urlscan.io logo urlscan.io
SecurityTrails logo

xhamestet.com Open in urlscan Pro
2606:4700:3032::ac43:bc49  Public Scan

Go To Rescan Add Verdict Report
URL: https://xhamestet.com/
Submission: On July 30 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3032::ac43:bc49, located in United States and belongs to CLOUDFLARENET, US. The main domain is xhamestet.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2021. Valid for: a year.
This is the only time xhamestet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 185.94.237.64 42567 (MOJHOST-EU)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 69.16.175.42 20446 (HIGHWINDS3)
7 95.211.229.247 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.84 20446 (HIGHWINDS3)
6 2a02:3d0:621:... 22822 (LLNW)
1 185.75.253.87 48684 (VIKINGHOST)
1 66.254.122.39 29789 (REFLECTED)
2 195.85.23.30 209242 (CLOUDFLAR...)
59 14
23    2606:4700:3032::ac43:bc49 (United States)

ASN13335 (CLOUDFLARENET, US)
xhamestet.com
4    185.94.237.64 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
7    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
i.jads.co
7    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    209.197.3.84 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x054.map2.ssl.hwcdn.net
img-hw.xvideos-cdn.com
6    2a02:3d0:621:a000::6 (United States)

ASN22822 (LLNW, US)
s3t3d2y7.ackcdn.net
1    185.75.253.87 (Netherlands)

ASN48684 (VIKINGHOST, NL)
promo-bc.com
1    66.254.122.39 (United States)

ASN29789 (REFLECTED, US)
i.bcprm.com
2    195.85.23.30 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-30-23-conversasro.com
i.bimbolive.com
Domain Requested by
23 xhamestet.com xhamestet.com
ajax.cloudflare.com
7 syndication.realsrv.com ajax.cloudflare.com
7 a.realsrv.com ajax.cloudflare.com
6 s3t3d2y7.ackcdn.net syndication.realsrv.com
4 poweredby.jads.co 1 redirects xhamestet.com
poweredby.jads.co
2 i.bimbolive.com promo-bc.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 i.jads.co poweredby.jads.co
1 i.bcprm.com promo-bc.com
1 promo-bc.com syndication.realsrv.com
1 img-hw.xvideos-cdn.com
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com xhamestet.com
59 13
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-17 -
2022-02-16		 a year crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2020-11-27 -
2021-12-28		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
realsrv.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
xvideos.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-08 -
2021-10-10		 a year crt.sh
ackcdn.net
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.promo-bc.com
GoGetSSL RSA DV CA		 2020-08-06 -
2021-11-04		 a year crt.sh
i.bcprm.com
GoGetSSL RSA DV CA		 2021-06-18 -
2022-06-18		 a year crt.sh
i.bimbolive.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh

This page contains 13 frames:

Primary Page: https://xhamestet.com/
Frame ID: EEFE6002B2F78AB0016ABF6D9093D2DF
Requests: 36 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=921771
Frame ID: B3954F863B62AC957556E97BDE1E6834
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=921771
Frame ID: 6413BF4A33C598F09773FC952EB9287D
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=921772
Frame ID: A81D46FD0208A517BC0B03254379425C
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=921772
Frame ID: 23D820532FC0246F759FC69023F5E3F1
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074584&type=300x100&p=https%3A//xhamestet.com/&dt=1627659567952&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: AFDA72938CD77C4A7F8B14C1C637B8C5
Requests: 1 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072706&type=900x250&p=https%3A//xhamestet.com/&dt=1627659567961&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: F98B1BFD5FAFCB4822514F343882136D
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074604&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567973&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 827088244C8D564DBF5CCB5C8BF134EC
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074590&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567992&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 9812F832BAD87E0153F5E1B6FF9DA8AC
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072702&type=900x250&p=https%3A//xhamestet.com/&dt=1627659568002&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 8A322A5C7B6299101F5A9720530C348D
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074600&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568011&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 0D8092D8F11D81D8DA811D98C9273BC1
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074602&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568021&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 340CE100E4C16640EABC371B338D8C5B
Requests: 2 HTTP requests in this frame

Frame: https://promo-bc.com/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: B0BF0299A0B75BC8618E82C29505E87E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

59
Requests

97 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

14
IPs

4
Countries

1361 kB
Transfer

1999 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xhamestet.com/ 		107 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8705088e4a0a75fb421cfc0589fe0d6ac37e00985319f174aa06a83dcb17335f

Request headers

:method
GET
:authority
xhamestet.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-type
text/html
set-cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; Expires=Sat, 31 Jul 2021 15:39:25 GMT; Path=/;
vary
Accept-Encoding
x-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEBmGc4hj2C7Pafp6ZPDEePkn%2FlwX8%2BdbdeKiyuedRTXOUS60rtuSh0o112CDVGyJNuy5lxkmyCqs06M4PiCyyybir2%2BhKywUp8ILFRkJmMQrwRhtD8QQ4bBetlXKLi10%2BoSfqVWJjdMRrj%2F"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
676fadfb0f794dd6-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
aebqu.css
xhamestet.com/wp-content/cache/wpfc-minified/7in4jxa3/ 		134 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/cache/wpfc-minified/7in4jxa3/aebqu.css
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9167451bf568595223935a18e05bba4337b06f6852d927478eb9f67783f84b9

Request headers

:path
/wp-content/cache/wpfc-minified/7in4jxa3/aebqu.css
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
637902
cf-polished
origSize=144314
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 24 Mar 2021 13:39:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAFsGCQMG1mzgcMoOV78nR5RGxgkl%2FDNLyR3WxAygPBRrGNsYwRsxi7Rc6b39aYsncBaGPVg0GHelxbAoRlamQzTpwYWS3kR%2Beo4kEnOiAmJ2aCYTsPWnjF8YcFJ1KR3nCy95N1IjcU%2FDzr4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=10368000
cf-ray
676fadfb7b060746-FRA
expires
max-age=A10368000, public
api.js
xhamestet.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdTjwOjfWbRsGeguJFZdHe1MkPAZnWAJUVk0Iv22CsQBisp4gfpaQ4%2Bm%2B1kRpc5yoCpHleyYu78axyiC%2FV3Em4lxVj9bhO8TOpq3kYGpoybEuqYz%2F8kYXzGGB1SPrGtflqSYn%2FI3%2BMB%2FKWXK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
676fadfb7b030746-FRA
cf-request-id
0b99ab113000000746c836e000000001
xHamestet_logo.png
xhamestet.com/wp-content/uploads/2020/11/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2020/11/xHamestet_logo.png
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f275534748675fbd21af7b0aa00e5e9ea66ce2878731f0c7bde848633311fef

Request headers

:path
/wp-content/uploads/2020/11/xHamestet_logo.png
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Nov 2020 10:59:00 GMT
server
cloudflare
age
8699067
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gt5T%2B%2FTKtdkYbsgUOCo3aKpBZG1L6BeYmTrXY36pOYEr9VIB2dDJgwuAAQQF04m19CToKBNKnG0u114H7RFT0o%2FDi%2FmAdc6dB4qPj5q%2FuColUOLN%2F71tPB5t3LfiD%2BY8v%2Fn2yb0vZ3R%2FUkei"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fadfb7b070746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.64 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 30 Jul 2021 15:39:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0b99ab112700004e44860d1000000001
last-modified
Mon, 19 Jul 2021 18:19:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60f5c23b-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki8gjqYFvqbbQ3M1qdipVzxyOtDGalEcpuiTJ3Z1Je0nJmumiiaXFVphmGU%2BdHbh%2B1WBuoErzniQGx9cJ5UA96zqLU%2Bc%2FW5Nlxu%2Fh2vD4busTMsQRRPc8LvZshiAq%2BWYWrAnn9BkxRdWpNtln%2BYOoIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
676fadfb7a584e44-FRA
expires
Sun, 01 Aug 2021 15:39:25 GMT
fontawesome-webfont.woff2
xhamestet.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/wp-content/cache/wpfc-minified/7in4jxa3/aebqu.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode
cors
origin
https://xhamestet.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
:path
/wp-content/themes/retrotube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xhamestet.com
referer
https://xhamestet.com/wp-content/cache/wpfc-minified/7in4jxa3/aebqu.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://xhamestet.com
Referer
https://xhamestet.com/wp-content/cache/wpfc-minified/7in4jxa3/aebqu.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Mar 2021 13:31:40 GMT
server
cloudflare
age
8504277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbcjdS5iSCjZXI3DbBCipHgS0n83%2BYIggtYHtGrbXefp2b0E18kZ%2FL1b97F34MnLF3Wm5NXBdYLyNz2Lz9t3AlREYycHBgqUf3gGBpihe58Qw%2FtUV8%2BII6QMrt3bSmNO%2FoCaPY8ulUaMPkCY"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fadfbbb800746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
wp-embed.min.js
xhamestet.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Mar 2021 11:46:57 GMT
server
cloudflare
age
6789427
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFg9V%2B19wNde%2FPMej3xnQoln918MRtZRgXvslLIZypRJ8h70ZTZAZgkx%2B7WLCIBgUV%2Fqcvkr4xA1%2Bi33%2BrMJy2BlrvVS0P6CG6rd1CnCTUqFiUZ9bcJeN1h04ZHRzfe1VAWW2jjwo2zdoCXo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fadfc1c3e0746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
skip-link-focus-fix.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		426 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

:path
/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8504701
cf-polished
origSize=683
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 Mar 2021 13:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVV0NvqPEzfOwtf2RgfDe0xcOEAApxRx6e1kIpFr0zErD%2BwSGX8hYQ%2FbuaMv7eiCJClS%2BzQgDYH4s0vmDJhjeLw%2FeRVHsmtAqF7Vw07b5JVM7MpQQ6%2BK1GE3SbIFDhahnqswhKU8zRsGTLKe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
676fadfc1c3f0746-FRA
expires
max-age=A10368000, public
main.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.5.8
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f33fa569f6e052c7481837a6a0d6cb790e21dc1cac270b0e7addf1f05bc5583

Request headers

:path
/wp-content/themes/retrotube/assets/js/main.js?ver=1.5.8
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1241018
cf-polished
origSize=39152
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 16 Jul 2021 06:55:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b51mHuGiQeZKzRNR9Wkd4eW9xd7vK4BEz5CLU39XGiOcohjz1Ci6qzyoH50%2FcgcBRVUGZN%2FYcHsb25%2BWhrjgLk4BHwj5xC5D7HXCui1uDlnEtmh2bqYvqjljnaPDkim9RFZ35Iq%2Br2GMyif1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
676fadfc1c400746-FRA
expires
max-age=A10368000, public
lazyload.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/lazyload.js?ver=1.0.0
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8a5a2aa4a053bd70bb8af4c22e9cd3850236a5d6700bb3353f9a25187a3e15

Request headers

:path
/wp-content/themes/retrotube/assets/js/lazyload.js?ver=1.0.0
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1241018
cf-polished
origSize=5755
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 16 Jul 2021 06:55:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsg3r9hATqe0ExDHj76jRtz3BeB8m%2FNvAUu5gfQz7AMG8puzfVq8xsaiRQ%2FkV9U3DWfnGYgd94ctxXcPXVJo1F1SdQuKk1FYgkOBBsGZA9EQucpltz%2FgAAR6uAj0CMPrqqvFk77bBIkCJNwB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
676fadfc1c420746-FRA
expires
max-age=A10368000, public
jquery.touchSwipe.min.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Request headers

:path
/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Mar 2021 13:31:40 GMT
server
cloudflare
age
8504701
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ8qL%2B%2BQCiheq47KTGTVQo%2F82ASASfaYNzrSFWI30O2oxIq%2B5AvBU35%2F98%2B38kxpxxLEYig2CSlF%2B9zkNIpzTnDJhZ%2B7X6t4VtkBB7fMAPaPX1w%2FOwQfrY2v7m77N2QDBeVuFD3bmd1mPtdO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fadfc1c430746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
jquery.bxslider.min.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a32744fa4707d6ea1ad2b696c644c4f45d327509989b4625b8a980e4a45e271

Request headers

:path
/wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Mar 2021 13:31:40 GMT
server
cloudflare
age
8504277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU4WXR7xkG%2Fww2aU%2FW2sIBqwzjyNqTgq2HOhR%2BSBH9zSoz%2B7PKVcvNP25njhKNxT9Pp2NuWwHVWl%2BdY7hLgZT2H4uA8YOYFUARZ8OBYb60TH%2FPb%2F7X8Z4yvNoVTUIJBtwK%2FEZrDPOp0uKn2V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fadfc1c440746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
navigation.js
xhamestet.com/wp-content/themes/retrotube/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837f1f7050991bb53fb4562af9c14709d00fcad5e590487b229a3000e9bb9c41

Request headers

:path
/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8504277
cf-polished
origSize=4500
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 Mar 2021 13:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJZyGxqnWRVoX7aK9b0Z2zsjqvhxMTaAZfCuWtzZLWiT2g5%2BM2sw5IwcbAeKvMKTlqkL8B6wG10CShUkCF33BPQurwRKWf%2FfhASyI9gk2fbkUodLSxhVDxZyM%2F7yNBALyjdIR%2FUFg4kjqohj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
676fadfc1c450746-FRA
expires
max-age=A10368000, public
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:25 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659565.cds222.fr8.shn,1627659565.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-183538142-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c094d461d97d7042d0e6e3fe5bfe2c472fed99e153ad218b4bf53eb600088041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40468
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Jul 2021 15:39:25 GMT
m5mg.js
xhamestet.com/wp-content/cache/wpfc-minified/jxku7yoy/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/wp-content/cache/wpfc-minified/jxku7yoy/m5mg.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bd7d383d6611c0126226d703f858c271b65b7af67f553590f2f48f5ba000b7

Request headers

:path
/wp-content/cache/wpfc-minified/jxku7yoy/m5mg.js
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8751198
cf-polished
origSize=100894
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 Mar 2021 12:11:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wp01kLJE%2B8F70kzse3LhnVjR06XA15E9fGfpu6pw7f%2BW4HkvdCs4ZkIJCTIvLaBmXfqaioS8s6l6Ln8y0XWeEcSB7Afp8DYoovpnwKYMv7R6sVNyFmAZIzsprMamxLi8%2Bng3jZhq0rRCPdJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
676fadfc1c460746-FRA
expires
max-age=A10368000, public
result
xhamestet.com/cdn-cgi/bm/cv/ 		0
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xhamestet.com/cdn-cgi/bm/cv/result?req_id=676fadfb0f794dd6
Requested by
Host: xhamestet.com
URL: https://xhamestet.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://xhamestet.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37
content-length
424
:path
/cdn-cgi/bm/cv/result?req_id=676fadfb0f794dd6
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jul 2021 15:39:25 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Br6lyrXoCh1eml1GyfN1IHRBZ%2F5tugRTF4etL0HJ54pc2Y8V8yv6QfPL9Te5Jc1nY8LRdp%2FgotuFQHWaTvnMHhO3HPE8YqRe%2BnBLYl7r5kn%2FCDIdKKXv9Ir4y8ZL6hI2L0Cm3QcfsufcZPh"}],"group":"cf-nel","max_age":604800}
set-cookie
__cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; path=/; expires=Fri, 30-Jul-21 16:09:25 GMT; domain=.xhamestet.com; HttpOnly; Secure; SameSite=None
cf-ray
676fadfc8d360746-FRA
cf-request-id
0b99ab11d900000746f505f000000001
adshow.php
poweredby.jads.co/ Frame B395 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 6413 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=921771
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.64 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
e3c59db316ba78080dd2454c2256ae69168ea0c3a85428e1f12a353e851bca50

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=4901dc64bed9a631fa6f610f1beba5fb; expires=Sat, 30-Jul-2022 15:39:26 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps8729=1; expires=Sat, 31-Jul-2021 15:39:27 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEyMDY3OTI7aToxNjI3OTE4NzY2O30%3D; expires=Mon, 02-Aug-2021 15:39:26 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 02-Aug-2021 15:39:26 GMT; Max-Age=259199; domain=juicyads.com
Content-Encoding
gzip
adshow.php
poweredby.jads.co/ Frame A81D 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 23D8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=921772
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.237.64 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
e00e1ffa3511197d8064b92894494f4965be1104e1ab575f2e8f70ff3a663bd5

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=4901dc64bed9a631fa6f610f1beba5fb; expires=Sat, 30-Jul-2022 15:39:26 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps31464=1; expires=Sat, 31-Jul-2021 15:39:27 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEwNzcxNTk7aToxNjI3OTE4NzY2O30%3D; expires=Mon, 02-Aug-2021 15:39:26 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 02-Aug-2021 15:39:26 GMT; Max-Age=259199; domain=juicyads.com
Content-Encoding
gzip
271-1569119960-0638011001569119960.jpg
i.jads.co/network/user4057a/ Frame 6413 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user4057a/271-1569119960-0638011001569119960.jpg
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=921771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
98edbe283e9e9b16c4cb5f960accd5e1601000a4f123087569257a799f5eb008

Request headers

Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:27 GMT
last-modified
Sun, 22 Sep 2019 02:39:20 GMT
etag
"1569119960"
x-hw
1627659567.dop148.fr8.t,1627659567.cds263.fr8.hn,1627659567.cds263.fr8.c
content-type
image/jpeg
cache-control
max-age=17853251
accept-ranges
bytes
content-length
38813
31464-1600089713-0587857001600089713.jpg
i.jads.co/network/user22416/ Frame 23D8 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user22416/31464-1600089713-0587857001600089713.jpg
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=921772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b20251036a3fad45c9310afdbe194e9c6ad624ef745ba78b0b13c41944fdb216

Request headers

Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:27 GMT
last-modified
Mon, 14 Sep 2020 13:21:53 GMT
etag
"1600089713"
x-hw
1627659567.dop148.fr8.t,1627659567.cds263.fr8.hn,1627659567.cds258.fr8.c
content-type
image/jpeg
cache-control
max-age=10198977
accept-ranges
bytes
content-length
92682
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame AFDA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074584&type=300x100&p=https%3A//xhamestet.com/&dt=1627659567952&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a04a94e49b63507df38e1be2016f0f0f442935533bcd425e6024c5e9077e70f9

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d3036cf79.975175381641465830%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659567.cds222.fr8.shn,1627659567.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183538142-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1546
date
Fri, 30 Jul 2021 15:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 30 Jul 2021 17:13:41 GMT
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame F98B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072706&type=900x250&p=https%3A//xhamestet.com/&dt=1627659567961&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a07577e3b340ca6799e99dda61f070b8fd4c221811c64f1cfdae7cf9a379ebdf

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d300b2f30.517445832840225833%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=x%9C%1D%CA%C1%11%800%08%04%C0%5Ex%E3%0C%90%E3%08%B6%E2%A4%12%C7%DE5%EE%7Bo%81%CD%0A%E3%01+%025%E5%BCB%9DQ%D9%A4%95%3A%60K%05c%B4%EF%D6%CCA%B3%AF%F9%DF%98%9D%9C%2A%FB%C9z%5E%B8%91%11%15; expires=Sat, 31 Jul 2021 15:39:28 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659567.cds222.fr8.shn,1627659567.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 8270 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074604&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567973&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff41310e6dbf079d0d68ecb9f20c2bba15680468346b2007b8ee6569bad821b0

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d300d9aa1.295464121176729435%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659567.cds222.fr8.shn,1627659567.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=17992354&t=pageview&_s=1&dl=https%3A%2F%2Fxhamestet.com%2F&ul=en-us&de=UTF-8&dt=Xhamestet%20%7C%20Xhamaster%20Live%20%7C%20Xhamester%20Free%20Porn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1398946539&gjid=1228700214&cid=1935118042.1627659568&tid=UA-183538142-1&_gid=595339774.1627659568&_r=1&gtm=2ou7s0&did=dZTNiMT&z=851419163
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 15:39:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xhamestet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 9812 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074590&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567992&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
be67893e2949a1cdce809d8cc4b78fa44b54ec2f98a8d1ab67160ace4ed24c36

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d30429433.954701752548469552%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:27 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659567.cds222.fr8.shn,1627659567.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 8A32 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072702&type=900x250&p=https%3A//xhamestet.com/&dt=1627659568002&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4938fc17348d3cb1e42f0c735d282c17376f221c1a131ab1dde5c5f6cf56ffcf

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2261041d30186bf9.33332466440823266%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=x%9Cu%CA%CB%0D%80%40%08%05%C0%5E8c%02%EC%E3-%D8%8A%B1%12c%EF%7E%8E%26%CEy%0E%81%D5%0C%E3%02+%02%B3d%DDB%9D1%B3I%9B%EA%80%ED%2A%18%A3%FDi%CD%1C4%BB%9B%BF%8D%D9%C9Ry%9E%7Ccv%FD%C4%F3%02%15%F9%19l; expires=Sat, 31 Jul 2021 15:39:28 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659568.cds222.fr8.shn,1627659568.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 0D80 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074600&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568011&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
718aca1324b9f15a4b2dae85a92d1ed60045631041621673f93319e5af7e0394

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d301d4f16.959997382116545952%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Encoding
gzip
X-HW
1627659565.dop155.fr8.t,1627659568.cds222.fr8.shn,1627659568.cds222.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 340C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074602&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568021&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c90cd714c5d2363194e1b3bc60f7ecf9ea2480904db4136b5de54d64801dcc4

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xhamestet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xhamestet.com/

Response headers

Server
nginx
Date
Fri, 30 Jul 2021 15:39:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261041d3022c2e4.027941511817085073%22%3B%7D; expires=Sun, 30 Jul 2023 15:39:28 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
marathi-xvideo-x-video-mom-son-2021.jpg
xhamestet.com/wp-content/uploads/2021/01/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/01/marathi-xvideo-x-video-mom-son-2021.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5792a93fd648e21873f34a197837e21f3130e8b45e5cfbf679c826a3afda84cd

Request headers

:path
/wp-content/uploads/2021/01/marathi-xvideo-x-video-mom-son-2021.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Jan 2021 13:37:54 GMT
server
cloudflare
age
6558074
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJqd9qALSwcNtuk4%2BRmIXp9mcS72n%2FKKc35%2BJ9RKjGOh6m%2F8kGfAG2bOUZ%2B2C55HZcof2e7IdHN%2FaVPPhZNR41DAgy%2F6YA%2FYaTStFo8mjRNWk5S9PmJQImiMQohxdKOKvBLkXnKpXKvdHnSM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d110746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
yuo-jizz-youjizx-popular-video-400x225.jpg
xhamestet.com/wp-content/uploads/2020/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2020/11/yuo-jizz-youjizx-popular-video-400x225.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f48ebb76f4ae4b36c2739f756628a3134ce031987398d10930184ba87642080b

Request headers

:path
/wp-content/uploads/2020/11/yuo-jizz-youjizx-popular-video-400x225.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
HIT
last-modified
Sat, 21 Nov 2020 09:42:00 GMT
server
cloudflare
age
6745705
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hFqqkwq2A72Zc9uN1W4xrkkwXz2392ysnsdCwbgZW%2FPG8yQucdUO9sah4wMsJoNqWGm%2FZZ3ZBtx5u8Mwc9V7QfESLoDkBDqhoKDNGUnv9FR8sZ2SAr4vHZ18oUkmQvt8MLfyLMJJ%2BtuouSg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d160746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
cae66ee315fd3bc2f84e23488ec88227.15.jpg
img-hw.xvideos-cdn.com/videos/thumbs169lll/ca/e6/6e/cae66ee315fd3bc2f84e23488ec88227/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-hw.xvideos-cdn.com/videos/thumbs169lll/ca/e6/6e/cae66ee315fd3bc2f84e23488ec88227/cae66ee315fd3bc2f84e23488ec88227.15.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x054.map2.ssl.hwcdn.net
Software
/
Resource Hash
a8f0550b1a13b0c1a3840e4884b6c148ab4fe577e112ecdd0082f1e5f5e554ef

Request headers

Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 15:39:28 GMT
Last-Modified
Mon, 10 Feb 2020 13:26:00 GMT
ETag
"1581341160"
X-HW
1627659568.dop213.fr8.t,1627659568.cds143.fr8.shn,1627659568.dop213.fr8.t,1627659568.cds260.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5551251
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35953
british-porn-films-british-asian-porn-must-watch.jpg
xhamestet.com/wp-content/uploads/2021/01/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/01/british-porn-films-british-asian-porn-must-watch.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7a12903d3902a48a98916a5b14191ccdaad1e1aaa5bac503806ec28149cf15

Request headers

:path
/wp-content/uploads/2021/01/british-porn-films-british-asian-porn-must-watch.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2021 17:10:02 GMT
server
cloudflare
age
7942579
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLWdjOAaTNn9eL0Y%2FEyRpH70XvIBDKpQJTX8II3q3AKwSW4mZDaLphsPAOOlUGFGq4fW%2B7Cz6n3KX8Jy6gAxCKo0rlVNFMBITxluCxbeBkedM0w5ICRNYaDOeLLPTxBBvvoB2rFGEMA2LAJV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d1c0746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
curvy-cambodian-chick-maxine-x-uses-her-strapon-to-make-layla-lust-cum.jpg
xhamestet.com/wp-content/uploads/2021/03/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/03/curvy-cambodian-chick-maxine-x-uses-her-strapon-to-make-layla-lust-cum.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dda4e999f7146574230ef2fd93a90676f128073746e91d60c5a88d3a50dfc62

Request headers

:path
/wp-content/uploads/2021/03/curvy-cambodian-chick-maxine-x-uses-her-strapon-to-make-layla-lust-cum.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Mar 2021 01:41:19 GMT
server
cloudflare
age
8379314
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pnil8ga0ix6F7L4TbtPIMusGV2eQH2WZY6DLJbuNzANF0yW7b00xcdn0p5eEfOf%2BZBeyiMt6ZdFyK9QGI2WkRjjy7YLiEthOSdMXGnSVwdMQJsopa9D0C%2FCOrKjdE1nIsowf1gTvsYIPoKa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d200746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
gigi-love-la-animadora-catalana-horny-spanish-cheerleader.jpg
xhamestet.com/wp-content/uploads/2021/01/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/01/gigi-love-la-animadora-catalana-horny-spanish-cheerleader.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef46be2e7598fa1c1f0fd0f226b1898b53aa1a765638ce35cdb49bae64028af

Request headers

:path
/wp-content/uploads/2021/01/gigi-love-la-animadora-catalana-horny-spanish-cheerleader.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Jan 2021 13:54:51 GMT
server
cloudflare
age
7637003
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8WyrZ3B6%2BCPjuRV1BGtqcKrlxMJf1Yi1RAKTt4%2By54wu4de9OyzQjZo5736BJLse0J%2BC0b4Nnv8pvIpVvqXHdjj%2BpZ8%2FTFfmf3lRDmS4UD8G8uWaoWhLBIB4uKbYyfTnhTUZbI798aJjU0%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d210746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
creamy-slut-i-meet-on-xvideos.jpg
xhamestet.com/wp-content/uploads/2021/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/07/creamy-slut-i-meet-on-xvideos.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56289958209d408d14061bc9dae42c4b4f90d7ff2a192491962d3b6ce01488a

Request headers

:path
/wp-content/uploads/2021/07/creamy-slut-i-meet-on-xvideos.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
BYPASS
last-modified
Fri, 30 Jul 2021 11:56:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept,Referer, Accept-Encoding
x-cache
MISS
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BONtFKrjq7dGwNS%2BCxxy6ivBOXNxyg%2FiK12Gg2hcuQELGuTvlciw6DcB5n3EPFZPpnox41rgLtD2E7nctzE1bWdvNahQWBMBF%2F38eav2Iu9bdbxyXavy%2B1bvBWp4FAPiXHLoNxLNhI7vrJwr"}],"group":"cf-nel","max_age":604800}
cache-control
private max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d240746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
love-and-kink-tomy-and-noa-teach-an-unexperienced-couple-about-wife-swapping.jpg
xhamestet.com/wp-content/uploads/2021/07/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/07/love-and-kink-tomy-and-noa-teach-an-unexperienced-couple-about-wife-swapping.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8164c6398f0f79dc4e73cca3a727006442b54a7bc8f38e00ce0d806d5c0f67c

Request headers

:path
/wp-content/uploads/2021/07/love-and-kink-tomy-and-noa-teach-an-unexperienced-couple-about-wife-swapping.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
BYPASS
last-modified
Fri, 30 Jul 2021 05:56:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept,Referer, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW0ZinRle%2FS9UyOkTjalY5T1o2eo62GeTde2bsGZFd5h8hzK2IUUNl5T7G7S6Q7OCFzammYwllZ8inAiHNAvg8E%2FRfrdw3aTOhiHF9C2IIMZ7DiqV745YZSTKxcGakIxlkHrnqC1e9tCTJCQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
private max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d250746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
hollywood-actress-alexandra-daddario-full-nude-scene-hd.jpg
xhamestet.com/wp-content/uploads/2021/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/07/hollywood-actress-alexandra-daddario-full-nude-scene-hd.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df6a80eeaadab763ca15dad8621002c3019abd8997166c26722a195fd5fde34

Request headers

:path
/wp-content/uploads/2021/07/hollywood-actress-alexandra-daddario-full-nude-scene-hd.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
BYPASS
last-modified
Thu, 29 Jul 2021 23:56:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept,Referer, Accept-Encoding
x-cache
MISS
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69HHkyjEt88ZYaqMJOnr1QOEDbWsp%2Bu5lLX2F7WZvAmuY1HNJt7D3YGwobKvnrLVMlVnbUhqZk4zpI8AUcUuIF9x5AeyLy%2FLA7mOiKD1SuJRfgK0cs3VUEZKBEBG9kwC5ValR67%2BtmNvYwIe"}],"group":"cf-nel","max_age":604800}
cache-control
private max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d260746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
stunning-teen-sex-video.jpg
xhamestet.com/wp-content/uploads/2021/07/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhamestet.com/wp-content/uploads/2021/07/stunning-teen-sex-video.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42430b4aa1cd32bb1a1571e15d5f0fba4ce6abc15e3a0d5b323b9cc4d7c687b4

Request headers

:path
/wp-content/uploads/2021/07/stunning-teen-sex-video.jpg
pragma
no-cache
cookie
X_CACHE_KEY=0e3d11f5df408bae5fe10f5bd16dca37; __cf_bm=c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=; _ga=GA1.2.1935118042.1627659568; _gid=GA1.2.595339774.1627659568; _gat_gtag_UA_183538142_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xhamestet.com
referer
https://xhamestet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xhamestet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
cf-cache-status
BYPASS
last-modified
Thu, 29 Jul 2021 17:56:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept,Referer, Accept-Encoding
x-cache
MISS
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BK9oIF%2Bu2FqUPEDqh1bdeSV40pUEfoJX%2BcY%2BA0Rnk6Rp6ufol2gg7b4Z04v7irpOo1xLs8Nz9%2FqenCATlYb%2Fy1HuoTNNQGVsGnMVJHvTUZJvywBeEoG4JibnrdSK%2FmhP5PxG9YonubN%2B9U2"}],"group":"cf-nel","max_age":604800}
cache-control
private max-age=10368000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
676fae0c4d280746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
max-age=A10368000, public
50c9ea3410a5b545dc699ae7bec79c850928ed0b.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 8270 		32 KB
32 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/50c9ea3410a5b545dc699ae7bec79c850928ed0b.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074604&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567973&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
77f07da0da17299f2f44e1fe898bcd4cbd5e24cc82d0531f693924d5f94b69d5

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Thu, 26 Mar 2020 23:15:07 GMT
server
nginx
age
44690
content-type
video/mp4
Content-Range
bytes 0-32605/32606
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
32606
x-llid
c4f160d6e56b34ce69f886a570b417f9
expires
Sat, 30 Jul 2022 03:14:38 GMT
48e9eeb1fb7942ef35e8a18985b58e73096b97e1.mp4
s3t3d2y7.ackcdn.net/library/198318/ Frame F98B 		169 KB
170 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/198318/48e9eeb1fb7942ef35e8a18985b58e73096b97e1.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072706&type=900x250&p=https%3A//xhamestet.com/&dt=1627659567961&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
d9bf407c784829e78a8c9ba7f90d50e9e75548c8ce7f129cda45f57046ea1e5b

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Wed, 10 Jun 2020 17:25:05 GMT
server
nginx
age
71401
content-type
video/mp4
Content-Range
bytes 0-173200/173201
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
173201
x-llid
e9a095f9cecafa3e52c5668ce0bcf580
expires
Fri, 29 Jul 2022 19:49:27 GMT
74fe99d916550f39af0ec17f42364c877b90145a.mp4
s3t3d2y7.ackcdn.net/library/198318/ Frame 8A32 		238 KB
238 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/198318/74fe99d916550f39af0ec17f42364c877b90145a.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4072702&type=900x250&p=https%3A//xhamestet.com/&dt=1627659568002&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
ee6ccc7d02b847b3b61fe4fdc5b95548847a7e687fd565e7a0cf868e3754b947

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Wed, 10 Jun 2020 17:25:05 GMT
server
nginx
age
64274
content-type
video/mp4
Content-Range
bytes 0-243660/243661
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
243661
x-llid
5a70add37ee747a589688f0ee6dc79bb
expires
Fri, 29 Jul 2022 21:48:14 GMT
e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 0D80 		51 KB
51 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074600&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568011&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Thu, 26 Mar 2020 22:21:37 GMT
server
nginx
age
1183
content-type
video/mp4
Content-Range
bytes 0-51899/51900
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
51900
x-llid
f8696c05cf7aef223861ead8077d2de1
expires
Sat, 30 Jul 2022 15:19:45 GMT
50c9ea3410a5b545dc699ae7bec79c850928ed0b.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 340C 		32 KB
32 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/50c9ea3410a5b545dc699ae7bec79c850928ed0b.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074602&type=300x250&p=https%3A//xhamestet.com/&dt=1627659568021&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
77f07da0da17299f2f44e1fe898bcd4cbd5e24cc82d0531f693924d5f94b69d5

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Thu, 26 Mar 2020 23:15:07 GMT
server
nginx
age
44690
content-type
video/mp4
Content-Range
bytes 0-32605/32606
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
32606
x-llid
cd631d041452fbfb3febaa07696ab106
expires
Sat, 30 Jul 2022 03:14:38 GMT
promo.php
promo-bc.com/ Frame B0BF 		147 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-bc.com/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074584&type=300x100&p=https%3A//xhamestet.com/&dt=1627659567952&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
48717b547bbea3af8b834fcb6a8a12e096252bdf95de3648f1696c2b6dedb9a5
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
promo-bc.com
:scheme
https
:path
/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.realsrv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.realsrv.com/

Response headers

server
nginx
date
Fri, 30 Jul 2021 15:39:29 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Fri, 30 Jul 2021 15:39:28 GMT
cache-control
no-cache public
x-bcs
ded7724
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 9812 		51 KB
51 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4074590&type=300x250&p=https%3A//xhamestet.com/&dt=1627659567992&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
last-modified
Thu, 26 Mar 2020 22:21:37 GMT
server
nginx
age
1183
content-type
video/mp4
Content-Range
bytes 0-51899/51900
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
51900
x-llid
7f1bb54d4aa9443a5d5276b45ce12c51
expires
Sat, 30 Jul 2022 15:19:45 GMT
jquery.tools.min.js
i.bcprm.com/dynamic_banner/ Frame B0BF 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bcprm.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.39 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 15:39:28 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-39029-h-0-0---;11002-14-8230----0-1-0
expires
Sat, 14 Nov 2020 07:18:40 GMT
7cc8954eeeff91547cc7fc7f0978ae18_thumb_medium.jpg
i.bimbolive.com/05a/136/32a/ Frame B0BF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/05a/136/32a/7cc8954eeeff91547cc7fc7f0978ae18_thumb_medium.jpg
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-30-23-conversasro.com
Software
cloudflare /
Resource Hash
7955dca446df53f832ec429c1402930de60b42504ec9f24fa018f8a973a4b2f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Fri, 30 Jul 2021 15:39:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2259246
vary
Accept-Encoding
content-length
8651
last-modified
Wed, 02 Jun 2021 18:33:01 GMT
server
cloudflare
etag
"60b7cedd-21cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-o1-p5
EXPIRED
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 03 Aug 2021 12:05:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
676fae0ebd9a0b63-AMS
cf-bgj
h2pri
8845ebc0aef4e6eb1de80973ee7efb3b_thumb_medium.jpg
i.bimbolive.com/064/1d7/33b/ Frame B0BF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/064/1d7/33b/8845ebc0aef4e6eb1de80973ee7efb3b_thumb_medium.jpg
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodbPHNLPHNdHNRW7Tf51MtlNVtLqZbbK6pqHSuollVNLK6qW11Mzp3UyuldK6V1lMzp7ZZba7HT2yy211uldK6d07pXSumdK6V0znV78Z0T0Uay8XVbZ167V7Vz0S1y5577abulcrrP_cptzR6h_dNXLKqaeWVzpXSuldbc6V0rpXSumcH2&subid2=4074584&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-30-23-conversasro.com
Software
cloudflare /
Resource Hash
423878d4ce39077704f7c2d73b080113abb443b6c2cd6ec264be49af50545423
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Fri, 30 Jul 2021 15:39:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
184962
x-o1-p6
EXPIRED
vary
Accept-Encoding
content-length
13140
last-modified
Mon, 07 Jun 2021 22:16:48 GMT
server
cloudflare
etag
"60be9ad0-3354"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 07 Aug 2021 07:45:02 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
676fae0efddf0b63-AMS
cf-bgj
h2pri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=921771
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=921772

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| a0_0x433e function| a0_0x3d7e object| adsbyjuicy object| __CF$cv$params object| __cfQR function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz undefined| $ function| jQuery function| gtag object| dataLayer string| ad_idzone string| ad_width string| ad_height object| google_tag_manager object| exoDynamicParams string| exoDocumentProtocol object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _extends function| _typeof object| lazyLoad function| LazyLoad object| wpst_ajax_var object| objectL10nMain object| options function| wpst_open_login_dialog function| wpst_close_login_dialog object| wp boolean| __cfRLUnblockHandlers function| multiTg function| resizeFix

2 Cookies

Domain/Path Name / Value
.xhamestet.com/ Name: __cf_bm
Value: c76cd11e8f7ced597d49ec60b89c1f0a61a29c9c-1627659565-1800-Ae/VVrSdP9BOjRMd8N6VAAytma9/5kzCMKAZohIbPvJYb1pfYoj70uD2FGGmi2qkjhgS5qYLxRGNVqEcqKKzxUyx7mZx/PEAFnUpEUHeFy+s4rbvpFwGFKz4ieBrFAp6kBAeqbQ7HxpyItplvNPFwyU=
xhamestet.com/ Name: X_CACHE_KEY
Value: 0e3d11f5df408bae5fe10f5bd16dca37

1 Console Messages

Source Level URL
Text
console-api log URL: https://xhamestet.com/wp-content/cache/wpfc-minified/jxku7yoy/m5mg.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
ajax.cloudflare.com
i.bcprm.com
i.bimbolive.com
i.jads.co
img-hw.xvideos-cdn.com
poweredby.jads.co
promo-bc.com
s3t3d2y7.ackcdn.net
syndication.realsrv.com
www.google-analytics.com
www.googletagmanager.com
xhamestet.com
poweredby.jads.co
185.75.253.87
185.94.237.64
195.85.23.30
2001:4de0:ac19::1:b:1a
209.197.3.84
2606:4700:3032::ac43:bc49
2606:4700::6810:a823
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a02:3d0:621:a000::6
66.254.122.39
69.16.175.42
95.211.229.247
0c90cd714c5d2363194e1b3bc60f7ecf9ea2480904db4136b5de54d64801dcc4
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1f275534748675fbd21af7b0aa00e5e9ea66ce2878731f0c7bde848633311fef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f33fa569f6e052c7481837a6a0d6cb790e21dc1cac270b0e7addf1f05bc5583
30bd7d383d6611c0126226d703f858c271b65b7af67f553590f2f48f5ba000b7
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
423878d4ce39077704f7c2d73b080113abb443b6c2cd6ec264be49af50545423
42430b4aa1cd32bb1a1571e15d5f0fba4ce6abc15e3a0d5b323b9cc4d7c687b4
48717b547bbea3af8b834fcb6a8a12e096252bdf95de3648f1696c2b6dedb9a5
4938fc17348d3cb1e42f0c735d282c17376f221c1a131ab1dde5c5f6cf56ffcf
4e7a12903d3902a48a98916a5b14191ccdaad1e1aaa5bac503806ec28149cf15
5792a93fd648e21873f34a197837e21f3130e8b45e5cfbf679c826a3afda84cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f8a5a2aa4a053bd70bb8af4c22e9cd3850236a5d6700bb3353f9a25187a3e15
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef46be2e7598fa1c1f0fd0f226b1898b53aa1a765638ce35cdb49bae64028af
718aca1324b9f15a4b2dae85a92d1ed60045631041621673f93319e5af7e0394
77f07da0da17299f2f44e1fe898bcd4cbd5e24cc82d0531f693924d5f94b69d5
7955dca446df53f832ec429c1402930de60b42504ec9f24fa018f8a973a4b2f2
7dda4e999f7146574230ef2fd93a90676f128073746e91d60c5a88d3a50dfc62
837f1f7050991bb53fb4562af9c14709d00fcad5e590487b229a3000e9bb9c41
8705088e4a0a75fb421cfc0589fe0d6ac37e00985319f174aa06a83dcb17335f
8df6a80eeaadab763ca15dad8621002c3019abd8997166c26722a195fd5fde34
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
98edbe283e9e9b16c4cb5f960accd5e1601000a4f123087569257a799f5eb008
9a32744fa4707d6ea1ad2b696c644c4f45d327509989b4625b8a980e4a45e271
a04a94e49b63507df38e1be2016f0f0f442935533bcd425e6024c5e9077e70f9
a07577e3b340ca6799e99dda61f070b8fd4c221811c64f1cfdae7cf9a379ebdf
a8f0550b1a13b0c1a3840e4884b6c148ab4fe577e112ecdd0082f1e5f5e554ef
b20251036a3fad45c9310afdbe194e9c6ad624ef745ba78b0b13c41944fdb216
be67893e2949a1cdce809d8cc4b78fa44b54ec2f98a8d1ab67160ace4ed24c36
c094d461d97d7042d0e6e3fe5bfe2c472fed99e153ad218b4bf53eb600088041
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d9bf407c784829e78a8c9ba7f90d50e9e75548c8ce7f129cda45f57046ea1e5b
e00e1ffa3511197d8064b92894494f4965be1104e1ab575f2e8f70ff3a663bd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c59db316ba78080dd2454c2256ae69168ea0c3a85428e1f12a353e851bca50
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e8164c6398f0f79dc4e73cca3a727006442b54a7bc8f38e00ce0d806d5c0f67c
ee6ccc7d02b847b3b61fe4fdc5b95548847a7e687fd565e7a0cf868e3754b947
f48ebb76f4ae4b36c2739f756628a3134ce031987398d10930184ba87642080b
f56289958209d408d14061bc9dae42c4b4f90d7ff2a192491962d3b6ce01488a
f9167451bf568595223935a18e05bba4337b06f6852d927478eb9f67783f84b9
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9
ff41310e6dbf079d0d68ecb9f20c2bba15680468346b2007b8ee6569bad821b0