfantazy.com/api/events/user/	2 B 543 B	135ms 135ms	Fetch text/plain	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/events/user/videoOpened Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/_app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Mar 2022 15:43:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTxB8v2yFT8HENU%2B%2FpvNBBRrB0X65XDkAdWyCKSYxQLkIsWo%2B%2B9posZds4A1O5d336ix5aHt0i58nPTqfGAH%2BRQf5E6H%2FTu%2F9dXAFHbwKsRS8qYLMq%2FBYh7sM%2Bo%2FB3Xo%2Fq0yLESyVXzm6hk%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 6ec65d3a2d73775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2
GET H/1.1	403 Forbidden	a2f990f10476061c719d1c1aa3a2ecd2.js addresseetransportationsyndrome.com/a2/f9/90/	0 0	425ms 144ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/_app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 15 Mar 2022 15:43:20 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	zRdVuw7.js Show response a.focusde.info/	115 KB 34 KB	194ms 58ms	Script application/javascript	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/zRdVuw7.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/_app.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash ac0ceeeef68f8d570e44671ab0aaf369d2b64e0684aca83a3688503e97422245 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 02 Mar 2022 11:49:01 GMT server nginx etag "621f59ad-84fb" x-frame-options DENY x-hw 1646222379.dop017.fr8.t,1646222379.cds219.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 34043 expires Thu, 02 Mar 2023 11:59:39 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H3	200	index.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	695 B 991 B	67ms 66ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/index.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 815c730987b8e9975a8cebb8db57ecdaa0eae4f50a8be529b591c992867995da Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455951 etag W/"2b7-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwjoN6rpGzD0eLJthADzjQwtGvCpCJbdg7Oq6%2BoSB46SLXr5NfZJBb4fPgwKj10SlY6Vl7KqLgxA9ly85%2Ba1RbIRlVZIi60%2F2sRlrS41CbO4Mtv6QM1cxmNoUduCNeE3ixZyXgV0XMJZ4w8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaeb2775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	login.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	3 KB 2 KB	66ms 64ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/login.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ade1e2eefbbbbf67a351eb847d60ee6f7eca11242a6ad29c88f564ad1b67e41 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455951 etag W/"ba5-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKwPJhry0W9LuPGj6XQjkwmQVT8eTS382fZZmER6zJA9Wu%2FGsDRHSRn6d%2FQwVLMMEeby9BmcRPTlvMqA56rl77%2BlwoHFeHihj4iy%2FqRzaVhL2HCJsrOcUmVatlLnoMwd4MOjtBN7GVsW3ZQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaeb8775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	signup.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	3 KB 2 KB	66ms 65ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/signup.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a56beb0ef64e108ae937414a825df3822df8858796abac7d6edfa4a76ddc6b6b Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:27 GMT server cloudflare age 455947 etag W/"bac-17f7310aea9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4okl2C7X9noh4nTiqRCE6YpN2Pdrx9RNFw9ANxoWqKtFWouXOQnoKMqSIQmPAFjtIDugLU72VJvoMZ3KPEQadgJYpiGAHRX6qbQMeMAq6rsGC2sX2cUV1cyKOd01ThuktPieeb5owNHNKL4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaeb9775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	top.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	1 KB 1 KB	71ms 69ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/top.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aac0e07b558e2b20dadf9abcda9ddc8177843a086ce65890cde9a858261f7c6c Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:27 GMT server cloudflare age 455784 etag W/"582-17f7310aea9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3JIeRry%2B5EO9V21AUSL8%2Bwbwx4mCGjCYKCfCw4XZ1x6lpzX25VzYdQWjBaZK6lbHBtpPhnjBiQlvGffnGtt3yJ%2BKWJ43zWCk5h2Scj2hHhNvhBmTTtWEScJLtaD%2BH70z29wkD6siPoxo8c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaebb775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	tags.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	4 KB 2 KB	74ms 72ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/tags.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe3869ee2a238261d1a3d4db775f3247abd2f1794cd6563363f27b0b3a4764e6 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:27 GMT server cloudflare age 455784 etag W/"f20-17f7310aea9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d93JTPGvLJ2kLkz6nB0YDbWQsl71pooUYpynqHM0v1dmdZyRoENypLnhANDclq0sHBXJwOqzJASVeBkuvYFUZiPDzY5MQPgqzKT40xmNb1hOKkWpo8ozk9PYtVuR%2F6f5Jn0HZVWx6bstBMk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaed5775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	categories.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	9 KB 4 KB	95ms 93ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/categories.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d3422da37398248c0960701300cd0cd9861b53f0d639fdd13d08eb74b22dac0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455947 etag W/"240b-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8wsKaYwLmAG6kGI3jKJtakkoNwuntWSUwLSmCSFyHRZxYVeNyQYXXUrwjafaZDqJU4lOJoressMf9nd%2BmPOYhuWvY0FH3ff1QSJZbJbx3E3EI7kQHaTuTmO4tKIrU0WqoMtuz9AFCT8yTg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaed8775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	channels.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	2 KB 2 KB	78ms 76ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/channels.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd20b8232e6823e09372d97b5acf2fb76b8ed4fcee5e328668f985d8fba95d34 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455916 etag W/"975-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRJXMFStDWe8v9YqzWmyMkLiLArApzl2bns%2BdtCPFgLda7JRJvMHsXJsDD0up6%2FIc7LRvNFyzyKzQRcITMdo0KztG5tjEUWRJif77XmBiD%2F%2BhhK7FYu8FfDw%2Bd1tvtjYHdR%2F%2Bz%2BpF3CbFfo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaedc775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	category.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	2 KB 1 KB	83ms 81ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/category.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03201b2abe6b2bb7cde67989ee30139964bd7338315d5b9e2eb883b500b89507 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:26 GMT server cloudflare age 455942 etag W/"818-17f7310acad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBhOZzl1Rii5c5wP7FeKsQlFteooeG42YcI6oDu7sPUdepiw5pRkXpaRIHa3N6HNA0Bh1JDRpjKAhxN%2FiFOlOy15PBrB6Oc9osVPaYNBluQVgajOOvEtcjywzmkJ6J7vyuObR%2FZ4NaCRo4c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaedf775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	tag.js Show response xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/	2 KB 1 KB	78ms 76ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/gJiW8uueaAVuAskVlmeBd/pages/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 542bab3842890b12aa349ee86fb89b41237d222e88a2753ec44bab4e90208667 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Mar 2022 09:02:27 GMT server cloudflare age 455909 etag W/"71a-17f7310aea9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct9csIPJMPE1hoMpiL%2FHhrTS%2BcSGR0D0uMnZA88iqYarifJAdCIdn92nibOCu8s5mkhgvt7nVwMfOueCBL6jyXHKFXnWtERD97lNB4QEJUU8InlhUgq9v7NTyGQyzIMVixpPUJvzrK5qGJY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d3aaee3775b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/d-mXuCLzw6y5qT6fqw/w320h240/	9 KB 9 KB	50ms 49ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/d-mXuCLzw6y5qT6fqw/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a9d69feeeee5f956f8cde02892bfeec8de85a18df1fcf2b9a5955d8a7f4fa2eb Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 9437 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cuzGuXCmnP3rrG2Rqg/w320h240/	11 KB 11 KB	62ms 52ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cuzGuXCmnP3rrG2Rqg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 9f44d98745bfbf0dc3746414a429eba1da4bf13b7bce42ef6e01cae9ec45f21a Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 11528 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/ILyVvSehyfu5-TnBrg/w320h240/	12 KB 12 KB	60ms 50ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/ILyVvSehyfu5-TnBrg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a11d98435777465f2806c40bad90a729a10b09f8ffda0ba6a433aa200f498735 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12239 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	171ms 54ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5914 date Tue, 15 Mar 2022 14:04:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 15 Mar 2022 16:04:46 GMT
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	200 KB 80 KB	162ms 63ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1444a063c94cfa79ba68e48981e827b3ee59dd30494c441e30185ca0081d4a06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 21848 x-jsd-version 1.222.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19170-FRA, cache-lcy19268-LCY timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"31fc5-NjwratANdFgJRvy0FUChPWp72LU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6ec65d3b7e377587-LHR
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 437 B	173ms 56ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1972506058.1647359001&jid=1520382189&gjid=1118182345&_gid=1593004515.1647359001&_u=YGBAiEABBAAAAE~&z=1983173851 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 15 Mar 2022 15:43:21 GMT content-type text/plain access-control-allow-origin https://xfantazy.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	118ms 55ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2096819374&t=pageview&_s=1&dl=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&ul=en-us&de=UTF-8&dt=ModelHub_com%20-%20Stepdaughter%20caught%20by%20stepdad%20gets%20a%20long%20fuck%20as%20punishment%20-%20XFantazy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1520382189&gjid=1118182345&cid=1972506058.1647359001&tid=UA-121614197-2&_gid=1593004515.1647359001&gtm=2wg370PLKQLTX&z=1562039055 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 11:18:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 15907 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%...	174 B 256 B	78ms 78ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A60296599258%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A794114279%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Ast%3A1647359001&t=gdpr%2814%29aw%281%29ti%282%29 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 7c1d1ea5717bd3091937d2cc5be04d1380c1b2b726a35904d899e7a851e1784d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT x-content-type-options nosniff last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 174 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT Redirect headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A60296599258%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A794114279%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Ast%3A1647359001&t=gdpr%2814%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/49415098/ Redirect Chain https://mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A10... https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A...	357 B 392 B	79ms 78ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A883909540%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647359001%3At%3AModelHub_com%20-%20Stepdaughter%20caught%20by%20stepdad%20gets%20a%20long%20fuck%20as%20punishment%20-%20XFantazy.com&t=gdpr%2814%29aw%281%29ti%282%29 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 148435d88aaafdee27548b88a3fece6a5429e287d361ad2b6ef123d0fbab4295 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT x-content-type-options nosniff last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 357 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT Redirect headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT location /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afp%3A1005%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A883909540%3Arqn%3A1%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647358999373%3Ads%3A35%2C141%2C513%2C20%2C0%2C0%2C%2C614%2C0%2C%2C%2C%2C1324%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647359001%3At%3AModelHub_com%20-%20Stepdaughter%20caught%20by%20stepdad%20gets%20a%20long%20fuck%20as%20punishment%20-%20XFantazy.com&t=gdpr%2814%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 186 B	238ms 79ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5e56e9f7c89bfb1ad5b7c06f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT last-modified Fri, 18 Feb 2022 11:36:57 GMT etag "620f5aa9-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 15 Mar 2022 16:43:21 GMT
GET		312873 a.focusde.info/api/spots/ Frame DE5B	0 0
GET		312875 a.focusde.info/api/spots/ Frame 976C	0 0
GET		312874 a.focusde.info/api/spots/ Frame 4577	0 0
GET		303891 a.focusde.info/api/spots/ Frame B516	0 0
GET		303892 a.focusde.info/api/spots/ Frame 8A6A	0 0
GET H2	200	312873 Show response a.focusde.info/api/spots/ Frame 571F	12 KB 4 KB	103ms 103ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash 2d2bca4f778405937a500a1f6db2d6ae09c95b4f0437c01d71654db448b69a54 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	312875 Show response a.focusde.info/api/spots/ Frame 37EC	12 KB 3 KB	103ms 103ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/312875?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash b59db155775774676829e158d80b4d1b572547b572e59ce8490ce5f39286178b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	312874 Show response a.focusde.info/api/spots/ Frame C575	12 KB 3 KB	110ms 109ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash 8f2e8161e0b77d6c6d2c44674610489da07bdd169874b3da54ae4df389940c8a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	303891 Show response a.focusde.info/api/spots/ Frame C491	12 KB 4 KB	110ms 110ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash 8dd0f6d284769a3b4159ff37873795ef8bf064716b2ec9ec65c97018b2756cd6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	303892 Show response a.focusde.info/api/spots/ Frame B7F6	12 KB 4 KB	107ms 107ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash 92346fd252bdb05d25aaac9a413b9e9bfd62a1cc158b1cfeafb9bb82e927587f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	303894 Show response a.focusde.info/api/spots/ Frame 145B	12 KB 4 KB	89ms 88ms	Document text/html	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash a74d0dc47a46505ca5849b532b9498a2f8e356af5a5ff77e07b1798936182e9c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private content-encoding gzip
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cOrAuXGgmaa4_j-Qrg/w320h240/	12 KB 12 KB	50ms 49ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cOrAuXGgmaa4_j-Qrg/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 3401830fdfbfaa9be8c22865c14922adcc007016c48546f8d192ee22dbbc0479 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12133 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/d-qUu3GizvzpqzTBqg/w320h240/	18 KB 19 KB	98ms 97ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/d-qUu3GizvzpqzTBqg/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash d9becf3fa032460ebd2ea6f16f9bbd32b7d7fa78968296a68392cc91567a4492 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 18917 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	502	0.jpeg static-cache.k2s.cc/thumbnail/dezGvX-hzqnl-mjC9w/w320h240/	0 0	52ms 51ms	Image text/html	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/dezGvX-hzqnl-mjC9w/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	502	0.jpeg static-cache.k2s.cc/thumbnail/Ju-QtXClwvjlrjmUrg/w320h240/	0 0	50ms 49ms	Image text/html	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/Ju-QtXClwvjlrjmUrg/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	502	0.jpeg static-cache.k2s.cc/thumbnail/IbiQtCT0w6y6-2iW_g/w320h240/	0 0	50ms 50ms	Image text/html	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/IbiQtCT0w6y6-2iW_g/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/Ir6Q6HKlyKvt-jyT-g/w320h240/	9 KB 9 KB	51ms 51ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/Ir6Q6HKlyKvt-jyT-g/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash dcc6c8d92bff17e153da60a588a99bc4d978c5c6663cab043c92f4f681e3cd71 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 9175 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/ce2UtXGhnvrt8GjB9w/w320h240/	11 KB 11 KB	97ms 96ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/ce2UtXGhnvrt8GjB9w/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash c2bb0b3765c7bcac58357af201d9909f9d6b2bba3c57273370873645f7a0e41c Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 11191 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/J-yXtH-lm6nqqzqU-A/w320h240/	16 KB 17 KB	100ms 100ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/J-yXtH-lm6nqqzqU-A/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 5842a9d879dbdd4a84945f39551a96b861cad2afa042590251b1ffa61ab8c279 Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 16827 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/IunB7CPzm_zp8DTC-A/w320h240/	12 KB 13 KB	99ms 99ms	Image image/jpeg	2a00:1178:4:2::222 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/IunB7CPzm_zp8DTC-A/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::222 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash e96ce844f8b72981bd63cb1795b30d6fafe800dd4110fc953d67064efab2266c Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12750 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	289411 Show response a.focusde.info/api/spots/	816 B 711 B	83ms 83ms	Script text/javascript	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/289411?host=xfantazy.com&ev=191&wh=1200&ww=1600 Requested by Host: a.focusde.info URL: https://a.focusde.info/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash dd1042654788b842935d051b9899c4b519b1b2bee0c207f0d8ee7d059355771a Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	374659 Show response a.focusde.info/api/spots/	47 B 268 B	80ms 80ms	Script text/javascript	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.focusde.info/api/spots/374659?host=xfantazy.com&ev=191&wh=1200&ww=1600 Requested by Host: a.focusde.info URL: https://a.focusde.info/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash ed46570e26b00c73ed75f321cdc0b219a7cb57721c5f20f24c1f54e52180da0b Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9578.vbyJiqtInNMB9RINMPsSzZiCL29i3ZZ_lU0Xgh8vEtKiybRc8PjTkbc_CoRH4eeN.f0gc2xvVCP9em1YUsgKL0S4HwU8%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9578.GL45If1aQB-BpZ5XfGJvh-ljic6AbdlmgQhaQlInsdDJ2sr05-T5JWZ_fGGedt2Elorz387HvrVTFQgwz4sCzIslK4mg8p-jhE5PWwjKXwE%2C.bt_eE4bNusgINjds2G5hnoTIIC...	43 B 358 B	100ms 100ms	Image image/gif	80.239.201.44 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9578.GL45If1aQB-BpZ5XfGJvh-ljic6AbdlmgQhaQlInsdDJ2sr05-T5JWZ_fGGedt2Elorz387HvrVTFQgwz4sCzIslK4mg8p-jhE5PWwjKXwE%2C.bt_eE4bNusgINjds2G5hnoTIIC4%2C Protocol H2 Server 80.239.201.44 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS 80-239-201-44.teliacarrier-cust.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9578.GL45If1aQB-BpZ5XfGJvh-ljic6AbdlmgQhaQlInsdDJ2sr05-T5JWZ_fGGedt2Elorz387HvrVTFQgwz4sCzIslK4mg8p-jhE5PWwjKXwE%2C.bt_eE4bNusgINjds2G5hnoTIIC4%2C date Tue, 15 Mar 2022 15:43:21 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
POST H2	200	1 mc.yandex.ru/watch/49415098/	43 B 73 B	79ms 79ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A461013869%3Arqn%3A2%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647358999373%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1881%2C1881%2C46%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647359001&t=gdpr(14)mc(p-5)lt(27400)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22debug%22%3A%22page-view%22%7D Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
POST H2	200	1 mc.yandex.ru/watch/49415098/	43 B 73 B	81ms 80ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A153552710%3Arqn%3A3%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647358999373%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647359001&t=gdpr(14)mc(p-5)lt(27400)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22ads%22%3A%7B%22awe-pops%22%3A0%7D%7D Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
POST H2	200	1 mc.yandex.ru/watch/49415098/	43 B 73 B	80ms 79ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A955330864%3Arqn%3A4%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647358999373%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647359001&t=gdpr(14)mc(p-5)lt(27400)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22events%22%3A%7B%22experiment%22%3A%7B%22variant%22%3A%22experiment-recommended-1%22%7D%7D%7D Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
POST H2	200	1 mc.yandex.ru/watch/49415098/	43 B 73 B	80ms 80ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A1019487076%3Arqn%3A5%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647358999373%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647359001&t=gdpr(14)mc(p-5)lt(27400)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22events%22%3A%7B%22ab-test%22%3A%7B%22variant%22%3A%22save-to-button-2-0%22%7D%7D%7D Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
POST H2	200	1 mc.yandex.ru/watch/49415098/	43 B 73 B	80ms 80ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e56e9f7c89bfb1ad5b7c06f&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoctnsftpvxmegov%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1616600228376%3Ahid%3A407057392%3Az%3A0%3Ai%3A20220315154321%3Aet%3A1647359001%3Ac%3A1%3Arn%3A511566702%3Arqn%3A6%3Au%3A1647359001899075507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647358999373%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647359001&t=gdpr(14)mc(p-5)lt(27400)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22events%22%3A%7B%22deviceRotate%22%3A%7B%22orientation%22%3A%22portrait%22%7D%7D%7D Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language en-GB,en;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT last-modified Tue, 15-Mar-2022 15:43:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 15-Mar-2022 15:43:21 GMT
GET H/1.1	200 OK	ads.js Show response ads.realsrv.com/ Frame 571F	2 KB 1 KB	209ms 50ms	Script application/javascript	2001:4de0:ac19::1:b:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.realsrv.com/ads.js Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash b300bf1cad50f8afd2712de0ba4aa2277bf5607d07dd2cbee450e1579a8ccec7 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Content-Encoding gzip Server nginx etag W/"f4fddb85b686269b678e3caf766" X-HW 1647359001.dop146.am5.t,1647359001.cds237.am5.shn,1647359001.cds237.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 974
GET H/1.1	200 OK	iframe.php Show response a.realsrv.com/ Frame 512A	4 KB 2 KB	214ms 55ms	Document text/html	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/iframe.php?idzone=4612486&size=300x250 Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312875?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash a3312c1fabf552e264c8a2725b6ac321fa634e735e47f37536f21a9f52f5e72b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Connection Keep-Alive Content-Encoding gzip Content-Length 1347 Content-Type text/html; charset=UTF-8 Accept-Ranges bytes Server nginx Cache-Control max-age=10800 Access-Control-Allow-Origin * * X-HW 1647359001.dop144.am5.t,1647359001.cds119.am5.shn,1647359001.dop144.am5.t,1647359001.cds279.am5.c
GET H2	200	0e57074c1290410e8afd43d17ba04db5.html Show response tsyndicate.com/iframes2/ Frame BC1C	13 KB 5 KB	220ms 92ms	Document text/html	168.119.1.208 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/0e57074c1290410e8afd43d17ba04db5.html? Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.1.208 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.1.119.168.clients.your-server.de Software nginx / Resource Hash e40ffb6d5515e2a246783b9b352386c982d580288542cae042826ad0c5aa556d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ Response headers server nginx date Tue, 15 Mar 2022 15:43:21 GMT content-type text/html; charset=utf-8 vary Accept-Encoding * cache-control no-cache, no-store, no-transform, must-revalidate no-transform pragma no-cache expires 0 x-api-version 2 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script x-request-id 3ac44eee2af0a353 x-robots-tag none noindex, nofollow report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-encoding gzip
GET H2	200	n.js Show response cdn.tsyndicate.com/sdk/v1/ Frame B7F6	27 KB 10 KB	267ms 59ms	Script application/javascript	67.27.235.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.tsyndicate.com/sdk/v1/n.js Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.235.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash e6e8da5e918f13404fa6471dd07edb5fcc60e08d0ad93dffe93daa12c2839c3e Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Thu, 10 Mar 2022 12:29:08 GMT server nginx age 442101 etag W/"6229ef14-6d41" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 10208
GET H/1.1	200 OK	nativeads-v2.js Show response a.exdynsrv.com/ Frame 145B	57 KB 16 KB	233ms 52ms	Script application/javascript	2001:4de0:ac19::1:b:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.exdynsrv.com/nativeads-v2.js Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9f77b353829d052be698a12f57cb909b318f48038f545d7980479c9953c65c76 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Content-Encoding gzip Server nginx etag W/"352538cc65403078080246c646a" X-HW 1647359001.dop110.am5.t,1647359001.cds140.am5.shn,1647359001.dop110.am5.t,1647359001.cds212.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 16291
GET H/1.1	200 OK	iframe.php Show response a.realsrv.com/ Frame 546C	4 KB 2 KB	203ms 52ms	Document text/html	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/iframe.php?idzone=4612488&size=900x250 Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 48c1fea64884732cf0a34b6623ce966fa17963cf4c792bdedae799e8aa322490 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Connection Keep-Alive Content-Encoding gzip Content-Length 1347 Content-Type text/html; charset=UTF-8 Accept-Ranges bytes Server nginx Cache-Control max-age=10800 Access-Control-Allow-Origin * * X-HW 1647359001.dop120.am5.t,1647359001.cds126.am5.shn,1647359001.dop120.am5.t,1647359001.cds156.am5.c
GET H2	200	11865707197193958013 a.focusde.info/api/click/ Frame 37EC	0 111 B	61ms 60ms	Image text/plain	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.focusde.info/api/click/11865707197193958013?c=90 Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312875?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/api/spots/312875?p=1&s1=%subid1%&kw= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 15:43:21 GMT cache-control private access-control-allow-credentials true server nginx content-length 0
GET H2	200	13749349556415027013 a.focusde.info/api/click/ Frame C575	0 111 B	60ms 60ms	Image text/plain	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.focusde.info/api/click/13749349556415027013?c=90 Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 15:43:21 GMT cache-control private access-control-allow-credentials true server nginx content-length 0
GET H/1.1	200 OK	ads-iframe-display.php Show response syndication.realsrv.com/ Frame FFD8	3 KB 2 KB	171ms 62ms	Document text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/ads-iframe-display.php?idzone=4236550&type=300x250&p=1&dt=1647359001634&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.realsrv.com URL: https://ads.realsrv.com/ads.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash cc35f0456303bf568e53d0e52aa0aabe5d2a8eb9666b22708f495afe98d67f46 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ Response headers Server nginx Date Tue, 15 Mar 2022 15:43:21 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Encoding gzip
GET H2	200	9929498352931562013 a.focusde.info/api/click/ Frame 571F	0 111 B	63ms 62ms	Image text/plain	157.90.183.249 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.focusde.info/api/click/9929498352931562013?c=90 Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.90.183.249 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.249.183.90.157.clients.your-server.de Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 15:43:21 GMT cache-control private access-control-allow-credentials true server nginx content-length 0
GET H/1.1	200 OK	ad-provider.js Show response a.realsrv.com/ Frame 512A	89 KB 25 KB	51ms 51ms	Script application/javascript	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/ad-provider.js Requested by Host: a.realsrv.com URL: https://a.realsrv.com/iframe.php?idzone=4612486&size=300x250 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash c1c5e08305651c69a0eca9c9149180892279e703b730ee232303707b7f272d38 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.realsrv.com/iframe.php?idzone=4612486&size=300x250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Content-Encoding gzip Server nginx etag W/"920256c581b3d291feefde4d078" X-HW 1647359001.dop120.am5.t,1647359001.cds126.am5.shn,1647359001.dop120.am5.t,1647359001.cds101.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 25280
GET H/1.1	200 OK	ad-provider.js Show response a.realsrv.com/ Frame 546C	89 KB 25 KB	52ms 52ms	Script application/javascript	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/ad-provider.js Requested by Host: a.realsrv.com URL: https://a.realsrv.com/iframe.php?idzone=4612488&size=900x250 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash c1c5e08305651c69a0eca9c9149180892279e703b730ee232303707b7f272d38 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.realsrv.com/iframe.php?idzone=4612488&size=900x250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Content-Encoding gzip Server nginx etag W/"920256c581b3d291feefde4d078" X-HW 1647359001.dop144.am5.t,1647359001.cds119.am5.shn,1647359001.dop144.am5.t,1647359001.cds101.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 25280
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame BC1C	8 KB 3 KB	317ms 59ms	Script application/javascript	8.241.89.249 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: a.focusde.info URL: https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.89.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash cece7c5413247ee86d32c4fcfa2ff0440955b192c3f44cfc469a6094ea4b39f2 Request headers Accept-Language en-GB,en;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Wed, 14 Jul 2021 13:43:18 GMT server nginx age 20859240 etag W/"60eee9f6-1e8b" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2819
GET H/1.1	200 OK	splash.php Show response syndication.exdynsrv.com/ Frame 145B	6 KB 5 KB	197ms 91ms	XHR text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exdynsrv.com/splash.php?native-settings=1&idzone=4191184&cookieconsent=true&sub=&p=https%3A%2F%2Fxfantazy.com%2F Requested by Host: a.exdynsrv.com URL: https://a.exdynsrv.com/nativeads-v2.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 1af091fac581e9be4215459dbe38041028135718baf6c1d4e9b31411ff942d5f Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://a.focusde.info Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	n.css cdn.tsyndicate.com/sdk/v1/ Frame B7F6	19 KB 19 KB	58ms 58ms	Stylesheet text/css	67.27.235.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.tsyndicate.com/sdk/v1/n.css Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.235.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 79ebc0f15cd767ec1f7e624730bedc0fdac746e41dbb8b2fbf1a1d1ec3b6877d Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT last-modified Thu, 10 Mar 2022 12:27:58 GMT server nginx age 442101 etag "6229eece-4bd3" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 19411
GET H2	200	dynamic Show response tsyndicate.com/do2/e4ff6c22a04642a9a224af216e5a12b2/ Frame B7F6	17 KB 9 KB	172ms 172ms	Script application/javascript	168.119.1.208 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/do2/e4ff6c22a04642a9a224af216e5a12b2/dynamic?format=jsonp&count=4&w=1600&h=1200&adtype=label-over&tz=0&callback=callback_aFTTk Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.1.208 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.1.119.168.clients.your-server.de Software nginx / Resource Hash 4c556bd8d8573d1bb12538ad24394bb57793adb9719d361f361a86607a48cb98 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip server nginx x-api-version 2 vary Accept-Encoding, * report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow x-request-id 4c16b4e1805ed913 expires 0
POST H/1.1	200 OK	api.php Show response syndication.realsrv.com/v1/ Frame 512A	1 KB 1 KB	123ms 80ms	XHR application/json	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/v1/api.php Requested by Host: a.realsrv.com URL: https://a.realsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash fce285e257f8621b144dcc2814d871d4a96e812cff788643b70445f1767f5716 Request headers Referer https://a.realsrv.com/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Access-Control-Request-Method POST Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://a.realsrv.com Access-Control-Allow-Credentials true Connection keep-alive Content-Encoding gzip Access-Control-Allow-Headers Authorization, Content-Type
POST H/1.1	200 OK	api.php Show response syndication.realsrv.com/v1/ Frame 546C	1 KB 1 KB	184ms 68ms	XHR application/json	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/v1/api.php Requested by Host: a.realsrv.com URL: https://a.realsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash cadb50c246d281c2a4a72a6dd18c722616c9edb9a61b63aaa453371b5867a482 Request headers Referer https://a.realsrv.com/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Tue, 15 Mar 2022 15:43:21 GMT Access-Control-Request-Method POST Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://a.realsrv.com Access-Control-Allow-Credentials true Connection keep-alive Content-Encoding gzip Access-Control-Allow-Headers Authorization, Content-Type
GET H/1.1	206 Partial Content	e8aaab4a625fd907267c943d0f63fac665d814ee.mp4 s3t3d2y8.ackcdn.net/library/348620/ Frame FFD8	51 KB 51 KB	218ms 49ms	Media video/mp4	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://s3t3d2y8.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4 Requested by Host: syndication.realsrv.com URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4236550&type=300x250&p=1&dt=1647359001634&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash 65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645 Request headers Referer https://syndication.realsrv.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Thu, 26 Mar 2020 22:21:37 GMT Access-Control-Allow-Origin * ETag "1585261297" X-HW 1647359001.dop237.am5.t,1647359002.cds290.am5.shn,1647359002.cds290.am5.c Content-Type video/mp4 Content-Range bytes 0-51899/51900 Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 51900
GET H/1.1	200 OK	cimp.php Show response syndication.realsrv.com/ Frame 512A	0 250 B	148ms 50ms	XHR text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P0WrDMAz8lf1AjCRLdtzn9gtGP8CJ7a2wtJCUkQ19/BQzxjjEHSeZOxMQDeAHlBfEE/sToY7kMCWHHhyjni9XNVrqfXN7y/dn/v5y82NRz2Mg0BiThKCJkwgpByTzVWBU5lFGJhVJkiKCMigpGDwTooRoEh1cBtEIen0990EDqQfYSWzfCygG81BhP55nEUwBJyot8US5woRNxLeQsBXm41CzW2v+2NbPXtbCrYXY3xJbrAOM1HPgDwN2en9sz9v9TdV0N25tzUtV/Xd6ICr+KuMQC0EMOJecW0zkZ881F18LzNLoB9R0iBFmAQAA Requested by Host: a.realsrv.com URL: https://a.realsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.realsrv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 15 Mar 2022 15:43:22 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	206 Partial Content	e8aaab4a625fd907267c943d0f63fac665d814ee.mp4 s3t3d2y8.ackcdn.net/library/348620/ Frame 512A	51 KB 51 KB	194ms 50ms	Media video/mp4	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://s3t3d2y8.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash 65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645 Request headers Referer https://a.realsrv.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Thu, 26 Mar 2020 22:21:37 GMT Access-Control-Allow-Origin * ETag "1585261297" X-HW 1647359002.dop238.am5.shc,1647359002.dop238.am5.t,1647359002.cds135.am5.c Content-Type video/mp4 Content-Range bytes 0-51899/51900 Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 51900
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/d/1/301af08c73a040f41032b6462cdf891b225a05/ Frame B7F6	4 KB 4 KB	79ms 59ms	Image image/webp	8.241.89.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/d/1/301af08c73a040f41032b6462cdf891b225a05/300x250.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.89.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 9bebfb1d71ffc9b31b88d4ba68948707cb8c1ae32af42fafb11d7d4ce93d3815 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Mon, 09 Aug 2021 08:10:11 GMT server nginx age 18862223 etag W/"6110e2e3-eea" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 3841
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/2/6/9fbc85f3638ed104e7207194f7bc302164580e/ Frame B7F6	4 KB 4 KB	80ms 59ms	Image image/webp	8.241.89.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/2/6/9fbc85f3638ed104e7207194f7bc302164580e/300x250.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.89.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 7e2dbe1f7f7de8165330d6650658e29fe55e4c518f84cd90a8e1dd2e73bfe60e Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Fri, 02 Oct 2020 19:33:15 GMT server nginx age 16420218 etag W/"5f77807b-1022" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 4153
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/e/4/4cebaf319e5ed908e6bb823d6632e28c1446df/ Frame B7F6	5 KB 5 KB	79ms 59ms	Image image/webp	8.241.89.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/e/4/4cebaf319e5ed908e6bb823d6632e28c1446df/300x250.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.89.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 103f9f9e8c8d32e1880fff6abb33d96e86783537f360bc12ca4b4e17765d6bfb Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Thu, 01 Oct 2020 00:18:13 GMT server nginx age 31400550 etag W/"5f752045-12d0" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 4839
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/c/f/b144edb8786cc3dabb96322d03d87564bc9470/ Frame B7F6	4 KB 5 KB	79ms 59ms	Image image/webp	8.241.89.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/c/f/b144edb8786cc3dabb96322d03d87564bc9470/300x250.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.89.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 82b0c5c77dcabf610ddba01fa2c0befd31b41b903a67a19b1935fe3773b50371 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:21 GMT content-encoding gzip last-modified Mon, 09 Aug 2021 08:10:12 GMT server nginx age 18862237 etag W/"6110e2e4-112e" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 4421
GET H/1.1	200 OK	0ff17f6a08e82c71d25ca5128cb6be77878b21a7.webp s3t3d2y8.ackcdn.net/library/348620/ Frame 145B	7 KB 7 KB	147ms 50ms	Image image/webp	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y8.ackcdn.net/library/348620/0ff17f6a08e82c71d25ca5128cb6be77878b21a7.webp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash f0f8c2a0717683c01f52477e27c5df9ae917a8f6acf25ceffb1c42b15e1898af Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Wed, 27 Oct 2021 16:43:40 GMT ETag "1635353020" X-HW 1647359002.dop125.am5.shc,1647359002.dop125.am5.t,1647359002.cds282.am5.c Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 6728
GET H/1.1	200 OK	e9c506c00ecd1b55c6c7a141505c118f43b7e596.webp s3t3d2y8.ackcdn.net/library/348620/ Frame 145B	7 KB 8 KB	147ms 51ms	Image image/webp	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y8.ackcdn.net/library/348620/e9c506c00ecd1b55c6c7a141505c118f43b7e596.webp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash f705132c72f6a8e8024338ccc0f0a73c3e7e815f09f36183cdda92eb6901bdce Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Wed, 27 Oct 2021 16:43:40 GMT ETag "1635353020" X-HW 1647359002.dop017.am5.shc,1647359002.dop017.am5.t,1647359002.cds250.am5.c Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 7320
GET H/1.1	200 OK	6ea995fa5ca219182d444309b7a2cb40a8e62cba.webp s3t3d2y8.ackcdn.net/library/348620/ Frame 145B	12 KB 13 KB	149ms 52ms	Image image/webp	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y8.ackcdn.net/library/348620/6ea995fa5ca219182d444309b7a2cb40a8e62cba.webp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash b461e6733dbf76ff6aecbee660a35a279821a038b527489b1e9188a95b147ef4 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Wed, 27 Oct 2021 16:43:40 GMT ETag "1635353020" X-HW 1647359002.dop228.am5.shc,1647359002.dop228.am5.t,1647359002.cds255.am5.c Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 12586
GET H/1.1	200 OK	f911c04abdd7f6ce6a165b5ec2935e51c4cb4ea9.webp s3t3d2y8.ackcdn.net/library/348620/ Frame 145B	6 KB 7 KB	151ms 52ms	Image image/webp	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y8.ackcdn.net/library/348620/f911c04abdd7f6ce6a165b5ec2935e51c4cb4ea9.webp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash d7eb1279788c1c5c34d929158294f86d15dfeb8f40dfde25732cd8da1e2a3f4d Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Thu, 28 Oct 2021 10:27:54 GMT ETag "1635416874" X-HW 1647359001.dop143.am5.t,1647359002.cds204.am5.shn,1647359002.dop143.am5.t,1647359002.cds126.am5.c Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 6642
GET H/1.1	200 OK	cimp.php Show response syndication.realsrv.com/ Frame 546C	0 250 B	132ms 53ms	XHR text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW2rDQAy8Si/gRdLqsZvv9AQlB1i/2kCdgB2KW3T4rjdQykjogTQzBEQdxA7lBfHE8UToiQLmHDBCYPTz68VrWabbFva53B7l5zsM98WjKpC6WRZVz5xFyFmROCUXSB4zUaWv3zliYvAa5FARmRBF7RgCVBYzcQO/vJ1bYgV5BthJwJ8enCpB7WFvDNJbHHqqgUMsYywgJWpSHHmWsR16CetUPrf1q/mt78lAPKMKHrqITx34Q4etfNy3x/X27l77trjOa1km93+nB6ypkCPz4VIH0NSzpjjOyjYP0Ctab7nwkCbGX24GnZxsAQAA Requested by Host: a.realsrv.com URL: https://a.realsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.realsrv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 15 Mar 2022 15:43:22 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	206 Partial Content	5d1dd5ff96561445ae3e2e84a047b015fa2b7eb6.mp4 s3t3d2y8.ackcdn.net/library/366026/ Frame 546C	34 KB 35 KB	180ms 52ms	Media video/mp4	2001:4de0:ac19::1:b:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://s3t3d2y8.ackcdn.net/library/366026/5d1dd5ff96561445ae3e2e84a047b015fa2b7eb6.mp4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash c58275e039cce53a47b1d98791f62eedb9e65cd1a86a439f61b23033f0d5ae91 Request headers Referer https://a.realsrv.com/ Accept-Encoding identity;q=1, *;q=0 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers Date Tue, 15 Mar 2022 15:43:22 GMT Last-Modified Tue, 24 Mar 2020 22:31:35 GMT Access-Control-Allow-Origin * ETag "1585089095" X-HW 1647359002.dop125.am5.shc,1647359002.dop125.am5.t,1647359002.cds006.am5.c Content-Type video/mp4 Content-Range bytes 0-35238/35239 Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 35239
GET H2	200	ls Show response stream.bantgoau.com/yt/ Frame F323 Redirect Chain https://tcimp.zog.link/in/banners?katds_ep=5DfG-0VRZETc4aLohf6PWeDfJqxJYOLuPThcC7IWyvS8Boi-sNCqIYZR1artEkd8PHqv2W5fzoaWAMr_AL4gaU-0w3VrKWHfs1edHeGx6ib40M51ICwlmIddnxdY2ZyCGT1AnOLBdvYb8KaAWUHjFWHZ9r... https://tb.baimgfroggd.site/in/1883/?user_id=923187157c5f7ee4f401959c1a75d4ed5a24206b&bid=0.042860&katds_labels=&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14&ts=1647359001&tcbbi=http... https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&s...	10 KB 5 KB	185ms 75ms	Document text/html	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/0e57074c1290410e8afd43d17ba04db5.html? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64c46bbb56e726748ead59b9501935cb0119f8e367913b71645414f4b4404906 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://tsyndicate.com/ Response headers date Tue, 15 Mar 2022 15:43:22 GMT content-type text/html; charset=utf-8 vary Accept-Encoding access-control-allow-credentials true access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbN%2Fk9a4ku7Gk2dCI1lLJNefiV2dpJvTlRgitaCQtzGLZxraBJOmBF6wSQEsz2ABB8pWu0dPTwauvpxuH1BIold2sk1%2FSljf7ahEYSRWQMg8L3W9OXZgz5qbCsAnmSzZD3Nqf0cgEymIWzSP1s7MyL0A"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ec65d455f6876fc-LHR content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers server nginx/1.17.2 date Tue, 15 Mar 2022 15:43:22 GMT content-type text/html; charset=UTF-8 content-length 0 location https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 cache-control no-cache, no-store, must-revalidate pragma no-cache vary *
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame BC1C	24 B 127 B	184ms 59ms	Script text/javascript	136.243.134.97 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0TouMFCRJgxdBbGcEjnzEIRMcTQkFEmBgwaLWbYKIOjBY0bOELmKFPDZBgYYWjgwAGjRg4YYmaIcDiGTZqFMmLYcBimzhiMNWTIuFEDhtAWZmTAuHEyBo4cLXDMmEHmpMscN8aQGdMSBgyeIsSkIYMxRlqDdiZyhUFUBJw6YibKwEnxIRw4C3HcoDHD4Rw4EnXMuHGD6o0cRcmYmeiwjZuLOmI4rusQzuXMNmrQ8FvnrY6BdOjAmaPjxQs6Y9K0geNCz5szLn66WfMijZsXYsK4cYNwzo81YeiQmfOlDJweNYiYOdIChhUpWopQGUMjDJM3aMzYgHKlzHQlcfAoyfKESR0oVNCMGXIjyZU8dqbgEPImTYs5nBgijiSy0EKKGMKQg44i1iADByiQiMMOGa6owYzbwrgiiCbk-CIIJmg4I4wqrLtjBivkWOIKJMyYI4YyyECijCPwsCGNjWBoooYYkhjiDjbaSIIMMtzAg4wsZNAijyGOoCKGINxwTwgy7MhCDByWCCOIK6pAQg0jWNQiBzmUYIIJOYqQwgo77EhiDCzALAMNMa5IwogmvoByBiTqw6MKO-DQA4oZpqhjvzjYOEMIJmCYQQobkkDCBhjsqDNBLOioMQYq5NDjCCOoqKKNGMi4Iw45hqgiBj2WEOONiGRIYwokrvAOjiukgEOOMNYwQ4w1PNrPSRvEOGIJKGgIAg4abGDjiDy4w0IIQvEsQ41Ub8DCDiVauIG2Nr4YYw0nlohijSfGENeKN2LIYQY4YIBDhjyYwKKKN-Q4o4YppMhBiSS-qIMKb28QQ43zkpSjDS3CICIHOu4IQgbc3iACBieewKNUJIq4Qws28LAijRvwYGMOhuX4VY821pihjDfcIOKJGqDIIw0kYPgVBzLEOOMOO6TAAYkqZEBDVimcoGEIOpz4wgky0tCjXhiiGKIMKvTQwwwnrtDijTyaYOOGJdaAIQkniAgjjyeQmCOJKppgQu0kqIqjCBqEECMKPdZgwgmMwxDDhjqWeEKK6uqQUos63mghCSJiiKGKMvIAkokcokADjxbGmEKOMa6A4Y07bLQUiRmizaKNM8S4QYohsnDCDhyGkMOKMYiYAo86sDBiiBm0UHuOIFYToo44msCCjSXcABmHIL6gIQcZ4GiBCimUwGKGL5wb40Q5bMCDCjjscIPsKdYgAoso1SjZfdrqgBCLJGCW41s4oHAiDzZGSkP7McQgDlEYw-GwcIMr6CEKbRDC9JygGjy4Dw35O8IU3EAaSmmhCXpwQwyukIXvHYENa6jCGc4QBTlMIQ1xCIINvpAEOEwBSUawgRnIcAM6ZMEIbMACeJqQhTxMgQZqYAMbbACYJ9ihDVcQAxW0EIQ53GEIV5jDatyQhjyMIQ9zYEITYOAVNhjhCGjIwxKo8AQsoDFKZUjCjp5QhCjAoD5UaAK0mmCHHDyBDlqQARbKoIQvMG0McSDCHKiQBBmcoZBxiIgVanAEJaShCEIYQw7Md4QmIOEyWZCDGJzQhDfAoAVPgIIaEPM2GnzhCVRowxLu0AQ6QCENVEBCE_IgAxycIQ5SKIMMjJAENEyBCcKTwhXOwLwwtABPdmjBGvQghxxAgQgCu4ENrsCEPOjhDlmowwnbUIc85EEMScBDG8gQhid8gXxZSEMW5nWG2rUAW3KQgh7gcIQ2jKFFpTMDEnhjBD0GAQ9C1ILUpPSGIcAACliQgRrwBQMjfGENRTjDFYYgBDY8AQZ5uJEdnlMGK8SgCJ9hQw7E0IQ70KAMOqsCHswQhjlogVFHWAMNIjgEM2TRCs3JQRqCcAONukEIICJJFFrQBjrYwAhnUAMOzIADKmRhDXBIgxwmoyYrhOEOMZAB0YIwhhtoQQlnQMIN7ICEM0xBhTV4woBawAQ9xWikWaBKFQrXAjGktI8KzNsajjCEGrQhBzl4Ax6OmQM3GMGUZ6tiGqqABjpQj61lQtAYhJAG6EEhBnBIghkMNgY0dcoGYzBsGYZABK7U4QZIGJgWsgAFKWAhC1cIQxIc24YntMAKM1gCEdqJgyfMIQdYQEM37SCuKmAhkFFQ7RGEkKgsKCE5bvgCFLQA1hmcYWJkqOcRYqCE8kyhBl-YwsyicAQ7mAELYlCRGarg2jy8wQpZyJcU5KaF3wVBDm6AgR4AdgQiVCG5LbjdFOIGg9KxoQZCKJoRcKAGKlCyBTbQQkuqcKI0qIEMZ2gCge0VAy1UR2BLuEETtCCHNdTAPr9MQr9iQIQ6tKAMUCCDDbYohOdaQQlEQIIM3zAHA--qLF_QAhWCkIS0kOENbcBIGFxgBljVYQ4HccFvoJyWMShnIVuYQQy64BnQLeRl1qmBQ94gZDGXgcwOEQNldAADF8DAL2P4zBfQ_OY4y6AGZRaBHAI1ET6Xgc5MxrOjHFKHOgAFNTWACVlsQBhv2SAHYzgJGVzSgjC8tAYyrvEMzDCeG4TBYDZISxoCgxocyMAF7srBqmcAZ9KkxUOmxkiqVz1YV8P6LYcOA0ZAqYc0FDEML6hBnEGAgiv8Rsl3mAMInEAFEHwkzjsAQbLdYAMaUNtGNEgBCJYFBzaUwTxiWEIa6EBsxrhgJMdeAhLoyAQWgOAnwQLBEQS9hjd0ewhokMOSy_ACXMNaJTRwAY9AMIVMKygN6L6BukndE6SgxrlpyZe4Ii6CiTuEDRcvghOSXIbjyqEMbAB0U2LgEhqcxSH6csNClGIThxzkuOwVTMxB_oU2vKEtOsBlDGgQ835XRgQ_XsjP79JvPOQhKCsvg5tTs5rWvMbJUB6DlKls5Te8IC1z8DNG-k0H5eSrBYozdwtiMAMXkEEGSb74Qb6g9rTQgdBDQckMbnIWv8h97ZrB9g3sjhM52wCXkvmCyBHzBS3zve53l3NRxKAYERzkpXVgg0Q8s_GFwKAnmYFBHxQQEA%3D%3D&s=72e77a7c80d5e6db7a18b4db60edbd2b7c0270250dd11abf5926a8560e72c14d1647359001&w=t&r=1&d=2&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/0e57074c1290410e8afd43d17ba04db5.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.134.97 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.97.134.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers Accept-Language en-GB,en;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/javascript; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/ Frame B7F6	35 B 132 B	60ms 59ms	Image image/gif	136.243.134.97 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TokDGDhYgwY-gsjPGQzpmFIsSMqSFGzIwbYlrEKAPjRgsaNGTAaIHjRhgaLcbMwGGGBhkcNcyMyTFGxMMwdXzqECEDx5idM2LIGBnRBkocYcq0hJHj5BiXMsQYzQGDhg0ZPyGSsbPQRg4cNB7CqSOGooyuFSHCgbPQJQ2HIubAmaiDJgwcVWU8HNOmrt8bMXLIGDzWjNnGYty4WSijBo20OHI8bOMGow7FMWzAWNv5s43LcuvIYVMZh9EaLh_WCUsUDR06cOboePHCDpk8ZticUTMmDx43ZlzUcZNmzBs5buDISXNw6QwXz9u8YOMCDho4P-D0GKPjDpmNOGzQWdN-Dhs2aebgQMOlDgwYMmyQ6WEjRgyPagipDJxgCCOGy26wqYwayqDhBvvw02-OHv4KbLEI87NBjB4swwyzHDLUT4zqeojBBRxEtAGOEodIQ4o0stDDihjVaGKGLNKAAQ8tqAhiBiaoiAKGJtQIgo4niCADDSeGiMFGPdBow4kjoqDBiSu0UOOJK5qIIg8issiihiuiOANIMd4IggoippBBiixocC4MMYKoIoghpggCjyyCSMMGHK44A4Yv6qhCDCKYQCIJFQsbDyTFGFNxjTLyuAM6_lQkQ4b-ZNA0hgoTW8zT-zQkY4YeYNCUhh7umkHTGno4QghNbegBDzPCcIOOMPTII7s32tD0hh6IKGOONeh4A44VnAiDjjTsKGOFJqojg41paS1VP5x6oEEsONqo7KFlxWXoITKCzSgMF8x4Y4w65jjIhTSSe0OsMZ5daAululhLjqFOxIHc6QJG8SExHtMBBhdgkEsOOw5DcLY60siohjBgIGMMG26I6YazxkCJjNhaCCPXGlog0IYZzDCj4zBCskGsNA4T4TUXFMsh5xkYpiEGseT4ouaMcNaZZ5-Bni2MjJp4Q4804AvjhRoaBgGFK-pN9445QHCCChBiYBiGHUDI2g0baCgbj7RTACEIurC9ogwxlkiDDqpBcmEGG65eAgkqmmCCBRDioxSEI8oYY4033B4CDTmCLeOFHHb2OS0aXKghBhCmODkM6vK-Ye-ZCRtKhFnFgu6LMU5P_SE2Ti_CCbEOsuMLOcpoDTQBN4-NBvwekuMMynSoYaUa0C3jdjHksEv529t4gwzXYlBLBDIip4hchXS4fro38MhjXBFyV3gg3HTj7QV23YVX3jLotfcFse7ISDT8xELj_pVgEGsOiGUkcrxSlhxawJy7jYRhm6rd6Q7yBQZaxFyiedAMatAVh0mwNhS8gQUxGAMcLAUoZMDdseDwBX2BJm0dvCB-5EKnvmCvDLmqAxsmspbYLSQvYwjX7eTwrDTca2EoskHHbECYz_ynDwoICA%3D%3D&r=1&s=9852f64bedd1aafea2a09c6ea098e9a6ebf6756f3b591f8f51d331d8d74c47b61647359001&w=t&ir=287x287 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.134.97 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.97.134.243.136.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/ Frame B7F6	35 B 132 B	60ms 59ms	Image image/gif	136.243.134.97 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TokDGDhYgwY-gsjPGQzpmFIm6IuYEjjA0bMFrQiFFDzEgbY8y0yNGRRgszZWCQMSODTJgcYWDQEPEwTJ0xGWXgUDlmRgwZLWJEtDHSY5kWOGC0bDEGxw0ZYobm2GlDRk-IZOwsxPoQTh0xFGVwrQgRDpyFV2k4FDEHzkQdM6RKzSHj4Zg2cPPSoNG3rUEzC70-FOPGzUIZNK7GsEHjYRs3GBnSkFEDhlnMmm3UIPmwjhw2kG_cgLHzs4g6X3UMpEMHzhwdL16sgcPGxZowb8OwSeNmzRwXY960eaHX6IwyOGq0qBFGzEmSZMawjEFjO44ZNMrYMJOjzIwaMXD8GBMmcBoyPcIXlhGDS53WMlLK-QK_R-TJKrsvv5TCoKOHIMiogw06QDiiDDcQGm5AGPSbI4YeWsqBQgvToKOMKqRgogc8zAjDDTrC0COP5Jbj0IY5PCyjv_jkmuHFMuBYroc9clyujxfFODFC_vzbQ0jHEKIRSPwqtCGMHnDAQYYXzWDjjTto5NFKLJd8cQzixlhDyyHSiGKGLNQYg4YsqMhChiaGaK0JKqxIgwkqopDhzSzoeIKKNZ0YIoY2tKBCiDW0UEOJNdpkA40miIgiiimEUIMNLYYgQqI6zhCiCSfaOMIIKtSQDo4xhJgiiDysYOMMJZ74oo4qxCCCCSSSAIuM5TIKwwUz3hijjjkOcqG4YMFqD68tjurCLDmC0gEHqGCw4aE34Ig2rmqvFUGMxHSAwQUY2hoDjja-0FbacVuzAYeH5LBDsJIeKuPcNhZqFwZ4YasjjYyqm2kMG2546QYbctiOBjJqwKGFMEycrgwybJjBDDMKDmMjG8BKQzARpnQhhhxyGHmGcUkCq0iQRSbZ5BhQdkFl08LIqIk39EiDDTbCeKEGckFA4YrieL1jDhCcoAKEGNrdAQSi3ajsaTwqSwGEIN5io4wryhBjCQ9_nuEGF2awQeglkKCiCSZYAIG4Ncpw8N413rh6CDTkWK6MF0omd2YcCHMhPRCmiDgMOdIQm2yzlZVWhCOEAOsN_sZ4PHKw2Hi8CCd2LcOOL-QoIzUdSrohPYdpaC3eMx7ToQYZYKjhoYNAF0OOuGj__Is23iADMhy6o11virBVSAfLRND2DTzygCzeMsKlzTbcdPs12GGLLeNYN4J9Aaw7MqKsNbDQED92GMCaQ96M9E6RDspbqMMND5Ual4yvaH_8oC_wB4uOfJWuMjdAD1fKZZE2yIYyNCBgDQwYgxv0xSdkCF0Z7PIFA1FkgAVsTVt2NxyE0OF4zaLBsyAiBryI4CAmWtBEzKI5ff0FXaCTg4HS8AZ9uQAHIJHMXzQTgxj0QQEBAQ%3D%3D&r=1&s=eae7173e4ff455202309f823ad1019806ff5f593770f790cc0146668a9dd0cf11647359001&w=t&ir=287x287 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.134.97 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.97.134.243.136.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/ Frame B7F6	35 B 132 B	61ms 60ms	Image image/gif	136.243.134.97 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TokDGDhYgwY-gsjPGQzpmFImzEKIOjxowYYlrcqIFDRgsaY8TEaCFGTMQWNnCIyWGDDA0ZNcrUsCHiYZg6YzLKwDHGzBiQJ2NEtIESR5gyLXDAyHGjxRgcN2SIIZoDBg0bMnxCJGNn4Y2HcOqIoSjDa0WIcOAszErDoYg5cCbqmDF1ag4ZD8e0masjhgwbMHL-JGNmYdiHYty4oQsDRozDD9u4wWh4hgwZMNJu7myjBg24deSwoZuDp9eHdcTqGEiHDhwdL17ckeiCTRo3a16M-T1mzY8xPcrkUYImiZo3M5gMUWLn-Rs8TfRkmZPETZA0T9Q4ycGljmXExNMYT0Omx5A0UWQ0uVKFhhMqTfBkSQNjBv4z8mCCCinUyEKNIujIoo3msshDsSeOSKIGJ9qIAoYm1LCCDfyyiEIIPNRgQ4shiJCojjOEaKIJN7IQQg817rBBDSGSIIKJO-oogokkvqijCjFuRCKJsch4o42MwnDBjDfGqGOOg1wAjsmxxghjry1A6iIyx3SAwYXLHpLDjsJiqCG2OtLIqIYwYCBjDBtuoGEkG3IYAyUySmohDDPCqKGFMsiwYQYzzIgzjBvE6OmhNAoTwSQXYsghh0hn-BK1seT4otGMIJWU0hgsdQHT2MLIqIk39EiDDTbCeKEGMEFA4QrgjLxjDhDwAyGGL2HYAQRa3bCBhl_xGDYFEIKQi40yrihDjCXSoOPVGW5wYQYbZF0CifyYYAGE39YoA4QjyjDuDWSHQEOOI8t4YVIwR8WBBhpcqCEGEKbgMww50qDWWmyrFIq2I4QY6w1NxxhYhILHYmPhIpwosgw7vpCjDNYMq4EkM-e1TMwzKNOhhtDOFOGgisWQg66HUP6ijTfIWIioGGhomV2KHnpDIR1sFgEOdvHIY2Yxy-iyttvmyO0FJZl0EsoypHSDyRfGuiOjGBKDYSw0sA5t64fmGDMjdum4EuEW6nBD2hZ4dYEMsVpe-KAv4B6LDiQNG_aGGWrwKkwR8J4taxr49tuyGKby2SCLy8jriysp2rvvv-GiGHJm5aCD5yxp2BIiMfY62Wig2JgorYdzFmEMONqoWI4r03hjoS9xsGFYHATrDLM-FAgI&r=1&s=7ca87d2a3ad1fff066001055a44482be1f67d1a2669898c3386730a2a07680fe1647359001&w=t&ir=287x287 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.134.97 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.97.134.243.136.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/ Frame B7F6	35 B 132 B	60ms 60ms	Image image/gif	136.243.134.97 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TokDGDhYgwY-gsjPGQzpmFImrAiBEmRw0ZNlrYEBMGRwsaZsaIaSGGTI2TZGDggPFxTJiIN3KIeBimzpiMMnCMUTkjhowWHceIpIEjTJkWNHPcaDEGxw0ZYoTmgEHDhgyeEMnYWWgjBw4aD-HUEUNRBteKEOHAWXiVhkMRc-BM1DGDplQZD8e0odv3RowcMgKLNVN2sRg3bhbKqNG06Y2Hbdxg1IE4hg0YajVztlE5bh05bCbjEAozx8M6YHUMpEMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ4eneGCeZsXbFzAQQPnB5weY3TcISPGqg06a9TPYcMmzRwcaLjUgQEjJJkeNmLEECOmxg0xyiCDpjBiqOwGM2goo4YyaLhhvvpCmqMHv2aqSQYI7SOpB8osuyrDkMSQrocYXMABRBvgGHGINKKIoQkijEDjCSqqyMOJNOzLoo0iaGCCCinayEKGJOjY0cUnhohhDRjPuINGK9TI4goj1HBCjzWiyIOILLKo4YoozpiBCTHeCIIKIqaQQYosaEDDKTGCqCKIIaYIAo8sgmAjDDNgEKOIL-qoQgwimEAiCRQHA2-GwxLDkD4N1ygjjzuaww9FMmTI79EIbSAjBgobVQzTGXqAAVMaerBrBkxr6OEIITC1oQc8zAjDDTrC0CMP695oA9MbeiCijDnWoOMNOFZwIgw60rCjjBWakI4MNqCNFdL7cOiBhrDgaGOyh5D9lqGHyPA1ozBcMOONMeqY4yAX0jDujbBu4msLo7pQSw6gOjMxXOj6LRGHh8RoTAcYXODoITnsKMxA2OpII6MawoCBjKVuoKGFG8waA6WXTuIzjBpaENCGGcwww4YbwgDQhrDSKEwE1lxALAebZ0iYhhjCkuMLmTOq-eacd-4ZtjAyauINPdJoL4wXalAYBBSukNfcO-YAwQkqQIghYRh2AMFqN2ygQWw8zE4BhCDmqvaKMsRYIg06ombUhRlsoHoJJKhoggkWQHBPUhCOKGOMNd5Yewg05PC1jBdywHlntGhwoYYYQJhi5OjsvgFvmAXrVwRYw2ruizFGL_0hNkYvwomwDrLjCznKUK2z_zCHiYb6GD5DMh1AgqGGcsuYXQw56ip-9jbeIGO1GNISgQzHKQpXIR2kh-4NPPIAV4TaD6bNNtx0S3fddt8tI955Xwjrjow-qy8sNOKXYf6H5mg4I8dzPVaOFiSHbklJWKZiN7qDfMGAFhnXZxw0gxpwZWEioEMbZOPAG0BQgjH4S0_IQDtiweELzKKI2TIYwfrEJQxi4Mv0ymCrOrBhImpp3ffG4K3ZyYFZaaAXwkxkA7MRTARj4Mx--qCAgAA%3D&r=1&s=35a3da38cace99fd0471fab62ce22766c83eb216741ee05a1e5070ed27ab8d101647359001&w=t&ir=287x287 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.134.97 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.97.134.243.136.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-GB,en;q=0.9 Referer https://a.focusde.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H3	200	ff159683dbce452dbc41714cc48a496d4bb58468-b.js Show response stream.bantgoau.com/files/ytls/ Frame F323	2 MB 654 KB	118ms 66ms	Script application/javascript	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT content-encoding br cf-cache-status HIT last-modified Mon, 14 Feb 2022 13:23:05 GMT server cloudflare age 1960 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWeKMMJVJnDVSTqVdmHajwcfJNopoXAyeP26%2Fp6mZDyIEpbY3pD0Ol4WIUB9lr%2BuZVkulSY%2F%2FO71%2Fx2hu0GtTAe55GCvpl2syDpzHNKGRDZdDrBwTd9MILAteU2tQgiCtoupMxvytrB2jBCDrH14Sh4X"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d462c6a8862-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff lh3.googleusercontent.com/ Frame F323	39 KB 39 KB	172ms 54ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 11:51:15 GMT x-content-type-options nosniff age 13927 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39552 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 15 Mar 2022 15:42:32 GMT
GET H2	200	3543_tIUgh65WJg30jsBM.jpg 12007250.pix-cdn.org/native/b/ Frame F323	23 KB 23 KB	187ms 58ms	Image image/jpeg	45.133.44.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software cloudflare / Resource Hash 2bf58ef445b49bcbb563c3f46f0c34093b9cae12cdbda7fd9c1b11f1f458776a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:22 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5247906 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23040 last-modified Fri, 10 Jan 2020 19:12:23 GMT server cloudflare etag "5e18cc97-5a00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMuGWEc5QSA8Tbt8mfD119zAuUTQsgsiYAkfRwar4CYq9%2BwroK8V8c3MQYqVXGvAzDP9LLtUd6SIDQuAJ5l1%2FsOeQrYmba1zvt3lesBXf9y8IZUaC3jynO2IS%2BPq"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes cf-ray 6d36f3a0ec5874f9-LHR x-proxy-cache HIT expires Tue, 15 Mar 2022 16:43:22 GMT
GET H2	200	/ Show response vs.bantgoau.com/sts/ Frame F323	2 B 229 B	163ms 51ms	XHR application/json	2a02:128:7:4722::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Fb%2F3543_tIUgh65WJg30jsBM.jpg&tcbbc=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F789%2F%3Fkatds_ep%3DYJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14&type=impression&g_referer=https://xfantazy.com Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4722::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 15:43:23 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server nginx/1.20.1 content-length 2 content-type application/json
GET H3	200	ff159683dbce452dbc41714cc48a496d4bb58468-v.js Show response stream.bantgoau.com/files/ytls/ Frame B39A	151 KB 57 KB	64ms 63ms	Script application/javascript	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43 Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https://12007250.pix-cdn.org/native/b/3543_tIUgh65WJg30jsBM.jpg&tcbbc=https://kts.vasstycom.com/in/789/?katds_ep=YJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:23 GMT content-encoding br cf-cache-status HIT last-modified Mon, 14 Feb 2022 13:22:57 GMT server cloudflare age 2506 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=til264jkLCzaiYnNpy81HkdCqwcQr7p07yve%2BZTvraaZ3M2TRxzzZNepUkc35CP5vqn4SdKbyJz6LNdjYqrL%2BAUVJq0tXeP6thVG%2FaoN8udNBSFPkDEV8xWkpIRADFUkjc%2FBUddHohnVQaNq5trcXUhl"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ec65d4bead18862-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	url Show response www.google.com/ Frame 0389 Redirect Chain https://tb.baimgfroggd.site/in/749?vid=sasPROregtU https://www.google.com/url?sa=D&q=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D%2A%26playsinline%3D1%26autoplay%3D1%26mute%3D1	603 B 1 KB	197ms 80ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/url?sa=D&q=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D%2A%26playsinline%3D1%26autoplay%3D1%26mute%3D1 Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash 53ae0e561fb2ffef461e2d1c7a90ca2dd643c93566bba77e0dc79ea6e3a29083 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer about:blank Response headers location https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 cache-control private content-type text/html; charset=UTF-8 strict-transport-security max-age=31536000 bfcache-opt-in unload p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." date Tue, 15 Mar 2022 15:43:24 GMT server gws content-length 603 x-xss-protection 0 expires Tue, 15 Mar 2022 15:43:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers server nginx/1.17.2 date Tue, 15 Mar 2022 15:43:24 GMT content-type text/html; charset=UTF-8 content-length 0 location https://www.google.com/url?sa=D&q=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D%2A%26playsinline%3D1%26autoplay%3D1%26mute%3D1 vary * cache-control no-cache, no-store, must-revalidate pragma no-cache
GET H2	200	sasPROregtU Show response www.youtube.com/embed/ Frame 0389	60 KB 26 KB	226ms 105ms	Document text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Requested by Host: www.google.com URL: https://www.google.com/url?sa=D&q=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D%2A%26playsinline%3D1%26autoplay%3D1%26mute%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d29f24be5c72537f4307ac618eef056d21629907e09388be9fa422c3cf38f667 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://www.google.com/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 15 Mar 2022 15:43:24 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* report-to {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94" p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info." content-encoding br server ESF x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	www-player.css www.youtube.com/s/player/bd67d609/ Frame 0389	338 KB 46 KB	119ms 55ms	Stylesheet text/css	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 14:16:14 GMT content-encoding br x-content-type-options nosniff age 5230 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47168 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 15 Mar 2023 14:16:14 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 0389	15 KB 15 KB	116ms 54ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 17:06:41 GMT x-content-type-options nosniff age 599803 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 08 Mar 2023 17:06:41 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/bd67d609/www-embed-player.vflset/ Frame 0389	279 KB 86 KB	70ms 54ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06f8162aa9ef077724723137428181eb5bdcbf05b03d9e86555fae1d139a9fe1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:44:28 GMT content-encoding br x-content-type-options nosniff age 86336 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88091 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:44:28 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/ Frame 0389	2 MB 522 KB	127ms 111ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4967c90c7eebc5acc487a8639d6fe35ef8073c3e3248bd32418b0b7bf5f0364a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:52:11 GMT content-encoding br x-content-type-options nosniff age 85873 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 534655 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:52:11 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/bd67d609/fetch-polyfill.vflset/ Frame 0389	9 KB 3 KB	148ms 133ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:44:29 GMT content-encoding br x-content-type-options nosniff age 86335 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:44:29 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 0389 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	124ms 62ms	XHR application/json	2a00:1450:4001:827::2002
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Server 2a00:1450:4001:827::2002 -, , ASN (), Reverse DNS Software cafe / Resource Hash dbdbf2b306f9fd2f64b4a43c8f20849ba7fc9be0b3b72dfd662173b3760a65d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:25 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 15 Mar 2022 15:43:25 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 0389	29 B 587 B	171ms 55ms	Script text/javascript	2a00:1450:4001:831::2006
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 -, , ASN (), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:38:13 GMT x-content-type-options nosniff age 312 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 15 Mar 2022 15:53:13 GMT
POST H3	200	player Show response www.youtube.com/youtubei/v1/ Frame 0389	37 KB 19 KB	148ms 147ms	XHR application/json	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 4d2bd20bf595e1485083b4faf528c3d5782177e83859a23f3e3aa330067e1959 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220313.00.00 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 X-Goog-Visitor-Id CgtQUzBXQkdWaVl5MCic6MKRBg%3D%3D Content-Type application/json Response headers date Tue, 15 Mar 2022 15:43:25 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18982 x-xss-protection 0 expires Tue, 15 Mar 2022 15:43:25 GMT
GET H3	200	b11n7QwaEucVJQMKB-LsSDNLMoQ5L9B69t4x3UT_5Ww.js Show response www.google.com/js/th/ Frame 0389	35 KB 13 KB	118ms 54ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/b11n7QwaEucVJQMKB-LsSDNLMoQ5L9B69t4x3UT_5Ww.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f5d67ed0c1a12e71525030a07e2ec48334b3284392fd07af6de31dd44ffe56c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 20:10:12 GMT content-encoding br x-content-type-options nosniff age 70393 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13670 x-xss-protection 0 last-modified Tue, 01 Mar 2022 18:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 14 Mar 2023 20:10:12 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/ Frame 0389	26 KB 8 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e53d8f8c7c4d7b0b843f8e1bcbd775c825f1ad2f4cf20c7eddfb22ea1909d620 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:52:12 GMT content-encoding br x-content-type-options nosniff age 85873 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7727 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:52:12 GMT
GET DATA	200 OK	truncated / Frame 0389	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ORcUW2WjZeXSjQs-G5S2M-0HM2At3LbWBWV2EsCZ1pIeGlq2Y0ytH5UNSudP4l5wu67C1QUgLUk=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 0389	1 KB 2 KB	500ms 55ms	Image image/jpeg	2a00:1450:4001:831::2001
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ORcUW2WjZeXSjQs-G5S2M-0HM2At3LbWBWV2EsCZ1pIeGlq2Y0ytH5UNSudP4l5wu67C1QUgLUk=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 -, , ASN (), Reverse DNS Software fife / Resource Hash 85e8d108860a19de50fb38251b731f7fc1b0f8a528762c10c9fae1e1fbd4f96a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 12:36:45 GMT x-content-type-options nosniff age 11200 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1362 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 16 Mar 2022 12:36:45 GMT
GET DATA	200 OK	truncated / Frame 0389	268 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad42e8a35d2104ef1e5ac594d0332cb386e20be762761ce2d5f28554dddf0f40 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 www.youtube.com/ Frame 0389	0 9 B	54ms 53ms	Image text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?ZYk4mw Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	204	qoe www.youtube.com/api/stats/ Frame 0389	0 19 B	67ms 66ms	Ping text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=134&afmt=140&cpn=LB-w2o5T9qEhZXhQ&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24136440%2C24158010%2C24169457%2C24169501%2C24169726%2C24180221%2C24182567&cl=433846713&live=live&seq=1&docid=sasPROregtU&ei=HbQwYryGDd7M1gLsi4KYDA&event=streamingstats&plid=AAXaQ6hTayqqHtRN&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=99.0.4844.51&c=WEB_EMBEDDED_PLAYER&cver=1.20220313.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.220:S,0.226:S,0.226:S&cmt=0.008:0.000,0.220:0.000,0.226:0.000&afs=0.226:140::i&vfs=0.226:134:134::r&view=0.226:300:250&bwe=0.226:130000&bat=0.226:1:1&vis=0.226:0&bh=0.226:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:25 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/ Frame 0389	119 KB 37 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f3520136e7ff0fa7f27ce2336f12301953eb15c1a8407839f654b802899f2ca2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:52:33 GMT content-encoding br x-content-type-options nosniff age 85852 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37785 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:52:33 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/ Frame 0389	26 KB 7 KB	59ms 59ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f11b129708fb4e2e1167331e558fed1edc12495cf28c7053295b37dbcb4cc10f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:52:12 GMT content-encoding br x-content-type-options nosniff age 85873 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7199 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:52:12 GMT
GET H3	200	heartbeat.js Show response www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/ Frame 0389	26 KB 9 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/heartbeat.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f63dc12b5c6fa8bf0464a8be713e7531b70125ec56bc1a13cdaf672e6b83dc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 15:55:19 GMT content-encoding br x-content-type-options nosniff age 85686 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8975 x-xss-protection 0 last-modified Mon, 14 Mar 2022 00:13:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 14 Mar 2023 15:55:19 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame 0389	29 KB 5 KB	333ms 333ms	XHR application/json	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash a440f58f2119f3bd56af13a29293be63c5f066be12d94c1f3c0be6dc47e76527 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220313.00.00 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 X-Goog-Visitor-Id CgtQUzBXQkdWaVl5MCic6MKRBg%3D%3D Content-Type application/json Response headers date Tue, 15 Mar 2022 15:43:25 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4917 x-xss-protection 0 expires Tue, 15 Mar 2022 15:43:25 GMT
GET H/1.1	200 OK	videoplayback Show response rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	21 KB 22 KB	229ms 64ms	XHR video/mp4	2a00:1450:4016:b::9
General Check archive.org Show headers Download Go to Full URL https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=134&aitags=133%2C134%2C135%2C136%2C160&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgYyCUFA_q5cIj-in1wYnWfbFTu93SeB6PSaG9L-HMoJoCIGmWFu0dbvFTBA4z7o58zoO7SS447c2H_sp5PMJkyiZI&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&headm=1&rn=1&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4016:b::9 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash fa1ac20c2f9f42571272d87874bae200eaf81ca6ed608827bf10f7db9eb6643d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers X-Sequence-Num 11043 Date Tue, 15 Mar 2022 15:43:25 GMT X-Content-Type-Options nosniff X-Segment-Lmt 1647347966108467 X-Bandwidth-Est 282127 X-Bandwidth-App-Limited false Cross-Origin-Resource-Policy cross-origin X-Bandwidth-Est2 93213 Connection keep-alive X-Walltime-Ms 1647359005853 Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 21068 X-Bandwidth-Est3 636494 Pragma no-cache X-Bandwidth-Est-Comp 93213 Last-Modified Tue, 15 Mar 2022 12:39:26 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin https://www.youtube.com X-Head-Time-Sec 11043 Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control no-cache, must-revalidate Access-Control-Allow-Credentials true X-Head-Seqnum 11044 Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com X-Head-Time-Millis 11043233 X-Bandwidth-Est-App-Limited false Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	videoplayback Show response rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	22 KB 23 KB	228ms 64ms	XHR audio/mp4	2a00:1450:4016:b::9
General Check archive.org Show headers Download Go to Full URL https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgY5lg6vC2GZDmZsoai8s-WvOtxA_se4f6fmfMRG3UjokCIQD6bkzenTKCl_QNMvrmMXoGm_UYseYgnRDVwSe5jgwxuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&headm=1&rn=2&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4016:b::9 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash 06f987e98dc1107ca3e8302d329e7b79ab395c15810b9758e327bc19a33037d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers X-Sequence-Num 11043 Date Tue, 15 Mar 2022 15:43:25 GMT X-Content-Type-Options nosniff X-Segment-Lmt 1647347966108464 X-Bandwidth-Est 281206 X-Bandwidth-App-Limited false Cross-Origin-Resource-Policy cross-origin X-Bandwidth-Est2 93020 Connection keep-alive X-Walltime-Ms 1647359005853 Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 22078 X-Bandwidth-Est3 612742 Pragma no-cache X-Bandwidth-Est-Comp 93020 Last-Modified Tue, 15 Mar 2022 12:39:26 GMT Server gvs 1.0 Vary Origin Content-Type audio/mp4 Access-Control-Allow-Origin https://www.youtube.com X-Head-Time-Sec 11043 Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control no-cache, must-revalidate Access-Control-Allow-Credentials true X-Head-Seqnum 11044 Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com X-Head-Time-Millis 11043233 X-Bandwidth-Est-App-Limited false Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 0389	4 KB 3 KB	181ms 63ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 15:43:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 15 Mar 2022 15:43:25 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/99/ Frame 0389	53 KB 15 KB	117ms 54ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/99/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 14:19:05 GMT content-encoding gzip x-content-type-options nosniff age 5060 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15479 x-xss-protection 0 last-modified Mon, 10 Jan 2022 16:05:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Wed, 16 Mar 2022 14:19:05 GMT
GET H3	200	videoplayback rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	23 KB 0	132ms 66ms	Fetch video/mp4	2a00:1450:4016:b::9
General Check archive.org Show headers Download Go to Full URL https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=134&aitags=133%2C134%2C135%2C136%2C160&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgYyCUFA_q5cIj-in1wYnWfbFTu93SeB6PSaG9L-HMoJoCIGmWFu0dbvFTBA4z7o58zoO7SS447c2H_sp5PMJkyiZI&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&sq=11044&rn=3&rbuf=884 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4016:b::9 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-sequence-num 11044 date Tue, 15 Mar 2022 15:43:26 GMT x-content-type-options nosniff x-segment-lmt 1647347966108475 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 86630 x-walltime-ms 1647359006032 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-bandwidth-est-comp 86630 expires Tue, 15 Mar 2022 15:43:26 GMT last-modified Tue, 15 Mar 2022 12:39:26 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://www.youtube.com x-head-time-sec 11043 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 x-bandwidth-est3 636494 x-head-seqnum 11044 access-control-allow-credentials true timing-allow-origin https://www.youtube.com x-head-time-millis 11043233 x-bandwidth-est-app-limited false client-protocol quic
GET		videoplayback rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	0 0
GET H3	200	videoplayback rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	20 KB 0	132ms 70ms	Fetch audio/mp4	2a00:1450:4016:b::9
General Check archive.org Show headers Download Go to Full URL https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgY5lg6vC2GZDmZsoai8s-WvOtxA_se4f6fmfMRG3UjokCIQD6bkzenTKCl_QNMvrmMXoGm_UYseYgnRDVwSe5jgwxuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&sq=11044&rn=5&rbuf=898 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4016:b::9 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-sequence-num 11044 date Tue, 15 Mar 2022 15:43:26 GMT x-content-type-options nosniff x-segment-lmt 1647347966108473 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 86630 x-walltime-ms 1647359006033 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-bandwidth-est-comp 86630 expires Tue, 15 Mar 2022 15:43:26 GMT last-modified Tue, 15 Mar 2022 12:39:26 GMT server gvs 1.0 vary Origin content-type audio/mp4 access-control-allow-origin https://www.youtube.com x-head-time-sec 11043 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 x-bandwidth-est3 612742 x-head-seqnum 11044 access-control-allow-credentials true timing-allow-origin https://www.youtube.com x-head-time-millis 11043233 x-bandwidth-est-app-limited false client-protocol quic
GET		videoplayback rr4---sn-h0jeenl6.googlevideo.com/ Frame 0389	0 0
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 0389	28 B 54 B	73ms 71ms	XHR application/json	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/en_GB/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 X-YouTube-Client-Version 1.20220313.00.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtQUzBXQkdWaVl5MCic6MKRBg%3D%3D X-YouTube-Ad-Signals dt=1647359005092&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image Response headers date Tue, 15 Mar 2022 15:43:26 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Tue, 15 Mar 2022 15:43:26 GMT
GET H3	204	playback www.youtube.com/api/stats/ Frame 0389	0 17 B	68ms 67ms	Image text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=LB-w2o5T9qEhZXhQ&ver=2&cmt=11042.404&fmt=134&fs=0&rt=0.874&euri=https%3A%2F%2Fwww.google.com%2F&lact=900&live=live&cl=433846713&mos=1&volume=100&cbr=Chrome&cbrver=99.0.4844.51&c=WEB_EMBEDDED_PLAYER&cver=1.20220313.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=5&hl=en_GB&cr=DE&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24136440%2C24158010%2C24169457%2C24169501%2C24169726%2C24180221%2C24182567&rtn=4&afmt=140&lio=1647347961.955&size=300%3A250&inview=0&muted=1&docid=sasPROregtU&ei=HbQwYryGDd7M1gLsi4KYDA&plid=AAXaQ6hTayqqHtRN&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FsasPROregtU%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&of=27zMp_Lv8SCU3hnROM5rbA&vm=CAEQARgEOjJBS1JhaHdDVDREVVQxZ3dxc01KWE93d25Hb0FmWktiYnlId0dqOTlNZjBNMVA3aTNqUWJQQVBta0tESnVLb3lnLTBTaEFMN3M1YVp6VkZ5RW5wOUEzWkJkZjVkTG81eENLLVpULUxtQnRUNTZRMTktS1pQdldRVHVfVUs2QWhXbXZQTmQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:26 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	ptracking www.youtube.com/ Frame 0389	0 19 B	66ms 66ms	Image text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/ptracking?html5=1&video_id=sasPROregtU&cpn=LB-w2o5T9qEhZXhQ&ei=HbQwYryGDd7M1gLsi4KYDA&ptk=youtube_single&oid=Dw-6GWW-Sky_AQC23l1VlA&ptchn=Ig9bJB_1Tro4S2SlDof0wA&pltype=contentlive Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.youtube.com/embed/sasPROregtU?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 15:43:26 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response vs.bantgoau.com/sts/ Frame B39A	2 B 228 B	51ms 50ms	XHR application/json	2a02:128:7:4722::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F749%3Fvid%3DsasPROregtU&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=61067&p=0.0100&oid=1576069&sp=0.042860&spp=1000&se=impression&vi=sasPROregtU&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Fb%2F3543_tIUgh65WJg30jsBM.jpg&tcbbc=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F789%2F%3Fkatds_ep%3DYJcZ4Ic6Je0zydqneX8s8XF6uew2FjB62Iyi78x1Mp85YqWx5ZcPa97mp-baKTvg2a2oFNeDVG2Zh8G3KlCcw_OQQdDuiDruDA2SxQZAVehGefqeSdnnq2r3VQAP_dGANFGjAYUzbG-pxVGp4u22yUk9T3Pu6_R9sYOrvtcbcDSGmZdmLhg88N7cBmVqKUbS04AK6g9XTtzT2FpxyiOe5bY7pErrremNLbA2_tGMNskdXUFK4AlszApsxSkB3tzyUXbfMIsrsty56bKnGhnVZ7gbDLYS4oIvKQAD9eutD21m-oaBl7l9IpE8pFAU6BYgzqaMwTNCO6ItET-P1qDr2czQT6PNRYrDfbAolRdQTJ9bjC-OSWDliZYlw7858hCPyLb5A4NHolPq52GsPyp_7A3hecjPmsl0L35N&ts=1647359001&utm1=tcb&utm2=799268782-1&utm3=26-11111-0&utm4=0-9542311-14&type=view&g_referer=https://xfantazy.com Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4722::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language en-GB,en;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 15:43:25 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server nginx/1.20.1 content-length 2 content-type application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

a.focusde.info

URL

https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=

Domain

a.focusde.info

URL

https://a.focusde.info/api/spots/312875?p=1&s1=%subid1%&kw=

Domain

a.focusde.info

URL

https://a.focusde.info/api/spots/312874?p=1&s1=%subid1%&kw=

Domain

a.focusde.info

URL

https://a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=

Domain

a.focusde.info

URL

https://a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=

Domain

rr4---sn-h0jeenl6.googlevideo.com

URL

https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=134&aitags=133%2C134%2C135%2C136%2C160&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgYyCUFA_q5cIj-in1wYnWfbFTu93SeB6PSaG9L-HMoJoCIGmWFu0dbvFTBA4z7o58zoO7SS447c2H_sp5PMJkyiZI&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&sq=11045&rn=4&rbuf=1884

Domain

rr4---sn-h0jeenl6.googlevideo.com

URL

https://rr4---sn-h0jeenl6.googlevideo.com/videoplayback?expire=1647380605&ei=HbQwYryGDd7M1gLsi4KYDA&ip=2a01%3A4a0%3A2c%3A%3A6&id=sasPROregtU.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=_j&mm=44%2C29&mn=sn-h0jeenl6%2Csn-h0jelnes&ms=lva%2Crdu&mv=u&mvi=4&pl=46&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=TLhJ8oy6sWoEcJD0VtKtJycG&gir=yes&mt=1647358028&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yUEO4buy2gIv4Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgY5lg6vC2GZDmZsoai8s-WvOtxA_se4f6fmfMRG3UjokCIQD6bkzenTKCl_QNMvrmMXoGm_UYseYgnRDVwSe5jgwxuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgGvEfW88t8KtUMXJzmhZQ1Vr8SocbTUgVh68Qc3eElBQCIQDDgFkDdibC4IeoTRceNLXuJ3OSm4m47rUxIwm2GLqbdA%3D%3D&alr=yes&cpn=LB-w2o5T9qEhZXhQ&cver=1.20220313.00.00&sq=11045&rn=6&rbuf=1898