urlscan.io logo urlscan.io
SecurityTrails logo

xxffo.com Open in urlscan Pro
2606:4700:30::681b:bda1  Public Scan

Go To Rescan Add Verdict Report
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Submission: On March 06 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 2606:4700:30::681b:bda1, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is xxffo.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 5th 2019. Valid for: 6 months.
This is the only time xxffo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:30:... 13335 (CLOUDFLAR...)
1 69.165.107.69 25875 (VARIOUS)
1 104.17.34.108 13335 (CLOUDFLAR...)
1 152.195.39.54 15133 (EDGECAST)
4 2606:2800:234... 15133 (EDGECAST)
3 199.241.98.2 27589 (MOJOHOST)
4 95.211.229.246 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
3 103.235.46.191 55967 (CNNIC-BAI...)
1 104.27.242.237 13335 (CLOUDFLAR...)
1 2001:1aa8:185... 24642 (NL-CAVEO)
1 2001:1aa8:185... 24642 (NL-CAVEO)
1 95.211.229.245 60781 (LEASEWEB-...)
37 14
12    2606:4700:30::681b:bda1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xxffo.com
1    69.165.107.69 (Sunnyvale, United States)

ASN25875 (VARIOUS - FriendFinder Networks Inc, US)
adultfriendfinder.com
1    104.17.34.108 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
theporndude.com
1    152.195.39.54 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
secureimage.securedataimages.com
4    2606:2800:234:1f1f:1754:1fef:718:1223 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ads.exosrv.com
ads.exoclick.com
3    199.241.98.2 (Franklin, United States)

ASN27589 (MOJOHOST - MOJOHOST, US)
PTR: cs2318.mojohost.com
adserver.juicyads.com
4    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exosrv.com
2    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    104.27.242.237 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
vshare.io
1    2001:1aa8:185::212:109 (Netherlands)

ASN24642 (NL-CAVEO, NL)
adspaces.ero-advertising.com
1    2001:1aa8:185::212:108 (Netherlands)

ASN24642 (NL-CAVEO, NL)
adspaces.ero-advertising.com
1    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exoclick.com
Domain Requested by
12 xxffo.com xxffo.com
4 syndication.exosrv.com ads.exosrv.com
3 hm.baidu.com xxffo.com
3 adserver.juicyads.com xxffo.com
adserver.juicyads.com
3 ads.exosrv.com xxffo.com
2 adspaces.ero-advertising.com xxffo.com
adspaces.ero-advertising.com
2 www.google-analytics.com xxffo.com
1 syndication.exoclick.com ads.exoclick.com
1 ads.exoclick.com xxffo.com
1 vshare.io xxffo.com
1 secureimage.securedataimages.com xxffo.com
1 theporndude.com xxffo.com
1 adultfriendfinder.com xxffo.com
37 13

This site contains links to these domains. Also see Links.

Domain
www.xxffo.com
ffkk.me
adultfriendfinder.com
theporndude.com
asianmatchmate.com
Subject Issuer Validity Valid
sni66755.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-05 -
2019-09-11		 6 months crt.sh
*.adultfriendfinder.com
DigiCert SHA2 Secure Server CA		 2017-03-30 -
2019-04-04		 2 years crt.sh
*.theporndude.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-04 -
2020-10-08		 3 years crt.sh
www.securedataimages.com
DigiCert SHA2 Secure Server CA		 2017-10-21 -
2020-10-28		 3 years crt.sh
*.exoclick.com
DigiCert SHA2 Secure Server CA		 2017-12-12 -
2020-12-16		 3 years crt.sh
*.juicyads.com
COMODO RSA Domain Validation Secure Server CA		 2015-01-23 -
2020-01-22		 5 years crt.sh
exosrv.com
Let's Encrypt Authority X3		 2019-02-10 -
2019-05-11		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-12-03 -
2019-05-26		 6 months crt.sh
ssl773987.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-08 -
2019-07-17		 6 months crt.sh
*.ero-advertising.com
GeoTrust RSA CA 2018		 2018-01-17 -
2019-03-28		 a year crt.sh

This page contains 14 frames:

Primary Page: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Frame ID: 984B3855CCDFF45AA4F51545B3BCB67A
Requests: 20 HTTP requests in this frame

Frame: https://ads.exosrv.com/iframe.php?idzone=2605483&size=728x90
Frame ID: 30A07CDF9FF98478BCF7A76C998DA61C
Requests: 1 HTTP requests in this frame

Frame: https://xxffo.com/Public/player/play.html
Frame ID: A18698EFD25120A3D0D70EDBDAF5D29A
Requests: 3 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956861&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: 8C5E7D94AE9108D1286D7F3270EC3271
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956909&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: C8F4B8937B77BEAB02D073F77000B95D
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956912&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: D29E0D26E3F9487AB2614F1E0EC3C478
Requests: 1 HTTP requests in this frame

Frame: https://xxffo.com/Tpl/show.html
Frame ID: F6AB09AA7CB2B886B8D6EC59B69CDADE
Requests: 3 HTTP requests in this frame

Frame: https://vshare.io/v/91418b4/width-660/height-480/
Frame ID: 9D77C0BF392EC199A5F42C94792DB6EA
Requests: 1 HTTP requests in this frame

Frame: https://adspaces.ero-advertising.com/banner.go?spaceid=253582
Frame ID: B6EED214D60490790C55AFFE2308417D
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=606878&type=300x250&p=https%3A//xxffo.com/Public/player/play.html&dt=1551858957131&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: A4FD3D5358D5A68884A7355928ED8412
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: EEE2C57FD28AECC969257D24C1C01F10
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: D549C0B0728858D2C49901CA28239A90
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: 55D0D8453624D173B034429356518CCA
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: 4F7454C4515770E6BADF923C339BE330
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

37
Requests

95 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

14
IPs

4
Countries

108 kB
Transfer

210 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vod-play-id-8322-sid-2-pid-0.html
xxffo.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.9
Resource Hash
5af7b8c7a77ae2bc72d8c414fffb4be48b74af0a4820b8cb2211d0f52deb9185
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:method
GET
:authority
xxffo.com
:scheme
https
:path
/vod-play-id-8322-sid-2-pid-0.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 06 Mar 2019 07:55:56 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; expires=Thu, 05-Mar-20 07:55:56 GMT; path=/; domain=.xxffo.com; HttpOnly PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; path=/ think_template=s%3A7%3A%22default%22%3B; expires=Wed, 06-Mar-2019 08:55:56 GMT; Max-Age=3600; path=/
vary
Accept-Encoding
x-powered-by
PHP/5.6.9
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
cache-control
private
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b32c52f2a38647b-FRA
content-encoding
br
style.css
xxffo.com/Tpl/default/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Tpl/default/style.css
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7160f48f65be9b30247bd0eed5ff5dedb9f21bb1f2c6202a712771662bc1c297
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Tpl/default/style.css
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
:scheme
https
:method
GET
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Aug 2018 13:12:56 GMT
server
cloudflare
etag
W/"5b61b1d8-31b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c52fcae2647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
leeter.js
xxffo.com/Tpl/default/js/ 		2 KB
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Tpl/default/js/leeter.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af878e7ed9b1c99bf311067335c91e2dde6bebc9f6651fdf3c07d192490eaf12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Tpl/default/js/leeter.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
:scheme
https
:method
GET
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jun 2013 15:20:40 GMT
server
cloudflare
etag
W/"51bb34c8-7cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c52fcae3647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
top72090.js
xxffo.com/Public/ads/ 		199 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Public/ads/top72090.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74164fd58fa63a7e6426b95d6eb3d522c932a3b237933da6e04cf52a53aa58a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Public/ads/top72090.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
:scheme
https
:method
GET
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Dec 2018 08:59:13 GMT
server
cloudflare
etag
W/"5c0e2ae1-c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c52fcae4647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
favicon.ico
adultfriendfinder.com/images/ffadult/ 		568 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adultfriendfinder.com/images/ffadult/favicon.ico
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.165.107.69 Sunnyvale, United States, ASN25875 (VARIOUS - FriendFinder Networks Inc, US),
Reverse DNS
Software
/
Resource Hash
39ffa3162f7cd91838e91963a9e9edcd692f55f619154d125e7b4e896c68a401

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Mar 2019 07:55:57 GMT
Last-Modified
Wed, 17 Sep 2003 17:56:05 GMT
Age
0
ETag
"fbd6f77-238-3c78a3690b740"
X-Cache
MISS
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
568
X-Cache-Hits
0
favicon.ico
theporndude.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theporndude.com/favicon.ico
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.34.108 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
165a6f04a5d00aa6a597dba8cec89bb8380f01c2522765d823f5dfa36637aaea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 17 Jun 2015 22:32:32 GMT
server
cloudflare
etag
W/"47e-5581f580-52fc97da8d15420f;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
status
200
cache-control
public, max-age=2592000
cf-ray
4b32c5303953bf93-AMS
expires
Fri, 05 Apr 2019 07:55:56 GMT
favicon_2.ico
secureimage.securedataimages.com/images/ffadult/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/favicon_2.ico
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.54 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DE) /
Resource Hash
69a6617ec0cf7afc79fad92a2a71648372bfdeb2ef3d1d3032268292b410f5c6

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
last-modified
Mon, 02 Aug 2010 17:12:42 GMT
server
ECS (fcn/40DE)
etag
"fbd6f86-47e-48cda4ef0b680"
x-cache
HIT
content-type
image/x-icon
status
200
cache-control
max-age=2592000
x-cache-hits
0
accept-ranges
bytes
content-length
1150
expires
Fri, 05 Apr 2019 07:55:56 GMT
bf300.js
xxffo.com/Public/ads/ 		912 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Public/ads/bf300.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb2c5e0b1d1ad4d25197f1a16b4ef332b1bd2e8af919ca1e24fc08ef792f861
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Public/ads/bf300.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
:scheme
https
:method
GET
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Dec 2018 08:59:13 GMT
server
cloudflare
etag
W/"5c0e2ae1-390"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c52fcae5647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
popunder1000.js
ads.exosrv.com/ 		67 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exosrv.com/popunder1000.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B0) /
Resource Hash
848541f89cfeb1c183900817a7bb886dd476beca74829e8f2e4f5d3815d86bd7

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 05:40:17 GMT
server
ECS (fcn/40B0)
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
31857
expires
Wed, 06 Mar 2019 10:55:56 GMT
tob960.js
xxffo.com/Public/ads/ 		2 KB
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Public/ads/tob960.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa6ebe448470f15f3f4b68dac6b84396e93476c12093c006f5c71a53c8bcefb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Public/ads/tob960.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
:scheme
https
:method
GET
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Dec 2018 08:59:13 GMT
server
cloudflare
etag
W/"5c0e2ae1-606"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c52fcae6647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
htop_bg.gif
xxffo.com/Tpl/default/images/ 		60 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xxffo.com/Tpl/default/images/htop_bg.gif
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7986dce3e21c042c12a1a01375111005c63d25d86174e073dbaf0e246b1ae02a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Tpl/default/images/htop_bg.gif
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/Tpl/default/style.css
:scheme
https
:method
GET
Referer
https://xxffo.com/Tpl/default/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
cf-cache-status
HIT
last-modified
Sun, 26 Apr 2009 12:45:30 GMT
server
cloudflare
etag
"49f4576a-3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
4b32c52feaf6647b-FRA
content-length
60
expires
Fri, 05 Apr 2019 07:55:56 GMT
logo.png
xxffo.com/Tpl/default/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xxffo.com/Tpl/default/images/logo.png
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb307f583adc266fc78f70378b41303e17c983fd2c9bad8d9b3e9b2a532ab13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Tpl/default/images/logo.png
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/Tpl/default/style.css
:scheme
https
:method
GET
Referer
https://xxffo.com/Tpl/default/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Aug 2018 05:59:09 GMT
server
cloudflare
etag
"5b614c2d-6e99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
4b32c52feaf7647b-FRA
content-length
28313
expires
Fri, 05 Apr 2019 07:55:56 GMT
iframe.php
ads.exosrv.com/ Frame 30A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.exosrv.com/iframe.php?idzone=2605483&size=728x90
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/ads/top72090.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash

Request headers

:method
GET
:authority
ads.exosrv.com
:scheme
https
:path
/iframe.php?idzone=2605483&size=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

status
200
content-encoding
gzip
accept-ranges
bytes
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
date
Wed, 06 Mar 2019 07:55:56 GMT
expires
Wed, 06 Mar 2019 10:55:56 GMT
last-modified
Wed, 06 Mar 2019 07:23:44 GMT
server
ECS (fcn/4197)
vary
Accept-Encoding
x-cache
HIT
content-length
1108
play.html
xxffo.com/Public/player/ Frame A186 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Public/player/play.html
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbde9b00c82831b2fcce3eab6f86f837f87055c1826a111dec5cff718b01953
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:method
GET
:authority
xxffo.com
:scheme
https
:path
/Public/player/play.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
accept-encoding
gzip, deflate, br
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

status
200
date
Wed, 06 Mar 2019 07:55:56 GMT
content-type
text/html
last-modified
Sat, 13 May 2017 16:18:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b32c5300b0a647b-FRA
content-encoding
br
ads.js
ads.exosrv.com/ 		2 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exosrv.com/ads.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/ads/bf300.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
bbbb0ffd2b7f74d99ab11edc18f0a73ee170745524644a785a03be193eb13a04

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 05:40:17 GMT
server
ECS (fcn/40E2)
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
779
expires
Wed, 06 Mar 2019 10:55:56 GMT
jads.js
adserver.juicyads.com/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/js/jads.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/ads/bf300.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.241.98.2 Franklin, United States, ASN27589 (MOJOHOST - MOJOHOST, US),
Reverse DNS
cs2318.mojohost.com
Software
nginx /
Resource Hash
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Mar 2019 07:55:57 GMT
Last-Modified
Tue, 10 Jan 2017 21:11:34 GMT
Server
nginx
ETag
"58754e06-eb9"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3769
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 8C5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956861&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c7f7d0ce49fe4.80856783388176683%22%3B%7D; expires=Fri, 05-Mar-2021 07:55:56 GMT; Max-Age=63072000; domain=exosrv.com impressions=x%9CK%B42%B4%AA%CE%B42%B20564%B3%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D0%C2%D4%C2%D2%D4%1C%C81%B2.%B62%B1R2411P%B2%AE%AD%05%00%FB%7D%0F%E1; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.exosrv.com
Content-Encoding
gzip
play.js
xxffo.com/Runtime/Player/ Frame A186 		372 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Runtime/Player/play.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/player/play.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea42dc9afa20352c1208fabfb049dba449f02b22fc6ed530cefca3482d2e44c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Runtime/Player/play.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/Public/player/play.html
:scheme
https
:method
GET
Referer
https://xxffo.com/Public/player/play.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 10 Aug 2018 18:04:02 GMT
server
cloudflare
etag
W/"5b6dd392-174"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c5309b86647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
ads-priv.php
syndication.exosrv.com/ 		0
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-priv.php?i=0
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/popunder1000.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Mar 2019 07:55:56 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame C8F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956909&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225c7f7d0ce9c153.29981244707452580%22%3B%7D; expires=Fri, 05-Mar-2021 07:55:56 GMT; Max-Age=63072000; domain=exosrv.com impressions=x%9C5%C7%B1%15%00%10%0C%05%C0%5D2%81DB%FCL%A3T%2B%3D%BB%A3P%5Cq%1D%8C5+%5E%3C%17%89%8E%FC%9Ab%80%3F3v%F3f%F5FbBA%AC%9A%28%F6%3E%FB%F6%0F%E3; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.exosrv.com
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame D29E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/vod-play-id-8322-sid-2-pid-0.html&dt=1551858956912&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c7f7d0cef4664.347832771049814331%22%3B%7D; expires=Fri, 05-Mar-2021 07:55:56 GMT; Max-Age=63072000; domain=exosrv.com impressions=x%9C5%C7%B1%15%00%10%0C%05%C0%5D2%81DB%FCL%A3T%2B%3D%BB%A3P%5Cq%1D%8C5+%5E%3C%17%89%8E%FC%9Ab%80%3F3v%F3f%F5FbBA%AC%9A%28%F6%3E%FB%F6%0F%E3; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.exosrv.com
Content-Encoding
gzip
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
609
date
Wed, 06 Mar 2019 07:45:47 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Wed, 06 Mar 2019 09:45:47 GMT
hm.js
hm.baidu.com/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?382eb7a5cdf2ce55f35c964aca9d2188
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
6252397981800db4efd1a62c52c0f5f3a6cefc5f22a94729615659bb1e03fdbd
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Encoding
gzip
Server
apache
Etag
c5528acd5fe1f915648ee8fbf88a6830
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
10564
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=23739054&t=pageview&_s=1&dl=https%3A%2F%2Fxxffo.com%2Fvod-play-id-8322-sid-2-pid-0.html&ul=en-us&de=UTF-8&dt=Watch%20Online%20TEK-077%20%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E5%9B%9B%E5%A4%A9%E7%8E%8B%E3%81%9F%E3%81%8B%E3%81%97%E3%82%87%E3%83%BCMUTEKI%20Debut%20%E9%AB%98%E6%A9%8B%E3%81%97%E3%82%87%E3%81%86%E5%AD%90%20-%20xxxfk.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=579039251&gjid=1937554336&cid=2086677762.1551858957&tid=UA-21443113-2&_gid=705926642.1551858957&_r=1&z=710520429
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2019 07:55:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Server7.js
xxffo.com/Public/player/ Frame A186 		501 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Public/player/Server7.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/player/play.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13faa5794451da49eae07bf498605f7a1bd883e48a17399202535d5ae64b33b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/Public/player/Server7.js
pragma
no-cache
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B; splash_i=false; _ga=GA1.2.2086677762.1551858957; _gid=GA1.2.705926642.1551858957; _gat=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xxffo.com
referer
https://xxffo.com/Public/player/play.html
:scheme
https
:method
GET
Referer
https://xxffo.com/Public/player/play.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 May 2017 10:39:07 GMT
server
cloudflare
etag
W/"590da7cb-1f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4b32c530fbcf647b-FRA
expires
Wed, 06 Mar 2019 19:55:56 GMT
show.html
xxffo.com/Tpl/ Frame F6AB 		2 KB
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xxffo.com/Tpl/show.html
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/player/play.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bda1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00303bf5200f04d9b2afbdf33a728f6a582472f5887be9e85da36720938a2cef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:method
GET
:authority
xxffo.com
:scheme
https
:path
/Tpl/show.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xxffo.com/Public/player/play.html
accept-encoding
gzip, deflate, br
cookie
__cfduid=d696d17974f36e92b0b270ec10b586ed71551858956; PHPSESSID=dkf0pra0bi946f2fpgmhb3krt1; think_template=s%3A7%3A%22default%22%3B; splash_i=false; _ga=GA1.2.2086677762.1551858957; _gid=GA1.2.705926642.1551858957; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/Public/player/play.html

Response headers

status
200
date
Wed, 06 Mar 2019 07:55:57 GMT
content-type
text/html
last-modified
Sun, 19 Feb 2017 07:29:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b32c5314bff647b-FRA
content-encoding
br
/
vshare.io/v/91418b4/width-660/height-480/ Frame 9D77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vshare.io/v/91418b4/width-660/height-480/
Requested by
Host: xxffo.com
URL: https://xxffo.com/Public/player/play.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.242.237 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45-0+deb7u1
Resource Hash

Request headers

:method
GET
:authority
vshare.io
:scheme
https
:path
/v/91418b4/width-660/height-480/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xxffo.com/Public/player/play.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/Public/player/play.html

Response headers

status
200
date
Wed, 06 Mar 2019 07:55:57 GMT
content-type
text/html
set-cookie
__cfduid=d2124b5ad65afd0874952b0237b83d1121551858957; expires=Thu, 05-Mar-20 07:55:57 GMT; path=/; domain=.vshare.io; HttpOnly; Secure
x-powered-by
PHP/5.4.45-0+deb7u1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b32c531cc02c849-AMS
content-encoding
br
253582.js
adspaces.ero-advertising.com/adspace/ Frame F6AB 		195 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adspaces.ero-advertising.com/adspace/253582.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Tpl/show.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:1aa8:185::212:109 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software
nginx /
Resource Hash
92120cbaa3b5d13690f579646caa14d51c891b57e41c736ce139544f5b57ee62

Request headers

Referer
https://xxffo.com/Tpl/show.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Mar 2019 07:55:57 GMT
Last-Modified
Wed, 06 03 2019 07:55:57 GMT
Server
nginx
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection
close
X-Backend-Server
nl1-web213-33
Content-Length
195
Expires
Mon, 03 Jul 2001 06:00:00 GMT
ads.js
ads.exoclick.com/ Frame F6AB 		2 KB
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exoclick.com/ads.js
Requested by
Host: xxffo.com
URL: https://xxffo.com/Tpl/show.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
19ba920e285740334e022bd97d6dfb8f7c390db18d301346e2b527e4fe576db9

Request headers

Referer
https://xxffo.com/Tpl/show.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 06 Mar 2019 07:55:57 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 05:40:29 GMT
server
ECS (fcn/40E2)
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
781
expires
Wed, 06 Mar 2019 10:55:57 GMT
banner.go
adspaces.ero-advertising.com/ Frame B6EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adspaces.ero-advertising.com/banner.go?spaceid=253582
Requested by
Host: adspaces.ero-advertising.com
URL: https://adspaces.ero-advertising.com/adspace/253582.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:1aa8:185::212:108 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
adspaces.ero-advertising.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/Tpl/show.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/Tpl/show.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Expires
Mon, 03 Jul 2001 06:00:00 GMT
Last-Modified
Wed, 06 03 2019 07:55:57 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma
no-cache
X-Backend-Server
nl1-web213-35
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame A4FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=606878&type=300x250&p=https%3A//xxffo.com/Public/player/play.html&dt=1551858957131&sub=&tags=&screen_resolution=1600x1200&el=
Requested by
Host: ads.exoclick.com
URL: https://ads.exoclick.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/Tpl/show.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/Tpl/show.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c7f7d0d30be02.281825153040664957%22%3B%7D; expires=Fri, 05-Mar-2021 07:55:57 GMT; Max-Age=63072000; domain=exoclick.com impressions=x%9C5%C7%B1%15%00%10%0C%05%C0%5D2%81DB%FCL%A3T%2B%3D%BB%A3P%5Cq%1D%8C5+%5E%3C%17%89%8E%FC%9Ab%80%3F3v%F3f%F5FbBA%AC%9A%28%F6%3E%FB%F6%0F%E3; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.exoclick.com
Content-Encoding
gzip
adshow.php
adserver.juicyads.com/ Frame EEE2 		0
0
Cookie set adshow.php
adserver.juicyads.com/ Frame D549 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=723744
Requested by
Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.241.98.2 Franklin, United States, ASN27589 (MOJOHOST - MOJOHOST, US),
Reverse DNS
cs2318.mojohost.com
Software
nginx / PHP/5.5.7
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.5.7
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=8ac41acd4a937b993c10d2d18efd7343; expires=Thu, 05-Mar-2020 07:55:57 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps23149=1; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjU3ODEyMTtpOjE1NTIxMTgxNTc7fQ%3D%3D; expires=Sat, 09-Mar-2019 07:55:57 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 09-Mar-2019 07:55:57 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
adshow.php
adserver.juicyads.com/ Frame 55D0 		0
0
Cookie set adshow.php
adserver.juicyads.com/ Frame 4F74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=723744
Requested by
Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.241.98.2 Franklin, United States, ASN27589 (MOJOHOST - MOJOHOST, US),
Reverse DNS
cs2318.mojohost.com
Software
nginx / PHP/5.5.7
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html

Response headers

Server
nginx
Date
Wed, 06 Mar 2019 07:55:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.5.7
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=8ac41acd4a937b993c10d2d18efd7343; expires=Thu, 05-Mar-2020 07:55:57 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps23149=1; expires=Thu, 07-Mar-2019 07:55:57 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjU3ODEyMTtpOjE1NTIxMTgxNTc7fQ%3D%3D; expires=Sat, 09-Mar-2019 07:55:57 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 09-Mar-2019 07:55:57 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=938482577&si=382eb7a5cdf2ce55f35c964aca9d2188&v=1.2.38&lv=1&ct=!!&tt=Watch%20Online%20TEK-077%20%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E5%9B%9B%E5%A4%A9%E7%8E%8B%E3%81%9F%E3%81%8B%E3%81%97%E3%82%87%E3%83%BCMUTEKI%20Debut%20%E9%AB%98%E6%A9%8B%E3%81%97%E3%82%87%E3%81%86%E5%AD%90%20-%20xxxfk.com&sn=55693
Requested by
Host: xxffo.com
URL: https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Mar 2019 07:55:58 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=%7B%22netAll%22%3A39%2C%22netDns%22%3A1%2C%22netTcp%22%3A37%2C%22srv%22%3A94%2C%22dom%22%3A295%2C%22loadEvent%22%3A4417%7D&et=87&ja=0&ln=en-us&lo=0&rnd=1442515548&si=382eb7a5cdf2ce55f35c964aca9d2188&v=1.2.38&lv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://xxffo.com/vod-play-id-8322-sid-2-pid-0.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Mar 2019 07:56:01 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserver.juicyads.com
URL
https://adserver.juicyads.com/adshow.php?adzone=723744
Domain
adserver.juicyads.com
URL
https://adserver.juicyads.com/adshow.php?adzone=723744

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| vod_name string| list_name string| server_name string| player_name string| url_list string| ad_idzone string| ad_width string| ad_height function| getParameterFromUrl string| p number| dt string| exoDocumentProtocol string| ad_sub string| ad_tags string| ad_notify string| ad_el string| ad_type string| ad_screen_resolution object| adsbyjuicy boolean| ad_popup_fallback number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method string| ad_trigger_class string| ads_priv string| c_name string| expires object| date string| browser function| u777 function| E9nn string| value function| isIE function| isSafari function| isChrome function| isFirefox function| getBrowser function| checkIncognito function| isIEIncognito function| isSafariIncognito function| isChromeIncognito function| isFirefoxIncognito string| browser_key string| ua string| popns object| exoJsPop101 string| ad_cat boolean| ad_popup_force boolean| ad_new_tab string| GoogleAnalyticsObject function| ga object| _hmt object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz string| fss boolean| _bdhm_loaded_382eb7a5cdf2ce55f35c964aca9d2188 object| mini_tangram_log_l6fdw2 object| mini_tangram_log_4to0lt

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.exoclick.com
ads.exosrv.com
adserver.juicyads.com
adspaces.ero-advertising.com
adultfriendfinder.com
hm.baidu.com
secureimage.securedataimages.com
syndication.exoclick.com
syndication.exosrv.com
theporndude.com
vshare.io
www.google-analytics.com
xxffo.com
adserver.juicyads.com
103.235.46.191
104.17.34.108
104.27.242.237
152.195.39.54
199.241.98.2
2001:1aa8:185::212:108
2001:1aa8:185::212:109
2606:2800:234:1f1f:1754:1fef:718:1223
2606:4700:30::681b:bda1
2a00:1450:4001:81f::200e
69.165.107.69
95.211.229.245
95.211.229.246
00303bf5200f04d9b2afbdf33a728f6a582472f5887be9e85da36720938a2cef
13faa5794451da49eae07bf498605f7a1bd883e48a17399202535d5ae64b33b4
165a6f04a5d00aa6a597dba8cec89bb8380f01c2522765d823f5dfa36637aaea
19ba920e285740334e022bd97d6dfb8f7c390db18d301346e2b527e4fe576db9
1fb2c5e0b1d1ad4d25197f1a16b4ef332b1bd2e8af919ca1e24fc08ef792f861
39ffa3162f7cd91838e91963a9e9edcd692f55f619154d125e7b4e896c68a401
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
5af7b8c7a77ae2bc72d8c414fffb4be48b74af0a4820b8cb2211d0f52deb9185
6252397981800db4efd1a62c52c0f5f3a6cefc5f22a94729615659bb1e03fdbd
69a6617ec0cf7afc79fad92a2a71648372bfdeb2ef3d1d3032268292b410f5c6
7160f48f65be9b30247bd0eed5ff5dedb9f21bb1f2c6202a712771662bc1c297
74164fd58fa63a7e6426b95d6eb3d522c932a3b237933da6e04cf52a53aa58a4
7986dce3e21c042c12a1a01375111005c63d25d86174e073dbaf0e246b1ae02a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848541f89cfeb1c183900817a7bb886dd476beca74829e8f2e4f5d3815d86bd7
92120cbaa3b5d13690f579646caa14d51c891b57e41c736ce139544f5b57ee62
af878e7ed9b1c99bf311067335c91e2dde6bebc9f6651fdf3c07d192490eaf12
bbbb0ffd2b7f74d99ab11edc18f0a73ee170745524644a785a03be193eb13a04
cbb307f583adc266fc78f70378b41303e17c983fd2c9bad8d9b3e9b2a532ab13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dbbde9b00c82831b2fcce3eab6f86f837f87055c1826a111dec5cff718b01953
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea42dc9afa20352c1208fabfb049dba449f02b22fc6ed530cefca3482d2e44c
faa6ebe448470f15f3f4b68dac6b84396e93476c12093c006f5c71a53c8bcefb