xfantazy.com Open in urlscan Pro
172.64.97.10  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S252506540%3A1676879099562778&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfXqCCrK3S8PvR6qhw3Dk51sN-Qt2lBm7VCH6TetXTJD6F3oMcuzO-6Qgf-sPjb5JC1CZRAjA

Request Chain 67

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S1762207484%3A1676879099605741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeb70rKpiJ7cJxKsxHFuK2iiTW3y_hk3IK0fetDYJTyNn99DjBBzmuRnXrCpGI_tz9pONA7tA

Request Chain 68

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A595166996128%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A1059716559%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879097&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A595166996128%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A1059716559%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879097&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 69

• https://mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A69987696%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Arqnl%3A1%3Ast%3A1676879097%3At%3A%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A69987696%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Arqnl%3A1%3Ast%3A1676879097%3At%3A%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 86

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9920.xdVG6XafM69qqXzFvKmYcfSlz9BK-nCeSkiOtTkz7WWaX22_pX1pcPr0E3762xFy.eU1FcxRqoGQMYahOxgO5fZSY2xQ%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9920.wbBt613ZkaiOVDBEVQSHG_p_rU2Rp_1FXU2u8Mx5jp9-8wuJ4bNpCf122nVpNMe7Zbfo-dVmJDiEg2Zz_eXzHaDVW8TXY-UR66OwS66M7uVFvvMDzIaIIsiZIIixL_YhkwE_6qqVGneWwhxSgQVgsogJqhUpmFEOAi56XVuD85dB2FG_X5v__ScAU4QQrukF6eVnWywqU3te1vTz_Ki_wEQh-Vwdb2tsoqtvaXRidfU%2C.jNyOoqAHZoum4uCxsTTsdzIH9ZQ%2C

Request Chain 87

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9920.SgzWUiBYilZbk0XN-O2rMImlbPqCpUaclKVkV2ugshfM9Ylp-hSe6iSQzWnAO8KL.K2uYDCGX7XGNlnfTzL0RC1MFcx8%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9920.HKaTGuCfhVbTOj43Cf3oGoLjAKfqLviOUCTw9d4OPJIuQJ3D0s2feLl_YvVPlS9K-Uwmndvzns0BBtEkQ6oMvxzrWOrL85pY0qcRIzNcRHzOEAOWCvIHTuAut7EMcCEtWV-30bjkaOR8SZpkYwW_7-n0Vq6TSXVwW8bdhwW2NhGmqcb1218TySiy6KtAqqxl8kDOkvXIbkwWHvJi8vpERCpxuhLwqly9-f4s6-AmgoA%2C.4Sb7RubElTV5t-qGa3W9iDg6HKE%2C

Request Chain 129

• https://bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RT32scVRS%2BW%2FGhiA8KPhQqjPpgC2U7s7szmaVKbVqraVINTSRPonfuvZMcd3buMHdmJ8lTUJA%2ByYIIvgiTb5sEbRH9A0Sd%2BBbwYX2KyD74D9j64qMyydrVA8P5OYfvnO%2Fcj3fzCbOR8%2BPstt6mKOKX3aZtXVijWOrCWG%2BtWo7dtK9YaxR7nSvWpte5aF1LkkitqWCRsstue67Z9qwLi2%2Bu3l66ZEXUU9YbSvT0Rev6Rqr76rJTN2i6Hd9pOrZtrfCQpzT9D5R87bS8pus2HdtpOq6DzbSEyRswvAE5mLBnQXJ89pe%2FXgSJCnH%2FmxvK9DKdXHq9n0c80ykG8uCduBfrIkZ%2FZoZpA2F8MK2GNmPGPj8DHR9MZ4Me3KuhIaAxa%2Fw%2BQRDvn0JGMBg5jo0ggnYQSIZiUEFFFYhXEPojkNQQEreWEff3bvGEx6cpXqfG7Myvd0HFqY7791d0mAU87lnz89gMS9BmBVqvkOSHyLYZqDiEyD4EyZ%2FZ%2BSsv1T1XdW9Lg2R5MjVRBQorRGoIbhjy%2BiOGPGwgTxroy2OLS0d1HS90vLYnfJ8HgSc7bbfb5UK0vVYbuajBDZElQ4hoCJHuIEl30KMh0vwTkKmQ8xKUlEjMfnfO6c65UOLotXPPr02eDh%2BB07Flh9zvOsoX3Y7tzrleIOZ8IYLAc1tuJ%2BQKAR1dfaXZ%2FuPRZ08gIgbFj75%2FyE4EJi4R5%2BUoTqlEqo7YVEapzI6uPq7aKGEkg8kYBrJEoRgKw1BwhoIYiqwmpNyTkWmZcl9GJg%2BcqW5Ndbsc6Wy93NPZuorZbjJhz5ww86d4Dz11bLUd7rR9z1a%2B35a%2B7zq%2B8lVLOXYndFzZbcHQvxsgcwbcNLBNY%2Fbcbw%2BR1OciP0XAD2GiQwiywPPz4EUJvlFiOy4h9YNA6x6XFDWF7iPJziLbauxGE3buBMerm%2B%2F%2Bb7UiLZGkJT6gnxjWo7ujO7pg9%2B7owrBv304y6tM2z0jHKxnP1JNfLaqtQqdy4YYZfnlN1InafLCqTLbEY0nxumH350lKld7UqVDsuwWzpoLl3GzM52mcJ0vL128u9JNUGUM6rsDrod7%2FEYLG7Cn375M38cLLX4DSCmleop8%2FJgukK4hkByaZxYxmSKOZHyQMRV6O0lYwC9bnEM1YBw9KmP%2F4wczeNT%2FAUInMsH8AAAD%2F%2FwEAAP%2F%2FOXPmNKMEAAA%3D&ap=${AUCTION_PRICE}&l=4028509&sub3=1676879099&pid=91283&sub2=icon&auid=0fa891e8c9405756bc78ccbb65254fae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP 307
• https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5d1700c20dd6305ebc410627 Show response xfantazy.com/video/	156 KB 27 KB	1705ms 1356ms	Document text/html	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 5530163944f0996021c19f2ecdb1e130dcfe31908ef9fbf47b6631772292f338 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 79c59e9b0b022629-NRT content-encoding br content-type text/html; charset=utf-8 date Mon, 20 Feb 2023 07:44:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXu%2FWfi1paH9WtyvRDWAQquhyYtdh%2FJibzX4f0AvX8mNf9sQuL4red7RrE1RrumBFeUJYF%2BaBsl4f5FpQONuC7FQ7%2B8i%2B0SFHOaTfZ9%2FmV9ThdhxsGw%2Bxoycrsz2fXk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Origin x-powered-by Next.js
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	451ms 62ms	Stylesheet text/css	172.217.174.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.174.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s28-in-f10.1e100.net Software ESF / Resource Hash ee9b8d0d8a8a3845d439ea7eaa410db2b33832059d5b0cbc5bf012462f3955be Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 20 Feb 2023 07:44:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 20 Feb 2023 07:44:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Feb 2023 07:44:54 GMT
GET H2	200	video.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	22 KB 8 KB	28ms 18ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/video.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 428aae149aa5dbd066b14288ade16e1eac5cf8b27b365d03789f433953ba3161 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164353 etag W/"597e-185ecc6528a" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA4xxEBAV%2F%2FTd6eVICU9PsvdSR9aouniypV9i38UV0ZNISIg%2B0%2FyMjCge0ikaIDIueETbAhC5yP7cVhmdgulD82%2FJ7VZtdZG8OmQrQbh2K5CTnknrkCNL8aSpBDkKJQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b2c2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	_app.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	132 KB 37 KB	37ms 28ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54e0a7ca5f8f39a1c1e35bf44ef7267a0b442e821d3292b64b7d21b3386e59bf Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 1489778 etag W/"20e2f-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijxxfW2oxD%2FS3vKtV8H6KY%2BZiZ3I71ukWhC6BCDSk4b%2FI3tM8fvODtWHes4HVHD%2FOsYNzPhrG9B9WLKNeSTEhCVpleljhxR5lJmcEDFX5aICuFoRZpUucNy5%2FtC3zTU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b332629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	commons.80405a2d3f491416f5b9.js Show response xfantazy.com/_next/static/chunks/	1 MB 392 KB	46ms 37ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/commons.80405a2d3f491416f5b9.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4259abbcb1d2716c77f3fc11c39eeaf78ca20dc36785a46aa85ccdb6b450a0b0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2164364 cf-polished origSize=1388393 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:05 GMT server cloudflare etag W/"152f69-185ecc5d3ed" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9XXS%2BfekaS0p1AO5qFkHEZQ7ZF9iBhXL6hmz%2Fg3mVryYifblpuFgoypW7GoJttJx0i82MWE5Kjcj%2BxRv8Nh3MvR91ZCKZ7yD42AvEIvPp4iGKQ4DDYzFVwVynucOUo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b342629-NRT
GET H2	200	7.38d845e9473548212694.js Show response xfantazy.com/_next/static/chunks/	38 KB 11 KB	95ms 87ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71fc93dfa1cf93fa8f9c0c845c976013235d620d96d29db9f58cca6af83952ba Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 10 Mar 2022 09:02:10 GMT server cloudflare age 24532038 etag W/"97ba-17f73106e35" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqLg0LMEF8lQzKdnDsmtu9jdwekXoTAazjQshS2CeBvLcDCFo8CfKGrpcInl9ARqCBtzwc1dWwsUOYSyPEbgdXhe%2BP7C0qCn6YbnDSlPsIHQXlHvlyAoThMLQ4cFMC4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b362629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	9.be198c87e436634bf765.js Show response xfantazy.com/_next/static/chunks/	39 KB 11 KB	32ms 25ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b04d9a0fab70ce856636ccb8728008a16355fe74951dce23725e710fb1836f4 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:44 GMT server cloudflare age 7101090 etag W/"9c95-183501608ac" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgdm1Ap%2FIhIiDBRvhxd3Yko3Am20joL%2FW6atiS%2Ff8AILl2kjWw1o10x0eG8hkjaj4YyIEfwMiTSEPLm5mKM2vIg65WmJtwJlDIsMt978Kx%2FNjQVsnWgmJAyovZldF4c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b372629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	16.2fcecc4fbe403da70f1d.js Show response xfantazy.com/_next/static/chunks/	20 KB 7 KB	34ms 28ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3595031ce9f58ed1758ff54c68f4243f3741112c9e4c82a2eb8eea3de2f31979 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 05 Aug 2022 08:43:00 GMT server cloudflare age 15323465 etag W/"4f4a-1826d2c11c0" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhZg9IuWyOs5G2JvpPY5b5LNLvpxX%2BtZyM7zUjyrTiJOEpXEwYoMMqwcViV%2BCQ%2FOGfXJhlw834FY%2FK%2B%2BZctf6MPMDy%2FBjJCFL35nHQmvW%2Fj2%2BmShZFICKxU0MJCxONA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b382629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	59.edff5ae0d8d83054b552.js Show response xfantazy.com/_next/static/chunks/	3 KB 2 KB	29ms 23ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 036661808c9c3aeba760adfc9e75ff7276a1636bcdddf5695d937420d0550f89 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:38 GMT server cloudflare age 7101090 etag W/"c8b-1835015f172" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X83B0RwO69PILxF89YXKtOzB6tep63ajWeETR3N4ytYt3u9m7U57m7dyRHhBloCn%2BTYOyWGiLVYgr1LLK0NIcsUtlL6PvLq7VLRVWAS4EkZd0b2Q4F3qDGLRNGsgFR8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b392629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	47.6c9a4510342e4dd3af77.js Show response xfantazy.com/_next/static/chunks/	2 KB 1 KB	32ms 26ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc49c5221a734035f5bb7a2e5e4d0065f4dcfc33d8eb4b0e927cfd4d3d27d42 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 10 Mar 2022 09:03:00 GMT server cloudflare age 24525326 etag W/"620-17f73112dbd" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FnDFRgYqLAA4CCq%2B3NUKhT508%2FX7%2B5W7HkVCVhxBv6RBr0zWUwbUYitf6SHxbrZEGcjLYMQ%2BKGEouWJAePs1YxaG7ot%2BW1gMLP72FqIcW0X3TafhHbrCVZFwt0EiF4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b3b2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	69.b3ff95d1d1b8e7cf25a2.js Show response xfantazy.com/_next/static/chunks/	2 KB 1 KB	31ms 26ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7126c70abcef790e6f74c6cfff8622335763e7141fef461eeb4bb442b54866a Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:38 GMT server cloudflare age 7101090 etag W/"61c-1835015f17e" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeugoWV1%2FtmViG5r9KAfpDUNR4mVHu18%2F6dFbquP9Ij38M4BTkLq22OqTBj%2F%2FTDzTVzsz2d7DGK2iwB0c8bJnIkdVwCjf5yq34ZhJOp5E5b7gTmQBLPNaro9Z5CZh9s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b3c2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	webpack-f6e00aacd372b5a1ee4b.js Show response xfantazy.com/_next/static/runtime/	12 KB 5 KB	32ms 27ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f15c4e9f110a522d11f742fbcc3baf5e00714edf2318ebe11df972cf12efe1bc Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:09 GMT server cloudflare age 2164364 etag W/"2fb2-185ecc5e0e5" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eo9CnbEhyuOpMIP4Wpmy%2BaJB7eccZX5A934fZ%2Fjb1DML37teW7dGO8GfcszXaUha9WQuPrSjzaBs7GzHCYAZKTWyWFoIjOL4F4jEUG%2FtdKjDjFgDuOknM2nOVkgU7Nk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea39b3d2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main-8daa673a54696bb62abb.js Show response xfantazy.com/_next/static/runtime/	71 KB 25 KB	36ms 32ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2700856b1aaf58e5ff28f5dd5014a1c5300b2afe36bee1b10dede18307372c35 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 10 Mar 2022 09:02:30 GMT server cloudflare age 24525633 etag W/"11cd7-17f7310b881" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSAdxsHf3o9T9H8u4pUVqAIC%2Btt9YWNJqTzwxHk%2FLv0ANNsc07SUt3dCDymDYJ%2By34ZrGiHLlbQKMMyqLoIqtizwlhStVlSB3bbs5HATVC43h10veTP48JXa3adjsqo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea3ab422629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	logo-tv-light.svg xfantazy.com/static/	4 KB 2 KB	23ms 23ms	Image image/svg+xml	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xfantazy.com/static/logo-tv-light.svg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8156ad40b28324a07d6e88e26597079a3f8b991d03bd4efd14fb4353fb77b57 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT last-modified Thu, 26 Jan 2023 06:25:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1173 etag W/"101b-185ecc11f86" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5Gum4oZ8qEaV4D%2FzWoGHDvxoLVpwHHkNeTCka9ERMAAg1XSfd8CvrYtwVC4I%2FFn9iaVwlYQr3LnqJqEIY7dSNb7Y5xdUmTxvKTH%2BdoBcFBOUZvL53F0u4CRCJS9PAA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 79c59ea4ecf62629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/J7ma73Wvm_jk_W_FrQ/w320h240/	17 KB 18 KB	1786ms 964ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/J7ma73Wvm_jk_W_FrQ/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash aa9b8c9d4e19e9cc889266946c385ffda0d7cdf0dc5f1e6f2869db763d798a97 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 17767 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/d-qV6COuyfy4_z7FrA/w320h240/	15 KB 15 KB	1573ms 960ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/d-qV6COuyfy4_z7FrA/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash 38e2fd462ac2d15dceb0eac403210afc21efa138670ac10e04c3211fec9d4e82 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 15359 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cL_F6H-imfju-TWXrg/w320h240/	10 KB 10 KB	1571ms 962ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cL_F6H-imfju-TWXrg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash b5933cca8f1eaec3148b9b811033240a87b4bb638b3f8bc21fd8a51c6e2022f3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 9754 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/Ir6b6Ceizfvoqz3E_w/w320h240/	10 KB 10 KB	1619ms 1010ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/Ir6b6Ceizfvoqz3E_w/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash 725138a22c3333d107126714752f9c803ac81db3ec6a97a89960db8c22ef2023 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 10281 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	149 KB 54 KB	434ms 55ms	Script application/javascript	172.217.174.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.174.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s28-in-f8.1e100.net Software Google Tag Manager / Resource Hash 80ba65efff3e91604096f4e74b586fdbb2671a2c7775aa4a4da973d75949c289 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54764 x-xss-protection 0 last-modified Mon, 20 Feb 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Feb 2023 07:44:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/78f3c686966cb/main/	74 KB 74 KB	1617ms 1010ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/78f3c686966cb/main/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash a5b7a6897e817c63fc584ea7fb57075ccf5f0182fbb11e5e39f846a345229a76 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status MISS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 75535 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	415ms 27ms	Font font/woff2	142.251.42.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f3.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 07:33:58 GMT x-content-type-options nosniff age 346257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 07:33:58 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	412ms 24ms	Font font/woff2	142.251.42.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f3.1e100.net Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 22:57:57 GMT x-content-type-options nosniff age 290818 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 22:57:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	414ms 27ms	Font font/woff2	142.251.42.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f3.1e100.net Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xfantazy.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 01:50:25 GMT x-content-type-options nosniff age 366870 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 01:50:25 GMT
GET H2	200	styles.f80584c6.chunk.css xfantazy.com/_next/static/css/	184 KB 15 KB	37ms 37ms	Stylesheet text/css	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/css/styles.f80584c6.chunk.css Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e62e9737258beadc5240daedfec4789308a08b50aa1eef0e18fe464a6766a9ea Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3151 cf-polished origSize=195904 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:05 GMT server cloudflare etag W/"2fd40-185ecc5d40d" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brqGgEaWdfBWUNsmuCoxizUgLAM2tKA7skLvuT%2FFWXtIEAGBtZwWHYJaXGY1xRgkCsRRF4HQXPRUnKneOnIk4gdbB0b1mYTa9tWxyzfYI8NnFOzhydBP9xd72j6XooU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 79c59ea7aff62629-NRT
GET H2	200	styles.77acb212b856be16971e.js Show response xfantazy.com/_next/static/chunks/	85 B 402 B	22ms 19ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab8620079bb63c3fa28efc23400f1c2f1b57f0c71ff95a22e81e3c69da454b13 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:45 GMT server cloudflare age 7101075 etag W/"55-18350160ab4" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNCqAIV%2FHklWa1TIXttgMpro5R%2FkogalN41rMRw7CvUVlY0JbgeeszbPaWwHblNp8ZzwUXbCPlBPWbBQBWG8Pk%2FXGRhtTFHzh3YJkQJsWKgCASBML9e3mLR8LP5kcAc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59eb04f942629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	242.e6062ff562716b6e41db.js Show response xfantazy.com/_next/static/chunks/	155 KB 38 KB	30ms 28ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21d70a1490b32bb79671d0a0057ab3ff10bed319cc4c455cb6a9d844651a6687 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:56 GMT server cloudflare age 12489220 etag W/"26cdb-1835016374e" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG5BwXUjSQb7mXI06RBHkVNuYkB3QNKWuRHNBwDr0RO%2Bm2rvfuHMhVTjRWPWzOZlpTaOM6PMIlOpIQuRvL5JzqztwgiT55kwmNn7qQLPkPGR233rm8EcfB7DrdPvzhc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59eb04f952629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	51.21792104df3f91cda445.js Show response xfantazy.com/_next/static/chunks/	3 KB 2 KB	27ms 24ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13b652377aae9e51c9d16856996c06aabe956d568dc16714cc14e51a581ddfd3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2097782 etag W/"ce5-185ecc65462" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQs%2FGATZsKosa%2Fb5G4Pp%2FvAAjXVWapP3Aa%2BT1SMX6l5wVMysLPThrRywTVxDJUKN2djd%2BW%2FFx16Ul8Ilaovp%2BZ7%2BzOCrGjo9QZLc6u93QL%2BtRwcYEBudOEPuCSjP7Q4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59eb04f962629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	70.aeba4e9e28ccf1bae13a.js Show response xfantazy.com/_next/static/chunks/	1 KB 1 KB	24ms 23ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/70.aeba4e9e28ccf1bae13a.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/webpack-f6e00aacd372b5a1ee4b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60f90aeed2b4364c0c3e8f6825d475c1a4652c22b759f316bdd3394e5ddd840a Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 18 Sep 2022 10:12:56 GMT server cloudflare age 7101075 etag W/"56d-183501634ea" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=896aW3KI1kMbBo2QEhDBXH33GSPwl%2F5kHYX%2BTQrH66z3Qyd7YKCLAxosM31UTjVz19%2BDGTDCQS6PsIQcMcprUk%2FnLopHk0L6a%2B%2BDzpg6tyzbraTkCngCW9WXQaXPrRc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59eb06fd02629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	login Show response xfantazy.com/api/auth/	2 B 993 B	324ms 324ms	Fetch text/plain	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/auth/login Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 20 Feb 2023 07:44:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWczaq6qcgyT0JF6tpoLFeMqJ3A7vRAZ1d1tzUsD3Ez%2FymiSbvulNGayb2LTBLXABKdXjjE%2FQGE85L56wBi00ovC4U84pKiEfEhbUbfKGJcKIOijvP99Lb7Epvb3gAs%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 79c59ea7f84a2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2
POST H2	200	videoOpened Show response xfantazy.com/api/events/user/	2 B 267 B	432ms 432ms	Fetch text/plain	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/events/user/videoOpened Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 20 Feb 2023 07:44:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUBP2z%2Fxg0obIW2vkDH3D446owO4M7RQ%2FQSKEpa%2BhUSjas8JNmNEeemFxFC2BC1PjuuspMFpfs1E9cWaMgW5nnjBdHsnvKVYT5pk1J8g41XiIjxPJRPfpq%2B4UjK0Bws%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 79c59ea848932629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2
GET H/1.1	200 OK	21fe3950f412e026c33f1b6cee613eba.js Show response skiingsettling.com/21/fe/39/	36 KB 14 KB	823ms 347ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash 5e57a340c589556a4b93a0fcb0bbda50b34fc90e8084a1575372355d7a2b71b3 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:57 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.17.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 3680747562e564d96451904f4d70b2c7 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ Show response d3t87ooo0697p8.cloudfront.net/	369 KB 112 KB	504ms 135ms	Script text/plain	18.65.190.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.190.180 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-190-180.nrt57.r.cloudfront.net Software / Resource Hash 577e70d3e2afa1d377c5c96d36f4c6924084aa5b23bd080bdf946d92eba3d866 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:56 GMT content-encoding gzip via 1.1 180bb14f3969a5383ec3b52ad1ce5ad6.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 114096 x-amz-cf-id NRez44e8HTZWI-W6FS_7-0SedeEdfdGOZk9tl_fDwzkepY9VQtF4pw==
GET H2	200	zRdVuw7.js Show response a.naturalhealthsource.club/	172 KB 53 KB	1081ms 248ms	Script application/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/zRdVuw7.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash 89498b73345eeb0acca52f28fd062b77efa63820b5b3f44186703df24e74a1df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT via 1.1 7759c849c7040f0b6b78f9d2199c04ca.cloudfront.net (CloudFront) x-content-type-options nosniff content-encoding gzip x-amz-cf-pop AMS50-C1 age 8 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 13 Feb 2023 14:35:24 GMT server nginx etag W/"63ea4aac-2af61" vary Accept-Encoding, Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=315360000, public x-amz-cf-id OgXEF1R6JKvBFzSEj3jV-Bhsj336NMwus3TSzVWxBiAeqQTolnZB_Q== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	a2f990f10476061c719d1c1aa3a2ecd2.js Show response exploredefinitely.com/a2/f9/90/	36 KB 14 KB	591ms 199ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/_app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash ab6c6e3f7f640a3ddcb1ccb49805a820e86d53871d4c1d0e2386cd79e3bea85e Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:57 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.17.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 7546673ef4112fe8b890b0adecfc6029 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	invisible.js Show response xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6902	37 KB 15 KB	24ms 22ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676865600 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fe51b25ace0b846f2dd3a40cd161a066a70d2015fe7634518790cc6c7fa701b Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZqglzfAp7ANn9OT5sJ9%2BZky6YeBHc7v8lokC0AtACDmeUIa5kWJ5mDMXLidOmpVxSJoKyQ%2FsUyis0tvkUOZ4SqvAGkLQ%2BoGXCuwnCD2Bg94CeIhuFyGH3%2BbZQx1GZ4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 79c59eb1c9092629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/J7-b6HWgnPrqrm2Q9g/w320h240/	11 KB 11 KB	773ms 482ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/J7-b6HWgnPrqrm2Q9g/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash d387bbe06f5675fdd17d079fe7c2145b8132a17328cc7609087e63f2b227848b Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 11026 expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/png
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JbmR6yenyKvs8GjEqg/w320h240/	19 KB 19 KB	1064ms 773ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JbmR6yenyKvs8GjEqg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash 8483c66d00bcddaddeb8d170b951c95cd17d148c31a233ebac37b1b12b21ee76 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 19006 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	index.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	695 B 674 B	29ms 27ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/index.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 815c730987b8e9975a8cebb8db57ecdaa0eae4f50a8be529b591c992867995da Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164354 etag W/"2b7-185ecc65282" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdVjfUud13mltVArCsz2VLh0ftdYy2vn3jgw0UjzuGx2uJaM1J4mknGSlFAvENrRH41AWnOUzjTiiPjjN%2BeWdWK7POqbwl4sD5OWD9ex3QD1guTWCWnqKDBNIKK9NV8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b22629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	3 KB 2 KB	26ms 23ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/login.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ade1e2eefbbbbf67a351eb847d60ee6f7eca11242a6ad29c88f564ad1b67e41 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164309 etag W/"ba5-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD%2FeeGYGKNJJlBQWZqSaL3cYi%2BWPqDRtfMhrbafjMAvnX2tgKJHXN7%2FHLB0z9kS%2BOsM0OnLsmz31QSbrse1ednzrSY5XNxiEqbHRT%2FDwIXBayXMkX6swEp1YdsL%2FBbs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b32629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	signup.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	3 KB 2 KB	23ms 21ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/signup.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a56beb0ef64e108ae937414a825df3822df8858796abac7d6edfa4a76ddc6b6b Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164354 etag W/"bac-185ecc6528a" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6%2FeDVGdV0B5K3leusjMq9YxjcWr7YNl%2BhIQNGaEf0noatPeugHmTOCscLuXW7LJPSlXSlGOGtOejDjqR7CGJ8QPQGHkBLq71AieNHV1Papt8HGcY84R%2FfOr9Pl1PR0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b42629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	top.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	1 KB 969 B	25ms 23ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/top.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aac0e07b558e2b20dadf9abcda9ddc8177843a086ce65890cde9a858261f7c6c Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164326 etag W/"582-185ecc6528a" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcUd0WaLZe0RgiBwmrTMMMaXOdAl%2BiCvbrvqVUHiJwMqcppOpBHJTjmzWtF3J7g7a9wOFUkh%2B5pQ0IPpt5fjwHTsRdY2usUcYdvl248IlVNzWKFOxWBdgFVsx0V6f%2Fg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b52629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	tags.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	4 KB 2 KB	26ms 24ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/tags.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe3869ee2a238261d1a3d4db775f3247abd2f1794cd6563363f27b0b3a4764e6 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164354 etag W/"f20-185ecc6528a" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bttoZi%2FGbm9ONqvWjfU0bbF8FpkvHRb6GvIKNOnrXMfo2nmO8wDcf6RT3%2FGayLfGknbLPRAC%2FTG5k2tQEu9XE6DDIqBmTkcjqnUs5JFq2ynTLwcdAXUMZ0J%2BHz1ieUs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b72629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	categories.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	9 KB 4 KB	27ms 25ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/categories.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d3422da37398248c0960701300cd0cd9861b53f0d639fdd13d08eb74b22dac0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164289 etag W/"240b-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK18esZWtZl0%2FgIfioTur54LHMhOsAzwg0%2F9eZIhxv6CoAOX0cWSUX2%2FEjA0dfJVUPXLGQC6Umy2O3z%2Fcfip0jH3tYWf3V%2B3eC4sZxx%2BCaX5aZLgk1rekjOrco777y4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b82629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	channels.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	2 KB 1 KB	25ms 24ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/channels.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd20b8232e6823e09372d97b5acf2fb76b8ed4fcee5e328668f985d8fba95d34 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164163 etag W/"975-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dos50OfnMQHnFMwIlJ3Akh59sh5N0zx9WCLM1Ginng3W%2FAdszZZlKpCVG7DsPYWKHsPHSM7bz9q6y9evUAJqNMrxT9GP7fqNXTUCn8LWbqBbrfbspDTNwh5Oq%2ByM8hY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858b92629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	category.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	2 KB 1 KB	26ms 25ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/category.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03201b2abe6b2bb7cde67989ee30139964bd7338315d5b9e2eb883b500b89507 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164325 etag W/"818-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM2E6Gs7%2FXRXKOYFWOdjbglv86X8cDyhJbD9M9D8IhoEWzcUNERXUfhaE4oREjd3Cn5gb7Nbo4JI6s7WhyoZOn2KWlwfpimg6m2aSofhmZjn3fGc2zumEtAfedCU6Uk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858ba2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	tag.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	2 KB 1 KB	27ms 26ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 542bab3842890b12aa349ee86fb89b41237d222e88a2753ec44bab4e90208667 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164355 etag W/"71a-185ecc6528a" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCjVncj7Eb72PTRD%2FXOhJ2CgZdJdLA%2B1jB1uHY%2FIWsf4cxdEfVmjHfDyu9qc4XgV%2B1l09i6o7PsG1pGtlOPHuz4MPTPbV1AjlfPGt3DBc0DBj9QzCEZ7yBBB48yTgeI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858bb2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	channel.js Show response xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/	2 KB 1 KB	28ms 27ms	Script application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/EL4BCXkdtWPhg6C5p-CCd/pages/channel.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf9312c3aa12e8711d1df5a7f5ba7709b135934336cdef666c998a6559f2d499 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/video/5d1700c20dd6305ebc410627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 26 Jan 2023 06:31:38 GMT server cloudflare age 2164298 etag W/"6fe-185ecc65286" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QYUtCsjCM43CgclvEHozYCwnwAHWMsZfTlGHlb5tDJMms0g%2BroCK1RQfTpKt80mO6%2FfgwLIgwyWlNQ77MvfVaUGq6YxRt3v9KmyI2%2BrmPH4vbwOeugpSVBxHUdlR9E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 79c59ea858bc2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JL-TvCX0nq-6-22XrQ/w320h240/	15 KB 15 KB	1013ms 722ms	Image image/jpeg	188.72.235.186 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JL-TvCX0nq-6-22XrQ/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.235.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 1f2-08-d9578-186.webazilla.com Software openresty / Resource Hash 862554351594c7c2e0d8a09ceb3142e03ede722c9e31c521f802c41f8d6f5b66 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:55 GMT server openresty x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 15165 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	458ms 37ms	Script text/javascript	216.58.220.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.220.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s01-in-f142.1e100.net Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 20 Feb 2023 07:35:14 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 583 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 20 Feb 2023 09:35:14 GMT
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	212 KB 84 KB	408ms 29ms	Script application/javascript	151.101.129.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 87ca05a7e60f13e4efd333b5b008b19c73b151ddabb1a73aa69cd88cd6f948bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 20 Feb 2023 07:44:56 GMT x-content-type-options nosniff content-encoding gzip age 22081 x-jsd-version 1.257.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 85751 x-served-by cache-fra-eddf8230060-FRA, cache-nrt-rjtf7700059-NRT x-jsd-version-type version etag W/"34e3a-eIUrj6hD3pmnKAQZCp7YaNtM0Rc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	pica.js xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6902	19 KB 8 KB	22ms 22ms	Other application/javascript	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90a9a91c5c2f20a8710ef8d55b5e321dbb9da300fad2a34a4a491f32ac8f1eeb Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V21SzglihPAkn7vSg4y7V7aX6QPXQk8gF7UxznYjblsnGg0JDYY68igKdSxMD5IEYGtTDIjM9rDeISfX99WlbIcI8dPWwmDWWB6LDkppyWcoMtG0tVMHdfG4uwfcxNk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 79c59eb209442629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	79c59e9b0b022629 Show response xfantazy.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6902	2 B 538 B	43ms 42ms	XHR text/plain	172.64.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/cdn-cgi/challenge-platform/h/g/cv/result/79c59e9b0b022629 Requested by Host: xfantazy.com URL: https://xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676865600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.97.10 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Response headers date Mon, 20 Feb 2023 07:44:56 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFuK3qNxT5xhUw2bgupxYwE3YDNCaBg7izOn%2FDU%2FJRmnTF1CWJyIIkabNrr5IrdONzuqVNJbOJGAHlGJX2cpie4OvQOYXVLyndZ3NYaBe86eLwXnykF5EJ5DQ4OrkAo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 79c59eb3ba7c2629-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 101 KB	123ms 40ms	Fetch binary/octet-stream	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4370 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 20 Feb 2023 06:32:07 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://xfantazy.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy%2BrVqeAbpx2%2F8CFlB%2BRoJNkp29HSOLxnGFfXrZKugWg0pNhR7IGdT1TDjtuvR1I8k2Qq5PM8rxexdf%2FOCXbcP6s3w8z93ely7XtDC1ut%2FGJRpbmR6xFs7mdudS4LGPN"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 79c59eb47d458a48-NRT access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	27 B 348 B	480ms 397ms	Fetch text/plain	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aefbfce905e04ec79011f9c719986e62179a0cb03350593440442bfa37843ba1 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxaMkgl2ocL28YGnq9kCeQQRJR2DlzG7o7q0V0uvQh1AedhMQJpc6N1%2Fe0YhgL%2BBQPSMs3gduI214rW%2FCiD770YSkOuO2Z1OucvbhmHCuhhEs3hI9f0p%2FTztpjjEdY4A"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://xfantazy.com content-type text/plain access-control-allow-credentials true cf-ray 79c59eb47d478a48-NRT access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response sincenturypro.org/	0 488 B	266ms 193ms	XHR text/plain	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/utx?cb=JqXfkc4Hrx3n&top=xfantazy.com&tid=971975 Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:57 GMT via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://xfantazy.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id MAfKiYmk5eiR-bDSsMftNlXGLEvB5AlQzqKTNiNPENuurk1g1yLW9g==
GET H2	200	KwgUOz4RGzQdfgALASQTLjoSBg5uADkDLSgWOCsDMQ4GODAGNAIfDAsXJzYUJwsSFgh7GiQ8MgczAQYCLhckFxQ7CBU0KS0MFjcsFRFENgQ6DD8aFAERFRUfNwwjEjYAIAIwEwIbKTUxLxQVOC50HScjdRARSRkTLhckNS0sHTgSJXsMNDd2ChECGBAUMSc2BHsBF... Show response sincenturypro.org/RkNZcVMnITocbCd+O1cmNC9kVGEAZms3N3U3YUY8KSxpR2pxM2FfMCosLBU1NCw3BX0oJi1UYQB0FiYZARkyRDICED4wMBNzFTg/MnAdHR1jcR8kCzUlGjUGDAocHTUPJAxFCgUwKSQpMmZrNxcVew49EX4UCTAZPAAMICIEOhsUC3QCHTg... Frame AD50	3 KB 2 KB	254ms 197ms	Document text/html	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/RkNZcVMnITocbCd+O1cmNC9kVGEAZms3N3U3YUY8KSxpR2pxM2FfMCosLBU1NCw3BX0oJi1UYQB0FiYZARkyRDICED4wMBNzFTg/MnAdHR1jcR8kCzUlGjUGDAocHTUPJAxFCgUwKSQpMmZrNxcVew49EX4UCTAZPAAMICIEOhsUC3QCHTgVNiU9QRIwGwgzZBMuMT8WLygXEmMxDhAWHikWGAY5By4xPBJ1MBU4BgsPEhY8MAsfMBITcRg7AXURDis4cg8SMBouFzE3ORALbCkVKw0MFzQuEDg3CTQAMDM5EAtsPhA/KwgUOz4RGzQdfgALASQTLjoSBg5uADkDLSgWOCsDMQ4GODAGNAIfDAsXJzYUJwsSFgh7GiQ8MgczAQYCLhckFxQ7CBU0KS0MFjcsFRFENgQ6DD8aFAERFRUfNwwjEjYAIAIwEwIbKTUxLxQVOC50HScjdRARSRkTLhckNS0sHTgSJXsMNDd2ChECGBAUMSc2BHsBFGIlZTMCPCgzZBUwMBoQHmYzBTYYIyQ Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash a7f91803f64ffe1f0b2f03d31ebdd9154ae5c4c0ae9ee1baa0b6b4c37ef9a90c Request headers Referer https://xfantazy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1237 content-type text/html date Mon, 20 Feb 2023 07:44:57 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) x-amz-cf-id yQRfH3I03r5Qo5QqJVy6NpSLR6Sja_M9KRjnXlgVQGyURnPmU_RwLA== x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront
GET H2	200	EWNLIg8hdAkqcgReOR9eLHk2JkUNbkp7E1twKwxzDHEpB1IvBzQUdVlwPhxdPw8iJVIqY0k2UzgGICxXLHw5DGcGRD8fdw9iFHYEOwYsLW9ZeD8bdFxBKx8QA0UVIEZUcCssZFwAFA17BFoMGQMz Show response sincenturypro.org/ek42aTYbLFUECRtzVE9DCCILTAQ8awQvUkk6Dl5ZFSEGXw9NPg5HVRYhQw1QCCFYHRgUK0JMBDwhVSF8SC8GWWIyHFEnVR0fVCxaIH5kWXA5Fn5cYT0PYyx/DQxmJHIVOH8CUjsMZ10PMjZZDXERG1k8dEJ9cCwPPRplLGQyDHA+VwIbVS9... Frame A18B	3 KB 2 KB	237ms 191ms	Document text/html	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/ek42aTYbLFUECRtzVE9DCCILTAQ8awQvUkk6Dl5ZFSEGXw9NPg5HVRYhQw1QCCFYHRgUK0JMBDwhVSF8SC8GWWIyHFEnVR0fVCxaIH5kWXA5Fn5cYT0PYyx/DQxmJHIVOH8CUjsMZ10PMjZZDXERG1k8dEJ9cCwPPRplLGQyDHA+VwIbVS9gIHZgAXspDW4rcywPeyJVOH5SLXczJn4reC4ZZx1wIgtsJlBKDFcoZzMkcCsGOAlxAXUrJlEPVz8EdTsHDiRnL1I8BWEBdSspcyp/ShRxPAcdHmA8dD0LBR1zLX94M1AoC3UrURkhdBFVLw91OHMsfhs4Qh8LeC9hPCYBP2M4CWcQbyMMXhp+Gwt/EWNLIg8hdAkqcgReOR9eLHk2JkUNbkp7E1twKwxzDHEpB1IvBzQUdVlwPhxdPw8iJVIqY0k2UzgGICxXLHw5DGcGRD8fdw9iFHYEOwYsLW9ZeD8bdFxBKx8QA0UVIEZUcCssZFwAFA17BFoMGQMz Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e7e0d2beacf5727ea90208556b420031b8a1d5b5ff4c8f8e41bac134cd230eae Request headers Referer https://xfantazy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1222 content-type text/html date Mon, 20 Feb 2023 07:44:57 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) x-amz-cf-id WBdLswIJgelsJBGX3Lqgs51ZacKkl1ky5dZMby5FIhoZkp-iaUkqhw== x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	104ms 52ms	Fetch binary/octet-stream	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4370 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 20 Feb 2023 06:32:07 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://xfantazy.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivJLAKK0uNoCMBHPKCaNFgI2z6upom%2Fs7shdrdocTaj3tvUDv8IdBCJq4fP5NqvMBVRZ%2Bsnq30z3W%2BEZtpfB%2FBq1hKkSupvjFgHnij7bjAb1baCqAWJ0NMF6QH%2BG%2BjAs"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 79c59eb47d468a48-NRT access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	26 B 368 B	280ms 228ms	Fetch text/plain	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cee778d24f36e8d670858b22ca1ebc87c411eb7cd1f38dd6eeeb549aa704d99 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IE2CaILhaNV1iAe6cq9w7OwI%2F%2BioxQcusir6z7PV3Fos87lJQm6Y0BfR0i9BC65V8qHfZ5m2vaGrXXRPVhX8%2FNvuXy%2F6kEasRLXDXPaL1nKmE4tXwn72nyKTABX6srD"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://xfantazy.com content-type text/plain access-control-allow-credentials true cf-ray 79c59eb47d488a48-NRT access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response sincenturypro.org/	0 488 B	237ms 195ms	XHR text/plain	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/utx?cb=SyxcYBEGQMzG&top=xfantazy.com&tid=962014 Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:57 GMT via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://xfantazy.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id mzXw4Y2gYux_Va_XdyYowRMUYMjdHlo0A-w1-c75X_m_DfaKIKFObQ==
GET H2	200	djYzIR1+JR09G2YnRQ8ZYjYrHi9tITQiKG5SGzo3WgRMKDR4AQsQNXkZRwwiTg Show response sincenturypro.org/dHFJWDQVEyo1CxVMK35BBh10fQYyVHseUEcFcW9bGx55bg1DAXF2VxgePDxSBh4nLBoaFD19BjIeBBx+GhV7MGAsICIKYkQjKxkEBCMLP3YsIyUvYyMzGAF2HzAZGlwHGhsNU1FDCx9dIhULG306NCECczwjBw51NiAFHlMuKQ1ocSczJRV... Frame 09ED	3 KB 2 KB	218ms 189ms	Document text/html	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/dHFJWDQVEyo1CxVMK35BBh10fQYyVHseUEcFcW9bGx55bg1DAXF2VxgePDxSBh4nLBoaFD19BjIeBBx+GhV7MGAsICIKYkQjKxkEBCMLP3YsIyUvYyMzGAF2HzAZGlwHGhsNU1FDCx9dIhULG306NCECczwjBw51NiAFHlMuKQ1ocSczJRVkIh0MEmIyMygJBEE0GD9TFycfDlc8CQAKbCE0GxB2PSYbL24/Mx9hfTAZOh1hJhUfFWJEFAgzfjImCzByMBkiFWxEJBwNWBswERp6JyYuGXAiQCUBciU0JQ1YGzAbCQAuKS4JbCI1HxZ1EzgvCWIDKw9pGSI5Cg12NzIxEVIiJwgVfBwGHxl3MjIeL1cXJwweejUWAwh8NTMMAEMAIh42eSwnHDtxIyciG2EYHggOZT0kCGkMFiAiDm0hQCYOczUnHx4FIQkeCXE3Ihw8czYgEz5mHygLGVgQIh4/djYzIR1+JR09G2YnRQ8ZYjYrHi9tITQiKG5SGzo3WgRMKDR4AQsQNXkZRwwiTg Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash cb716e6cc78dd440540c49447c00690210ab6cf7da6717d882be440b1d84e1f9 Request headers Referer https://xfantazy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1236 content-type text/html date Mon, 20 Feb 2023 07:44:57 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) x-amz-cf-id 80hVbmb3NFLPDbed2c04W3wsil_u1Ghq-NktWxolpN3X303PX4wfCQ== x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront
GET H2	204	eFZJQ3V0RwgTJnxSSlwxNQAMDzF8UF4TLCcORVw0fFFWQ2xwT0xcN3xQXg4yIAZFS2QxFQwWf3BXT0x6dlhIQ3R4U0o oplpectation.xyz/ekJBYXhVfSISRRkvcDIaLBQNNy8eJxs0LhgbFw0QKHMxDCAXC2cVER5/	0 410 B	251ms 203ms	Image text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oplpectation.xyz/ekJBYXhVfSISRRkvcDIaLBQNNy8eJxs0LhgbFw0QKHMxDCAXC2cVER5/eFZJQ3V0RwgTJnxSSlwxNQAMDzF8UF4TLCcORVw0fFFWQ2xwT0xcN3xQXg4yIAZFS2QxFQwWf3BXT0x6dlhIQ3R4U0o Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ji2zfzRAx8i3PPtnsc7%2FQ0bODR%2FqmDLU6chYOdjsXatnDpH5biXbmwiwTxH4oUqPet8aw%2FxCfF04iLAzI00lpfyNfzhOxSH2%2FfWVpY%2F98GKbmvM4o68pUPP%2FXr5%2FyzwJmIi"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59eb85c21807e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	ZG1hVXRn oplpectation.xyz/V2xGVFR4UyUnaRo6KhIBAAMPDQwVBREzDiEIKwIxFStzLA07XGAgPTNRf2NlbltzciQ+CHtnZnEfMjUgIh97ZmRnW2A9OjEDe2VyIVF2em15XWhgciJRd3IgJw0haWVxHDIgOGpdcGNib1t/	0 246 B	220ms 212ms	Image text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oplpectation.xyz/V2xGVFR4UyUnaRo6KhIBAAMPDQwVBREzDiEIKwIxFStzLA07XGAgPTNRf2NlbltzciQ+CHtnZnEfMjUgIh97ZmRnW2A9OjEDe2VyIVF2em15XWhgciJRd3IgJw0haWVxHDIgOGpdcGNib1t/ZG1hVXRn Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA8EvRzj3PM%2B68wHwQTZWdnkq7Kg6LXm8IY7p14mccGk1BhdSDhyGPiWKN8qn%2FFqnsPxU3mYVHQ%2BbIoRDWDW%2FvrpJH7ENl2lGATBQBh3S21USCtOkchpHrudeYgkM0dNGYr0"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59ec1a991807e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	Nnp2cDUZRRUDCFdLNERkWygSKWBaSiAmf1gpGDJhbi08PFFwK1AEXFJHT0cGAk1FVkVfHktBDRAJAhFBQwlLQRNfFBAfCBAMS0EbBlREXgYQD0tBE0IKFxcIB1wGBEFaR0dGAgBCQUkFD0xPRAQ oplpectation.xyz/	0 266 B	218ms 210ms	Image text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oplpectation.xyz/Nnp2cDUZRRUDCFdLNERkWygSKWBaSiAmf1gpGDJhbi08PFFwK1AEXFJHT0cGAk1FVkVfHktBDRAJAhFBQwlLQRNfFBAfCBAMS0EbBlREXgYQD0tBE0IKFxcIB1wGBEFaR0dGAgBCQUkFD0xPRAQ Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IImtx4KMDTF7MtqzOIYfX18fRjTY5bFjcZC9JqxSBOYzo%2BvIGXJxbgOgiKisDcq0hYcb7wCoQGrnbEPLuleeTnT42UpaIXjguaiA738ZdAQXx40f0pIW2ZcLWUfRca%2BXPoBZ"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59ec1a993807e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	/ oplpectation.xyz/SlNMb21lbC8cUB8VFVs4eRUkNTx/Ox0CPy0XITkuEBQZIjcPMGobBC5udVlfemJ4SR0jN3FeSzknLRsYOW59SQQkNSNSSzxufUFefn1/XUN7dTlSXGwnPA4Kd2JqHxk+P3FeW31ldFhUemp6Vlh/	0 248 B	216ms 213ms	Image text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oplpectation.xyz/SlNMb21lbC8cUB8VFVs4eRUkNTx/Ox0CPy0XITkuEBQZIjcPMGobBC5udVlfemJ4SR0jN3FeSzknLRsYOW59SQQkNSNSSzxufUFefn1/XUN7dTlSXGwnPA4Kd2JqHxk+P3FeW31ldFhUemp6Vlh/ Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BnamTUtDrj7H02UrlpvUQyiqrOusWV6qPQq60fonv%2FvZh2y%2Bmm4OGtLCJT1UV39L%2FH6lEI%2FM0hUaV0EGfQyYaxWPIv9gWIBPiVMwwE6tTmp3bqDOWyyI%2BsZS2V1d8vZ8Pcc"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59ec1b996807e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	536ms 185ms	Image text/html	31.13.82.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-nrt1.facebook.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers
GET H2	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/v3/signin/identifier?dsh=S252506540%3A1676879099562778&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...	0 0	64ms 62ms	Image text/html	216.58.220.141 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S252506540%3A1676879099562778&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfXqCCrK3S8PvR6qhw3Dk51sN-Qt2lBm7VCH6TetXTJD6F3oMcuzO-6Qgf-sPjb5JC1CZRAjA Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 216.58.220.141 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s17-in-f13.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Redirect headers date Mon, 20 Feb 2023 07:44:59 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy script-src 'report-sample' 'nonce--FUa8loNrsiMcoGd_BXNVw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 391 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S252506540%3A1676879099562778&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfXqCCrK3S8PvR6qhw3Dk51sN-Qt2lBm7VCH6TetXTJD6F3oMcuzO-6Qgf-sPjb5JC1CZRAjA cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/v3/signin/identifier?dsh=S1762207484%3A1676879099605741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...	0 0	204ms 204ms	Image text/html	216.58.220.141 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S1762207484%3A1676879099605741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeb70rKpiJ7cJxKsxHFuK2iiTW3y_hk3IK0fetDYJTyNn99DjBBzmuRnXrCpGI_tz9pONA7tA Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 216.58.220.141 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s17-in-f13.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Redirect headers date Mon, 20 Feb 2023 07:44:59 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-omWT1S1HGSqogdfvTDSjNg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 397 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S1762207484%3A1676879099605741&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeb70rKpiJ7cJxKsxHFuK2iiTW3y_hk3IK0fetDYJTyNn99DjBBzmuRnXrCpGI_tz9pONA7tA cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Af... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3A...	264 B 356 B	288ms 288ms	XHR application/json	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A595166996128%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A1059716559%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879097&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash b7ad55d3fb70bb4b29a9df8c5fbcd590e967cd6be6b09c6b453f8a39a71f98d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 264 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT Redirect headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A595166996128%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A1059716559%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879097&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/49415098/ Redirect Chain https://mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3... https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu...	447 B 483 B	317ms 315ms	XHR application/json	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A69987696%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Arqnl%3A1%3Ast%3A1676879097%3At%3A%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash e78ea8ed101776030a82bc102f3bb10ed29f7d1b0903661a29169aba162928e5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT Redirect headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A2216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074457%3Aet%3A1676879097%3Ac%3A1%3Arn%3A69987696%3Arqn%3A1%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C342%2C1355%2C463%2C0%2C0%2C%2C304%2C1%2C%2C%2C%2C2472%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Arqnl%3A1%3Ast%3A1676879097%3At%3A%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 190 B	288ms 284ms	Image image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT strict-transport-security max-age=31536000 last-modified Wed, 08 Feb 2023 12:45:24 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "63e36f34-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Mon, 20 Feb 2023 08:44:59 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 344 B	538ms 99ms	XHR text/plain	108.177.125.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-121614197-2&cid=85548224.1676879097&jid=656687590&gjid=916355689&_gid=1904539116.1676879097&_u=YGBAiEABBAAAAEAAI~&z=646534766 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.177.125.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS tp-in-f156.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 20 Feb 2023 07:44:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://xfantazy.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	18ms 14ms	Image image/gif	216.58.220.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=624351139&t=pageview&_s=1&dl=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&ul=en-us&de=UTF-8&dt=%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=656687590&gjid=916355689&cid=85548224.1676879097&tid=UA-121614197-2&_gid=1904539116.1676879097&gtm=45He32f0n81PLKQLTX&z=1439189010 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.220.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s01-in-f142.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 02:05:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 20343 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 91 B	59ms 55ms	Image image/gif	216.58.220.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=624351139&t=pageview&_s=1&dl=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&ul=en-us&de=UTF-8&dt=%5BFC2%20PPV-1058978%5D%2031%E6%AD%B3%E3%82%BB%E3%83%95%E3%83%AC%E7%BE%8E%E9%AD%94%E5%A5%B3%E3%82%B9%E3%83%AC%E3%83%B3%E3%83%80%E3%83%BC%E5%A5%A5%E6%A7%98%E6%97%A0%E7%A0%81%20%E6%B5%81%E5%87%BA%201055427%20%E3%82%92%E7%9F%A5%E3%82%89%E3%81%AA%E3%81%84%E5%A5%B3%E5%84%AA%E3%81%8C%E6%B5%81%E5%87%BA%E3%81%97%E3%81%9F%20-%20XFantazy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAEAAI~&jid=&gjid=&cid=85548224.1676879097&tid=UA-121614197-2&_gid=1904539116.1676879097&gtm=45He32f0n81PLKQLTX&z=1401508405 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.220.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s01-in-f142.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 02:05:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 20343 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	oMDJnd2hTXQkRV0RbA0pRBgBXRlwWWBQYBkAPBhskRUg+GiVdBCINEhZGHRNVABQLFgZXD0ESBlMPVlEJVFBaQ05EQggcVVVcHxIRXUERHBIWRwZKBV9IDhsEURdVMV0eAkJFWBhFDhkMX0UUUloAXBNSWgADV1lYFQElUloARQ4ZXgQXVDVNAgIfQVwZF1-VHCUB... Show response d3t87ooo0697p8.cloudfront.net/ Frame 09ED	833 B 888 B	119ms 118ms	Script text/plain	18.65.190.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t87ooo0697p8.cloudfront.net/oMDJnd2hTXQkRV0RbA0pRBgBXRlwWWBQYBkAPBhskRUg+GiVdBCINEhZGHRNVABQLFgZXD0ESBlMPVlEJVFBaQ05EQggcVVVcHxIRXUERHBIWRwZKBV9IDhsEURdVMV0eAkJFWBhFDhkMX0UUUloAXBNSWgADV1lYFQElUloARQ4ZXgQXVDVNAgIfQVwZF1-VHCUBCCxIfVVAMHhwVACFCWwccVEFNAgJPHABEXwtSWnMXVUcEWVkCUloAVQIUA18bQkVYU1oVGAVVF1UxWQECSUdGBQZfRkYBAldSWgBBBhEJQltCRS4FAVBZWwYUEkpZ Requested by Host: sincenturypro.org URL: https://sincenturypro.org/dHFJWDQVEyo1CxVMK35BBh10fQYyVHseUEcFcW9bGx55bg1DAXF2VxgePDxSBh4nLBoaFD19BjIeBBx+GhV7MGAsICIKYkQjKxkEBCMLP3YsIyUvYyMzGAF2HzAZGlwHGhsNU1FDCx9dIhULG306NCECczwjBw51NiAFHlMuKQ1ocSczJRVkIh0MEmIyMygJBEE0GD9TFycfDlc8CQAKbCE0GxB2PSYbL24/Mx9hfTAZOh1hJhUfFWJEFAgzfjImCzByMBkiFWxEJBwNWBswERp6JyYuGXAiQCUBciU0JQ1YGzAbCQAuKS4JbCI1HxZ1EzgvCWIDKw9pGSI5Cg12NzIxEVIiJwgVfBwGHxl3MjIeL1cXJwweejUWAwh8NTMMAEMAIh42eSwnHDtxIyciG2EYHggOZT0kCGkMFiAiDm0hQCYOczUnHx4FIQkeCXE3Ihw8czYgEz5mHygLGVgQIh4/djYzIR1+JR09G2YnRQ8ZYjYrHi9tITQiKG5SGzo3WgRMKDR4AQsQNXkZRwwiTg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.190.180 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-190-180.nrt57.r.cloudfront.net Software / Resource Hash 963225ac483792f3a1f64dd5b546c63e1a398c622222d3c5b9e33c33f2b30a19 Request headers accept-language jp-JP,jp;q=0.9 Referer https://sincenturypro.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT content-encoding gzip via 1.1 180bb14f3969a5383ec3b52ad1ce5ad6.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 611 x-amz-cf-id 0KuEeXYziXiNEUJ9CUOMHz0FkS9nY2U3wp9e-2XLxhID2ydMqz6ccw==
GET H2	200	QBEeGSIdF1NZC0FDRkV9XkdCU3xeQ0ZbaEJCBQorEQAfTn82R0VcY0NEUB5wQQ Show response d3t87ooo0697p8.cloudfront.net/ocHJ2a00THRgNcgQbElZ0R0FCXH5WGAUEIwBPMDovIkdABQ49HxodGkUoUB83FE9GTSERHBFWaxUcFVZ8VhMSCXBEVAMKcB0dDAIhHBNTWQtFXEZOf0BaAQIjFB0BGGhCQhgfaEJCR1tjQFdFKWhCQgECI0ZGU1gPVUBGE3... Frame A18B	199 B 468 B	121ms 121ms	Script text/plain	18.65.190.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t87ooo0697p8.cloudfront.net/ocHJ2a00THRgNcgQbElZ0R0FCXH5WGAUEIwBPMDovIkdABQ49HxodGkUoUB83FE9GTSERHBFWaxUcFVZ8VhMSCXBEVAMKcB0dDAIhHBNTWQtFXEZOf0BaAQIjFB0BGGhCQhgfaEJCR1tjQFdFKWhCQgECI0ZGU1gPVUBGE3tEW1NZfRECBgcoBxcUACQEV0-QteENFWFh7VUBGQyYYBhsHaEIxU1l9HBsdDmhCQhEOLhsdX05/QBEeGSIdF1NZC0FDRkV9XkdCU3xeQ0ZbaEJCBQorEQAfTn82R0VcY0NEUB5wQQ Requested by Host: sincenturypro.org URL: https://sincenturypro.org/ek42aTYbLFUECRtzVE9DCCILTAQ8awQvUkk6Dl5ZFSEGXw9NPg5HVRYhQw1QCCFYHRgUK0JMBDwhVSF8SC8GWWIyHFEnVR0fVCxaIH5kWXA5Fn5cYT0PYyx/DQxmJHIVOH8CUjsMZ10PMjZZDXERG1k8dEJ9cCwPPRplLGQyDHA+VwIbVS9gIHZgAXspDW4rcywPeyJVOH5SLXczJn4reC4ZZx1wIgtsJlBKDFcoZzMkcCsGOAlxAXUrJlEPVz8EdTsHDiRnL1I8BWEBdSspcyp/ShRxPAcdHmA8dD0LBR1zLX94M1AoC3UrURkhdBFVLw91OHMsfhs4Qh8LeC9hPCYBP2M4CWcQbyMMXhp+Gwt/EWNLIg8hdAkqcgReOR9eLHk2JkUNbkp7E1twKwxzDHEpB1IvBzQUdVlwPhxdPw8iJVIqY0k2UzgGICxXLHw5DGcGRD8fdw9iFHYEOwYsLW9ZeD8bdFxBKx8QA0UVIEZUcCssZFwAFA17BFoMGQMz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.190.180 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-190-180.nrt57.r.cloudfront.net Software / Resource Hash b4be4079f99178d86ff6f58e710823bbee7ae314a9fa8948f7fab6464b65ae9e Request headers accept-language jp-JP,jp;q=0.9 Referer https://sincenturypro.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT content-encoding gzip via 1.1 180bb14f3969a5383ec3b52ad1ce5ad6.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 191 x-amz-cf-id RAYgVQqoKSeDHGp9gRiKBw-2MW4jV5PLcGsq52GfmJT60t8UnX9Qjg==
GET H2	200	DS8WLB8WPAJzCUQqByBeX2ADIFpfd0AvXQB7UmhNEikNc0wMIgMoUAwjAmhMA3sLIUMLKgovHFAAU2AJR3RWZk4LKAIhThFjVH5XFmNUfghSaFZrCiBjVH5OCyhQehxRBEN8CRpwUmccUH-YHPkkOIxErWwkvEmsLJHNVeRdRcEN8CUotDjpUDmNUDRxQdgonUgdj... Show response d3t87ooo0697p8.cloudfront.net/7OWJGZk5aDSgAcU0LIlt3DlN/UXsfCDUJIElfIgU4YCspUzt/ Frame AD50	417 B 608 B	122ms 122ms	Script text/plain	18.65.190.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t87ooo0697p8.cloudfront.net/7OWJGZk5aDSgAcU0LIlt3DlN/UXsfCDUJIElfIgU4YCspUzt/DS8WLB8WPAJzCUQqByBeX2ADIFpfd0AvXQB7UmhNEikNc0wMIgMoUAwjAmhMA3sLIUMLKgovHFAAU2AJR3RWZk4LKAIhThFjVH5XFmNUfghSaFZrCiBjVH5OCyhQehxRBEN8CRpwUmccUH-YHPkkOIxErWwkvEmsLJHNVeRdRcEN8CUotDjpUDmNUDRxQdgonUgdjVH5eByUNIRBHdFYtURApCyscUABXfwlMdkh7DVp3SH8JUmNUfkoDIAc8UEd0IHsKVWhVeB8Xe1c Requested by Host: sincenturypro.org URL: https://sincenturypro.org/RkNZcVMnITocbCd+O1cmNC9kVGEAZms3N3U3YUY8KSxpR2pxM2FfMCosLBU1NCw3BX0oJi1UYQB0FiYZARkyRDICED4wMBNzFTg/MnAdHR1jcR8kCzUlGjUGDAocHTUPJAxFCgUwKSQpMmZrNxcVew49EX4UCTAZPAAMICIEOhsUC3QCHTgVNiU9QRIwGwgzZBMuMT8WLygXEmMxDhAWHikWGAY5By4xPBJ1MBU4BgsPEhY8MAsfMBITcRg7AXURDis4cg8SMBouFzE3ORALbCkVKw0MFzQuEDg3CTQAMDM5EAtsPhA/KwgUOz4RGzQdfgALASQTLjoSBg5uADkDLSgWOCsDMQ4GODAGNAIfDAsXJzYUJwsSFgh7GiQ8MgczAQYCLhckFxQ7CBU0KS0MFjcsFRFENgQ6DD8aFAERFRUfNwwjEjYAIAIwEwIbKTUxLxQVOC50HScjdRARSRkTLhckNS0sHTgSJXsMNDd2ChECGBAUMSc2BHsBFGIlZTMCPCgzZBUwMBoQHmYzBTYYIyQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.190.180 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-190-180.nrt57.r.cloudfront.net Software / Resource Hash c75b49304e8d373abc7c69bc11e9653e20e6f939dc6cf6cad6471d495f4b7f76 Request headers accept-language jp-JP,jp;q=0.9 Referer https://sincenturypro.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:57 GMT content-encoding gzip via 1.1 180bb14f3969a5383ec3b52ad1ce5ad6.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 331 x-amz-cf-id 8rHW-z8mJk1bpTLMQySFh_xDqbL_lECrC6Kao_534eM227g-7kQ2CA==
GET H2	200	sfp.js Show response friendshipmale.com/	83 KB 27 KB	578ms 220ms	Script application/javascript	104.21.234.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://friendshipmale.com/sfp.js Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.93 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT strict-transport-security max-age=0; includeSubdomains content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id 28ee4ee5cb818ac4ab13e2285332c81d last-modified Mon, 20 Feb 2023 07:44:59 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zddR%2F71mJDRRPw7V94aM1kNbCDIKNpQgVGe4U8gzcBvVeb65%2BM68NRgqu0GvKgbNr3J5cRD8%2BOAK%2B%2FEzSS3MEYtGY8mYsCdvQ9TnvCjBsnkQPnU8OsUQ0HYsGmU%2B%2F1QJevGYq2g%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 79c59ec6884bf655-NRT expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stats Show response simplewebanalysis.com/	40 B 288 B	276ms 88ms	XHR text/html	3.1.243.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://simplewebanalysis.com/stats Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.243.3 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-1-243-3.ap-southeast-1.compute.amazonaws.com Software fasthttp / Resource Hash aeabf9587e8305c7a537ab475b4e1145fab650c8ad5a7a8e70aecce714a2ca95 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin https://xfantazy.com date Mon, 20 Feb 2023 07:44:57 GMT access-control-allow-credentials true server fasthttp content-length 40 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	01f75a95a38a8db0a8e82d995253a076.js Show response oxthrilled.com/01/f7/5a/	84 KB 29 KB	192ms 189ms	Script application/javascript	173.233.137.60 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://oxthrilled.com/01/f7/5a/01f75a95a38a8db0a8e82d995253a076.js Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash 050cfed28ca5ffb299c6f86a7b484e68aab00af8103a7df047d881528844a586 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:59 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 343be3ba42934bbd87a27ac7853f25ce Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stats Show response simplewebanalysis.com/	40 B 286 B	203ms 90ms	XHR text/html	3.1.243.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://simplewebanalysis.com/stats Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.243.3 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-1-243-3.ap-southeast-1.compute.amazonaws.com Software fasthttp / Resource Hash ae28b78e14451762f9d903ee09a67ff67a11e1347429dc8268dd4fc54f3331ca Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin https://xfantazy.com date Mon, 20 Feb 2023 07:44:57 GMT access-control-allow-credentials true server fasthttp content-length 40 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	4d0afc2425eea6b0cd5a468c9f8a69ed.js Show response powerpsychopathcounsel.com/4d/0a/fc/	84 KB 29 KB	222ms 222ms	Script application/javascript	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://powerpsychopathcounsel.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash ec48be6ad4277060390404966d2a9906208b5f5584cb528d8c53987189508258 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:59 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 2e75947a89e724bb006ec466dad12464 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H3	200	popunder.gif oplpectation.xyz/	35 B 551 B	28ms 26ms	Image image/gif	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oplpectation.xyz/popunder.gif Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public date Mon, 20 Feb 2023 07:44:59 GMT cf-cache-status HIT last-modified Mon, 20 Feb 2023 01:19:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 23157 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwqNak%2F9YoFNLDAX6JBOeJOF8ztrWo0T%2F9Db%2Bbxao3Iwz8BHjyKQcUX3i4XEAgJBm7teBv9ZXex%2FW4RxY99xoMG5ZwwQ%2BaShiN9TwcWM83awYPznFz1yJuUFA3ZL6tL9lNTK"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 79c59ec4ae8c0ad4-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	sbar.json Show response oxthrilled.com/	6 KB 5 KB	957ms 581ms	XHR text/plain	173.233.137.60 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://oxthrilled.com/sbar.json?key=21fe3950f412e026c33f1b6cee613eba&uuid=3323e3a6-ac54-438c-9866-547bfb2b08b8%3A3%3A1 Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash aec7889a868f3d6b82f07a5f272a3d17900f02db4df696b219330503faadf713 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:58 GMT Custom-Referer https://xfantazy.com Content-Encoding gzip Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://xfantazy.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive X-Request-ID 3d071ff39b8afd26a55df7069f1f1697 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbar.json Show response powerpsychopathcounsel.com/	6 KB 6 KB	952ms 574ms	XHR text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://powerpsychopathcounsel.com/sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2&uuid=8ed21ce8-4404-464e-94bf-8b8b7b82b42f%3A1%3A1 Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash 832a6b8d1c17acf72d4e353c2356647de519f505e012bb13db1e3c552eb839fb Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:44:58 GMT Custom-Referer https://xfantazy.com Content-Encoding gzip Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://xfantazy.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive X-Request-ID daea8d5b67a807376ba01af85a87cd26 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	382499 Show response a.naturalhealthsource.club/api/settings/	33 B 186 B	1157ms 281ms	Fetch application/json	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/settings/382499 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash 72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-origin * date Mon, 20 Feb 2023 07:44:59 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9920.xdVG6XafM69qqXzFvKmYcfSlz9BK-nCeSkiOtTkz7WWaX22_pX1pcPr0E3762xFy.eU1FcxRqoGQMYahOxgO5fZSY2xQ%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9920.wbBt613ZkaiOVDBEVQSHG_p_rU2Rp_1FXU2u8Mx5jp9-8wuJ4bNpCf122nVpNMe7Zbfo-dVmJDiEg2Zz_eXzHaDVW8TXY-UR66OwS66M7uVFvvMDzIaIIsiZIIixL_YhkwE_6qqVG...	43 B 533 B	359ms 359ms	Image image/gif	80.239.201.98 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9920.wbBt613ZkaiOVDBEVQSHG_p_rU2Rp_1FXU2u8Mx5jp9-8wuJ4bNpCf122nVpNMe7Zbfo-dVmJDiEg2Zz_eXzHaDVW8TXY-UR66OwS66M7uVFvvMDzIaIIsiZIIixL_YhkwE_6qqVGneWwhxSgQVgsogJqhUpmFEOAi56XVuD85dB2FG_X5v__ScAU4QQrukF6eVnWywqU3te1vTz_Ki_wEQh-Vwdb2tsoqtvaXRidfU%2C.jNyOoqAHZoum4uCxsTTsdzIH9ZQ%2C Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 80.239.201.98 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS 80-239-201-98.teliacarrier-cust.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9920.wbBt613ZkaiOVDBEVQSHG_p_rU2Rp_1FXU2u8Mx5jp9-8wuJ4bNpCf122nVpNMe7Zbfo-dVmJDiEg2Zz_eXzHaDVW8TXY-UR66OwS66M7uVFvvMDzIaIIsiZIIixL_YhkwE_6qqVGneWwhxSgQVgsogJqhUpmFEOAi56XVuD85dB2FG_X5v__ScAU4QQrukF6eVnWywqU3te1vTz_Ki_wEQh-Vwdb2tsoqtvaXRidfU%2C.jNyOoqAHZoum4uCxsTTsdzIH9ZQ%2C date Mon, 20 Feb 2023 07:45:00 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9920.SgzWUiBYilZbk0XN-O2rMImlbPqCpUaclKVkV2ugshfM9Ylp-hSe6iSQzWnAO8KL.K2uYDCGX7XGNlnfTzL0RC1MFcx8%2C https://mc.yandex.com/sync_cookie_image_decide?token=9920.HKaTGuCfhVbTOj43Cf3oGoLjAKfqLviOUCTw9d4OPJIuQJ3D0s2feLl_YvVPlS9K-Uwmndvzns0BBtEkQ6oMvxzrWOrL85pY0qcRIzNcRHzOEAOWCvIHTuAut7EMcCEtWV-30bjkaOR...	43 B 482 B	291ms 290ms	Image image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9920.HKaTGuCfhVbTOj43Cf3oGoLjAKfqLviOUCTw9d4OPJIuQJ3D0s2feLl_YvVPlS9K-Uwmndvzns0BBtEkQ6oMvxzrWOrL85pY0qcRIzNcRHzOEAOWCvIHTuAut7EMcCEtWV-30bjkaOR8SZpkYwW_7-n0Vq6TSXVwW8bdhwW2NhGmqcb1218TySiy6KtAqqxl8kDOkvXIbkwWHvJi8vpERCpxuhLwqly9-f4s6-AmgoA%2C.4Sb7RubElTV5t-qGa3W9iDg6HKE%2C Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9920.HKaTGuCfhVbTOj43Cf3oGoLjAKfqLviOUCTw9d4OPJIuQJ3D0s2feLl_YvVPlS9K-Uwmndvzns0BBtEkQ6oMvxzrWOrL85pY0qcRIzNcRHzOEAOWCvIHTuAut7EMcCEtWV-30bjkaOR8SZpkYwW_7-n0Vq6TSXVwW8bdhwW2NhGmqcb1218TySiy6KtAqqxl8kDOkvXIbkwWHvJi8vpERCpxuhLwqly9-f4s6-AmgoA%2C.4Sb7RubElTV5t-qGa3W9iDg6HKE%2C date Mon, 20 Feb 2023 07:45:00 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 74 B	289ms 288ms	XHR image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&hittoken=1676879098_8880e0dad94b94d9fb3fb49d180fdb7ecb7113661ee5dfc7158b2ab66b0c7678&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074458%3Aet%3A1676879099%3Ac%3A1%3Arn%3A44404369%3Arqn%3A2%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879099&t=gdpr(14)mc(p-5)clc(0-0-0)rqnt(2)lt(43200)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 74 B	293ms 293ms	XHR image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&hittoken=1676879098_8880e0dad94b94d9fb3fb49d180fdb7ecb7113661ee5dfc7158b2ab66b0c7678&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074458%3Aet%3A1676879099%3Ac%3A1%3Arn%3A635698193%3Arqn%3A3%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879099&t=gdpr(14)mc(p-5)clc(0-0-0)rqnt(3)lt(43200)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 86 B	286ms 286ms	XHR image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&hittoken=1676879098_8880e0dad94b94d9fb3fb49d180fdb7ecb7113661ee5dfc7158b2ab66b0c7678&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074458%3Aet%3A1676879099%3Ac%3A1%3Arn%3A605591790%3Arqn%3A4%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879099&t=gdpr(14)mc(p-5)clc(0-0-0)rqnt(4)lt(43200)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 74 B	294ms 293ms	XHR image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&hittoken=1676879098_8880e0dad94b94d9fb3fb49d180fdb7ecb7113661ee5dfc7158b2ab66b0c7678&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074458%3Aet%3A1676879099%3Ac%3A1%3Arn%3A998844551%3Arqn%3A5%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879099&t=gdpr(14)mc(p-5)clc(0-0-0)rqnt(5)lt(43200)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 74 B	295ms 294ms	XHR image/gif	87.250.250.119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&charset=utf-8&hittoken=1676879098_8880e0dad94b94d9fb3fb49d180fdb7ecb7113661ee5dfc7158b2ab66b0c7678&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A170296634005%3Ahid%3A902328161%3Az%3A0%3Ai%3A20230220074458%3Aet%3A1676879099%3Ac%3A1%3Arn%3A942586425%3Arqn%3A6%3Au%3A1676879097504315488%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1676879092597%3Ast%3A1676879099&t=gdpr(14)mc(p-5)clc(0-0-0)rqnt(6)lt(43200)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 20 Feb 2023 07:44:58 GMT strict-transport-security max-age=31536000 last-modified Mon, 20-Feb-2023 07:44:58 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 20-Feb-2023 07:44:58 GMT
GET H2	200	index.html Show response cdn.yourwebbars.com/sb/interstitial/software/flashPlayer/multi/1/	3 KB 1 KB	372ms 20ms	XHR text/html	104.26.6.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.yourwebbars.com/sb/interstitial/software/flashPlayer/multi/1/index.html Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bad34e2357c5029f91c2958cbf49a8a8aac18dd66c5eb82c39508d436acf3e5 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 26 Aug 2022 14:19:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 496971 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQCfhf9enxMlg9MusraoI2Z5sHTqfBEqHh3Yjy6EyBcseB58g1jCzWPsQqFsHARy%2BjMgCoOp0I3Vro8i7qpTbsNgIIBJTjmQISR39l7vvzW3kLXkCvARbNY%2BH603p80%2Fg6rEJK4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec17ce93511-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	ren.gif oxthrilled.com/	7 B 641 B	183ms 183ms	Image image/gif	173.233.137.60 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://oxthrilled.com/ren.gif?sid=H4sIAAAAAAAC%2F1xST4gcxReuTn4%2FNQRBvSkqrSaYQHa2%2F0x3ZoiyZPPH%2FDUhWdlzVXX1bmVqupqq7unNEjAmIEERNqCgt95vNgkmIubmRQiznhxQnBx0RfaQg5CzB8GTzO5gwHf5Hu979ajve%2B%2FD1XKTeCjpRnFWL0ul6HTU8Nx98zJLdGXdd%2Bdc32t4h9x5mcXNQ%2B5S3NzvHs5zJeYFOy2L6Sg82Ahjd9%2FpE3NnzxxwlewI9x3BO3q%2Fe2TR6K6Y9scDGlGz5Td8z3Mv0pQaOXkHmX%2FtB3Ejihq%2B5zf8yMeS%2BW%2FFlg4sdZD0NskLkMlo18O%2FXofkA2Tdb44K2yl0fuBYt1S00Aa95M57WSfTVYbukzQ1DtLszqQb2o4I%2BXwHdHZnohS6tzb%2BKJgcEefRJlh2e1sAWK%2Fv%2Bx6YwqUcLCGoegMINYCkA3B9HTLR4AlOnUfWvXWK5jTbpuiYGpEdv92ArLYx6967qNOC0azjzs5iKa0hlwaQCwPk5TqK5V2Q1Tp4cQ0y%2BZG8fOiN8cw53bmsIZONPWEYhCKk8RTlUXOqGbb4VLsVx1NR8yBLWcC8FmttWSPlADIdQIkVULsTpXVQSgdl6qDMHXSTDZcmvmj7cerHYcxbLcpYnDTDqN2mnIdxEKLkYwUrKPIVcLUCbq4iN1fRkTdHhFxbgykfwC7WsIkDWxD0khqVIKgsQUUJKklQFWPH6luJsoGtbyfKlsyfYDDBsO7rYmGV3tLFgsjIar5Jnh975zz7%2FpvoiA038FMRtiMvbfqB8IKYh2Hqs5gLEfuhYBRW1pB2B6h1sCxH5NVoN3I5Is%2FMPACj67BqHVw%2BB1q%2BAlr1DwYe6GK%2F2fKwnH2b0aI0VC0KqopFq0vDRYOrkiHRNfLifyguO6tqk7y4tc%2B386ch%2BHDm8R%2Fn5n5%2BrMBNjdzUuCS%2FJ1hQN%2FoXdEXWLujKkvvn8kJ25TItpM4uFrQQ%2F797WlyutElOHrUrXx7mY2KcfjUnbHGGZonMFiy5NyuTRJjj2nBBvjtp5wU7X9rF2dJkZX7m%2FJHjJ7u5EdZKnQ1Axxcb%2FwouR2T3W8e2Lvi1VgppBjBljW45JJOA1Ovg%2BVXYfDjzy4mfrtwtP4LVBEY96WG5g6qs%2ByZgT4pKjsjeLx5BieHMlemXfrj%2F6SegrIYVw5nfPz7y2QdP7QUT%2F5qyam9gwTigxXVk3Ro9U6OnalC1Alvu7Be5Gc48DLcCTDl9poyzxpRRN7cNtnLD9WkqEj8NvER4LGy3W%2B0oEF7CRcuPmk0WorAj%2Fueev%2F8BAAD%2F%2FwEAAP%2F%2FHEXwiMUEAAA%3D Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:00 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID 174d89c94681510e4a37072deba1aed2 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	index.html Show response cdn.yourwebbars.com/sb/interstitial/software/flashPlayer/multi/1/	3 KB 994 B	300ms 23ms	XHR text/html	104.26.6.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.yourwebbars.com/sb/interstitial/software/flashPlayer/multi/1/index.html Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bad34e2357c5029f91c2958cbf49a8a8aac18dd66c5eb82c39508d436acf3e5 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 26 Aug 2022 14:19:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 496971 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v25V9ycFabfbxWCL2U0EbHciB9zeADhDWXeSnxlfLBP2lHTa1g3n1hwxrYHzSmAlo4ylx45Pke4Sj51md53Dg%2FfzVLaXTRlC8%2FtFbSCc6y8b3xiQcE461jII9Jpz3J81WWaK4e0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec17ceb3511-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	ren.gif powerpsychopathcounsel.com/	7 B 641 B	185ms 185ms	Image image/gif	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSX2gc1Re%2Bk99PodoHFV9EhUErtNhs5s7ObnapEJrW1vSPljaS5%2FtvktudnTvcO7OTBITaghZ8SVHBx8m3aUNtEX3wpSDIRp8CQrdPEQlYRN988UHwRdlkMeCB4TtzvnMP5%2Fvu%2FWC92CUBCraTXzSrOknYVKMW%2BEcXdCpN6fy3530a1IIT%2FoJOm9EJf7kZHfNPZlmiFhQ%2Fr%2FOpRn26Vm%2F6R8%2B%2FNX%2FxwnE%2F0R3ln1WiY475p5as6aopOhpQa0QtWqNB4F9hMbN6fA46%2B4KGzVqjUaMBrdEGxbL9b8UVHhzzIHu75DloOTz06M9XoMUAaffL08p1cpMdf7NbJCw3Fj25%2BW7aSU2ZonuQxtZDnG6Ou2HckJDPJmDSzbFSmN7GaFFwPSTe413w9M6%2BAPBen9IAPMHVDFwSlL0BVDKAZgMIcwNaGgiJc5eQdm%2BfYxlL9yk2ooZk4seb0OU%2Bpt17V0ycc5Z2%2FNlZLMcV9PIAenGArNhCvnoIutyCyK9Dyx%2FISydeHc2cN50VAy13jrSUDKlQrckoCqLJqBmpyXbE48kWb%2FFp3gp5FMZ71mg9gI4HSNQamPNQjD7toYg9FJmHrtzxmaSqTZsxbdabotVinDdlVG%2B020yIejOsoxAjBWvIszWIZA3CXkNmr6Gjbw0Jub4BW3wLt1TBSQ8uJ%2BjJCqUiKB1ByQhKTVDmI8eq2zJxoavuyMQVnI4xHGO96pt8cZ3dNvmiSsl6tkue3fPu98MP0FE7PgvjdjuIaRBNN4MmFdO0LamgjNVZqIQM4XQF7Sb2tK7qIXn%2BxcfIRlf53t%2FgbAsu2YLQz4AVL4OV%2FekwAFvqR60Aq%2Bn95ZilOVtdqQnThTQVsvz%2FyFe89WSXvLC3xxtffw8ltmd%2BeXj97sdP%2FwxhK2S2wlX9HcFicrN%2F2ZRk47IpHfnqnSzXXb3Kcm3SKznL1ROfn1crpbFy7rRbu3tSjIhRen9eufwCS6VOFx25N6ulVPaMsUKRb%2BbcguKXCrc0W9i0yC5cOnVmrptZ5Zw26QBMPzz7CYQekqd%2BW957s%2F6xKWg7gC0qdIttMg5oswWRXYPLtmd%2B%2BujUp%2B8%2F%2BRqcIbDJQQ%2FPPJRF1bchPygmmiBRB%2F%2BMV3Bqe%2BbXD1%2BfODz3AFz9a8e6u4lF64HlN5B2K%2FRshV5SgSVrcMX%2F%2Bnlmt2ce1fcCPPH6PLHeBk9scmvfWqd3fMpiJWkcBlIFvN5ut9qNUAVSqBZtRBGvI3dD8ceRv%2F4BAAD%2F%2FwEAAP%2F%2F653Iu7MEAAA%3D Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:00 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID 660f5d6ab359fff3baf2bebf8ee77f86 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	382499 Show response a.naturalhealthsource.club/api/spots/	862 B 738 B	245ms 245ms	Script text/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/spots/382499?host=xfantazy.com&ev=205&wh=1200&ww=1600&uuid=&i=1 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash d820c6774817aea8db1c8b6ada97746dfd7ed70ebd19507b608be84c97ec8628 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	391865 Show response a.naturalhealthsource.club/api/spots/	861 B 737 B	449ms 449ms	Script text/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/spots/391865?host=xfantazy.com&ev=205&wh=1200&ww=1600&uuid=&i=1 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash 14c03211527582bd9463fb19590dcc7a65d9e3eaea3a8aa6d80a424c2476403f Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	391866 Show response a.naturalhealthsource.club/api/spots/	861 B 737 B	449ms 449ms	Script text/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/spots/391866?host=xfantazy.com&ev=205&wh=1200&ww=1600&uuid=&i=1 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash d73d9f8f008b05e346cccde6b8051af7862f7321f2d4d5cc43c742ba6e95ff3a Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	391868 Show response a.naturalhealthsource.club/api/spots/	863 B 738 B	445ms 445ms	Script text/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/spots/391868?host=xfantazy.com&ev=205&wh=1200&ww=1600&uuid=&i=1 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash af2ac39eb04a31ddc5a5b18b47acfcbdaaa70e770a072784a37335a2a64e38de Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	406857 Show response a.naturalhealthsource.club/api/spots/	862 B 738 B	443ms 443ms	Script text/javascript	142.132.196.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.naturalhealthsource.club/api/spots/406857?host=xfantazy.com&ev=205&wh=1200&ww=1600&uuid=&i=1 Requested by Host: a.naturalhealthsource.club URL: https://a.naturalhealthsource.club/zRdVuw7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.132.196.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.196.132.142.clients.your-server.de Software nginx / Resource Hash 728c511990830925b3349b41eb98a194365f42ecab5747efaa107d743a14fb46 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cache-control private content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	animate.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/	77 KB 5 KB	381ms 21ms	XHR text/css	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/animate.css Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1489640 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:34 GMT server cloudflare etag W/"6308d676-13591" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GxvhTzMR0Yd932AUxllHCI26dRcILopDkn7GyO%2Franfy87WnqSYT91dnghag3YxoNmje98QqiYrDagJMpGGMpbxA%2BTDC0eRYFqdyp0JsO8F1K1PC9iyFnRAmjhAUEv4RQRsyrPptrYk"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec40ff73bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/	4 KB 2 KB	378ms 19ms	XHR text/css	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/style.css Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7660de1e6ffc65ce54ed32f29c61422fe54001ad8faec8e682109a0efeae911 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8273183 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:33 GMT server cloudflare etag W/"6308d675-ff3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mvkBY9q0YRPOfvq0loFl%2BD0p3NbW77%2FjyzFQzwdkvugTdMXu8umckgu37e%2FKjZ%2FkwmAuTSEeR846HzBUxi%2BMMOSF38w1sVs9coSqrFJc%2BWGsfflXO2%2BIieI2WUCNaHdMGZPq5avY6kY"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec41ff83bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls powerpsychopathcounsel.com/pixel/	0 469 B	185ms 185ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmulti%2F1%2Findex.html&l=2946&fd=373.8999996185303 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:00 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	animate.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/	77 KB 5 KB	366ms 23ms	XHR text/css	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/animate.css Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1489640 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:34 GMT server cloudflare etag W/"6308d676-13591" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHkwNTq3cAQK%2Bl%2B88UP2pBEB8z1EAgD0jSViA7apRHdgfO%2Fp%2FKgoR5moq4k7zoB59jJZHMJ3AXv6iD%2BgccJmVqttjKT1m1G%2BQ1zJVQH4MH88z9iAHxNcGUqP1xwl9W4Os6DEFKW8%2FV%2Bm"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec41ff93bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style.css Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/	4 KB 1 KB	368ms 25ms	XHR text/css	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/css/style.css Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7660de1e6ffc65ce54ed32f29c61422fe54001ad8faec8e682109a0efeae911 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8273183 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:33 GMT server cloudflare etag W/"6308d675-ff3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=favbCVrUGkJTieEJ11ifcPa5zpQS3sLzwmSuQuzJUICJ0Gym6BLxL3HaLkfO8CMDMUScu%2FtxvbZX8XWHCA%2FGoIVxVRehegnSjRmtcyyQZqFaEXqHVgJWR%2BgE5u%2F8gSVoh9HTdOvPTw4Q"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ec41ffb3bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	close.svg cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/ Frame 6D00	1 KB 1 KB	664ms 24ms	Image image/svg+xml	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/close.svg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7993615cd83103e693c812f8d32d348956dd02096c82bc1fcb32b613722c8614 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358244 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:36 GMT server cloudflare etag W/"6308d678-4fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLD59dNxjkRBxnxkZ%2BxDNVoDxFAfK4tnq%2BSYegW9rj%2BzQgZnSiY0vgcJkpGhIplqrxKJPp0%2FnFicnZfaytj9UK8aWuUf5eU0r8ZmMVVeCtRt2%2BzKrvs4rcmRFk7rnuz%2FOC1dmB4wsA%2F8"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecd38d9f5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	icon.png cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/ Frame 6D00	9 KB 9 KB	662ms 27ms	Image image/png	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/icon.png Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 926ced13c6d1f8812977bd0b6402f121696b33ac42ecacd3f8ba07f13552a65a Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358244 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9298 last-modified Fri, 26 Aug 2022 14:19:35 GMT server cloudflare etag "6308d677-2452" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtdAqMNS2iYgTwRgrx6OP%2F%2FG0zIQydsDrA4jAZjp9OIsrlp3wDFoh3TmsQ%2B3Aag7DH2BRDXmq0CeTuRCsGqYZy2TluksRLvUhD%2FWiMMW2o%2FBNOwEMmdFYW2AQ6ORolgLxppR0ag9Acm4"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 accept-ranges bytes cf-ray 79c59ecd38daf5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.2.1.min.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/ Frame 6D00	127 KB 37 KB	429ms 34ms	Script application/javascript	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/jquery-3.2.1.min.js Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358244 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:38 GMT server cloudflare etag W/"6308d67a-1fa27" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKBExi%2B423YI7%2FV8BKp67jotZq6896RU6c%2Fk9714VLUoGPCPWvSvnqNSbV6pj9CMyiDUD%2F8SEvRhUYx5af53IjV%2FBPNjLLMRuJf58QpDdTZbBflvLHVP42nQVTgWmo0un7tIO0aQZ0MR"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecd38e1f5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	close.svg cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/ Frame 31D3	1 KB 852 B	424ms 29ms	Image image/svg+xml	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/close.svg Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7993615cd83103e693c812f8d32d348956dd02096c82bc1fcb32b613722c8614 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358244 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:36 GMT server cloudflare etag W/"6308d678-4fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FCjrrjAYL0YQTHvKFCc9TM%2BuchaKjKVmu0p5useTht2%2FQ460L9mZ%2BLqSV3wQVPvXVCg9DuTY3FPAhs4YCeLFlPrHvDVmVDjBXMaDjvieHToLqR8VwHWd6sHLr6MQMWyiz7Q90dlU9pr"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecd38dcf5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	icon.png cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/ Frame 31D3	9 KB 9 KB	425ms 31ms	Image image/png	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/img/icon.png Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 926ced13c6d1f8812977bd0b6402f121696b33ac42ecacd3f8ba07f13552a65a Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:00 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358244 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9298 last-modified Fri, 26 Aug 2022 14:19:35 GMT server cloudflare etag "6308d677-2452" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0oye%2Fnz8%2FWimUjlQeHQFc4S3jxjshFN9p0vIlHoGjiG6FRbX6QdtwIFxP8SzDQDrw1jTpG%2BA2S7J1YwY%2BHscegevCNDFmuu04t%2B7dP3Fmn8v2MOrK6EyE%2F2txlNAAcu9A3wjQzngcVE"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 accept-ranges bytes cf-ray 79c59ecd38def5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.2.1.min.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/ Frame 31D3	127 KB 37 KB	436ms 42ms	Script application/javascript	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/jquery-3.2.1.min.js Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8358245 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:38 GMT server cloudflare etag W/"6308d67a-1fa27" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrzLDqheAhg3rozBk1CAmmmd2SaX86UMjAupUa5KxfoWyD2esTte2nJqcG%2Fl8litzfZm9371sUHukt6CUVil2vBPQVXqUbi%2B2gQE%2F2N96b%2B2KPD3OYfNGCi9%2B7QIBv1FfYoVv4RS4KTl"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecd38ddf5c4-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls powerpsychopathcounsel.com/pixel/	0 469 B	184ms 183ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4083&fd=380.40000009536743 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:00 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbls powerpsychopathcounsel.com/pixel/	0 469 B	370ms 184ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=388.19999980926514 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
POST H3	204	dTF5STNaDho6DixlOzt8MGcgCnVBfR0fajJmODFLI3AdL3BGeF89WhEMQH4CTAZMb0McVUR6AVNCDShHAEJEewNFBl8gXRNeRHgVAwxJZwpbAFd9FQAMSH0KQwBNewdGBEx+BkQCQG9HBVAedAJTQQ09X0gAT34FTQZAeQpMB019 oplpectation.xyz/	0 390 B	216ms 212ms	Ping text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oplpectation.xyz/dTF5STNaDho6DixlOzt8MGcgCnVBfR0fajJmODFLI3AdL3BGeF89WhEMQH4CTAZMb0McVUR6AVNCDShHAEJEewNFBl8gXRNeRHgVAwxJZwpbAFd9FQAMSH0KQwBNewdGBEx+BkQCQG9HBVAedAJTQQ09X0gAT34FTQZAeQpMB019 Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVbNG1VNlJrWGHZ0qe3QjvAwNtxX950o0LMF4hMs2cdP7rZ466gZHevENP4tudUda20eFJ%2FBVoNtKFEA6%2Ff8WpZ7QpGoWS4JkX2gyjFGje8tCzoqRWhVM1O8BzvAB8fLDjq0"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59ecd6b3f0ad4-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater Show response sincenturypro.org/	6 KB 4 KB	485ms 483ms	XHR text/plain	13.225.183.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sincenturypro.org/floater?cs=V0h2ZWtucENWW2B%2BRVFfYn9CVlw&abt=0&red=1&sm=83&k=xfantazy%201055427%201058978&v=0.9.1.4&sts=0&prn=1&emb=0&tid=971975&rxy=1600_1200&u=1496142435575139&agec=1676879097&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&mbkb=877.1929824561403&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5d1700c20dd6305ebc410627&jst=4&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi3_&_rGU1=1676879099646&crc=1 Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.183.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-183-117.nrt57.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 2cfcb6a779f8bb73f73aae36a1fda5fc91c7be815b7ebfcc36bdcd3b50f1bd45 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Mon, 20 Feb 2023 07:45:00 GMT content-encoding gzip via 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-pop NRT57-C4 x-cache Miss from cloudfront content-type text/plain access-control-allow-origin https://xfantazy.com p3p CP="NID DSP ALL COR" cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-length 3267 x-amz-cf-id 2QySm8vySBlCQP8pA4gwOFZS9zFLTSPrFVqHV1bEW3aDLmkjx6Bt1Q==
GET		sfp.js addresseepaper.com/	0 0
GET H/1.1	200 OK	purst powerpsychopathcounsel.com/pixel/	0 469 B	408ms 223ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/purst?dl=0&th=0&sc=0&rs=7314.89999961853&rd=7314.89999961853&fd=2623.199999809265&bv=22.10.v.10&tmpl=136 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	purst sadbasindinner.com/pixel/	0 469 B	689ms 209ms	Image text/plain	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sadbasindinner.com/pixel/purst?dl=0&th=0&sc=0&rs=7367.699999809265&rd=7367.699999809265&fd=2601.4000000953674&bv=22.10.v.10&tmpl=136 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.17.6 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	script.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/	21 KB 9 KB	31ms 30ms	XHR application/javascript	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/script.js Requested by Host: skiingsettling.com URL: https://skiingsettling.com/21/fe/39/21fe3950f412e026c33f1b6cee613eba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae9afa7b8342ed76295a034e65ecdf32f0e1a155cbd6e4ca4447dde22f8c4b44 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8273184 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:38 GMT server cloudflare etag W/"6308d67a-556a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjHtJPWBv28Tv2S%2FDCadCfd2%2BOQ8Q0aV6%2BNPruXrwfkPoN90qDhPQA8hWvVhgKZeE86y5oFIUv7OtDJYiRGxjxgWjRZ2Mpe6MdxR0uqY%2F8IcXVuah39IHImUgcSDnKgCPTzU2iZKBkOm"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecda9183bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script.js Show response cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/	21 KB 9 KB	44ms 43ms	XHR application/javascript	172.64.166.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/multi/1/js/script.js Requested by Host: exploredefinitely.com URL: https://exploredefinitely.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.166.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae9afa7b8342ed76295a034e65ecdf32f0e1a155cbd6e4ca4447dde22f8c4b44 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8273184 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 26 Aug 2022 14:19:38 GMT server cloudflare etag W/"6308d67a-556a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6S9huXsH1%2BxcmL8QJBoU8agOALdE%2FzMqnjoJY%2B1ji3MaIMzC2b5LMlT%2BaFKJRYgInFWGRNpNUwf%2BGbFiZxmU78l1Ww1LKyLzpXFjgPl3G%2BR5663mwG5rNY00QZH%2Fd9q76J24ektqq8c"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-expose-headers Date cache-control public, max-age=315360000 cf-ray 79c59ecdc9253bfd-NRT expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sbls powerpsychopathcounsel.com/pixel/	0 469 B	242ms 222ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmulti%2F1%2Fjs%2Fscript.js&l=17978&fd=34.200000286102295 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
POST H3	204	BApFKhgXR3cvAhsfdBMHFEdaQxEjVURHeENKHEtmWVVHR3lZSgRLfF9HAU99WkYDSXFLB0IbL1BCFAo8GR8PS35aRQpNcVxDA0t9Xw oplpectation.xyz/SG1zMnpnUhBBRx5dPUAbJVQGV0t9NysAOHk6NQcYEQMhVC0eClVGEyxQSgVLcVpGFAohCU4BSG4eB1MOPR5OAEp4WFVbFC4CTgBKeFtDAkp7XlYFOSAZB0IJbV4yF0gOSEF0GCcCGFMeIQFdURUlSEF0DSEDHV0OIQ4WF0kOHhpWX3spOwYJ...	0 393 B	222ms 221ms	Ping text/plain	104.21.8.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oplpectation.xyz/SG1zMnpnUhBBRx5dPUAbJVQGV0t9NysAOHk6NQcYEQMhVC0eClVGEyxQSgVLcVpGFAohCU4BSG4eB1MOPR5OAEp4WFVbFC4CTgBKeFtDAkp7XlYFOSAZB0IJbV4yF0gOSEF0GCcCGFMeIQFdURUlSEF0DSEDHV0OIQ4WF0kOHhpWX3spOwYJASwyczsJLDJxX3pYQXRLGjlAAAkrOyFhX3pYQXAtbV9GADwPBRpzQgM9G2MLIj0DVTl6OERBTTsXHlMsAw8lQwgpOzp8Lhs/I10ULhgFaDcrCUBQDwUlF18wcAEnZzAJSEEHSAoUKnszPgoaZhh9HjZQKABUMgIpLEhBB0gKLxFFIxBfOEs+f1k3CxB+WQJ/AzEJAWQ7cD1GfSMuGx19X3pYQXQZIl4VSDkqIiEKX3pYQXAqOxkHBBcDIjhqSSk3B2osIQckfQgLOjQXSH1fMUYtJ1oXRjFxNBJKKH8DIEQtOBkWBxsOXD9ZESEZAmU5Gh4ARg8tW0RoQzkaP1tIbV9GADg9Xh8ETBIoK2cvcTQRYQwcXSFXDH4/AkBNfh85ZjR6BEV6HnEdPEAgPB8VcSs4FycLPn0/SwUYG1UDRwl6JRdGCgccRXYAKj42Syg7GgVzP30AP3AUGTU5CkM4CFYAT3orK1UpAi4del96WEF0FzAbOAs+AwkregtxA0NRQngUGHVCPS4XRzguHzpZIG1fRgA8EgIpQjt6K0t/MXoqPV8qDz0ZCj4AP0p/IHwgFgExPQU6UzswDFYAT3orBBdIfV8xYygMGx0CMA8gMVVPIgJDVR0mNCJhMxIEJnc8DisqWiINPRxYEQY8IncILTo2VBx7DwV1PzBbEEIiOQs0BTcxGxcCMg4cKgVNcVwXAhcJOEsFFiYXSwsdBT5KcBcKOwJEEQc+O0s2ETcCdhMNFDcGPzE3VgBPeispF0h9XzFhCT5cJwMiLDpKfh16P0Z/EB4/MWMVOj80XTMqBRlLX3pYQXATByojdQ0vOQtAFTFfPH4peAlCeilxXQV+IyYLOQoyLz4QBRgqCxEHLwNdBWQjKhgSWDgMNzZeK3wFHHEwABg6dxZ7XTh/EngbBGYRAwAiCgIDOB93EAULHVQ1fg5FBy8HIRxGIhg9AQJILSkbF0h9XzFwSn8rH1pDMhs8QRUQXioFDjIfH1czBzdLeyMELBADDj0nVgBPei8ieTsaXBdUGxA3VgBPeisGYigSXUtVMy8PNVhNfUhBB0gOFDYGPwIER2BPbV9GADgdAidDFg0cHAUjHigSQgABWwZiC38MOHU/IwpLWSMKHzl3FRoKOEVLChobXTMRBAJFFzgjCmYRHwApURZxKjlVX3pYQXAZOTpGfB4qHhAELTFUQHwqEhgcQCAqBzlaAH0aBApMLFk3SEt5Dz9nHn8fIQsAeQxWAE96L0AHG21fRgA4fxcCF0h9XzEKFh4hPGojJgk1SCAqDjtjDDAeFFENKg49fjgGNFYAT3orEVEYP0hBB0gKP0J9GSE9Q2o7DF80Wys/BApFKhgXR3cvAhsfdBMHFEdaQxEjVURHeENKHEtmWVVHR3lZSgRLfF9HAU99WkYDSXFLB0IbL1BCFAo8GR8PS35aRQpNcVxDA0t9Xw Requested by Host: d3t87ooo0697p8.cloudfront.net URL: https://d3t87ooo0697p8.cloudfront.net/?oootd=971975 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 07:45:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLKFTSoVZtVkTI7WuxFc%2FsqqfudgN8rbaDIlmrDJjXAVzfJl6Fpqp2%2FGMPshSxY4h1tBMIgkeoNQF9%2F1KssDc6Zdl8V30ALf%2ByXzP7lpEbEZ37KNP1TY567b1nnVgYmB0j9f"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 79c59ece5bc30ad4-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		winnotice bookadil.com/	0 0
GET H/1.1	200 OK	impr.gif oxthrilled.com/	7 B 641 B	193ms 192ms	Image image/gif	173.233.137.60 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://oxthrilled.com/impr.gif?sid=H4sIAAAAAAAC%2F1xST2hc1Re%2Br%2F391FIEdaeoPLXFFprJ%2BzPzMqFKaPrH%2FrWljWR9%2F73kdu68%2B7j3vXlpKFhbkKIIKSjo7uWbtMVWxO7cCGXiyoDidKERyaILoWsXgiuZJBjwbL7D%2Bc493O8758PlcoMEKOl6cc4sKq3peKsR%2BAdmVSZM5fx3Z%2FwwaASH%2FVmVJc3D%2FkLSPOgfyXMtZyU7o4rxVjzRiBP%2FwJmTM%2BfOHvK16kj%2FHck75qB%2FdN6arhwPRwMarWY7bIRB4F%2BiKbVq%2Bx1U%2FnUYJY1WqxEGYSNshViw%2F6240oOjHkRvg7wAJYZ7Hv31OhQfIOt%2Bc0y6TmHyQ8e7paaFseiJu%2B9lncxUGbo7aWo9pNnd7W4YNyTk810w2d1tpTC9ldFHwdSQeI83wLI7WwLAev0wDMA0LudggqDqDSD1AIoOwM0NKGHABU5fQNa9fZrmNNui6Igakl2%2F3YSqtjDr3r9k0oLRrONPT2MhraEWBlBzA%2BTlKorFPVDVKnhxHUr8SF4%2B%2FMZo5ozpXDFQYn1fHEexjGkyRnmrOdaM23xssp0kY63mBEtZxII2a29ao9QAKh1AyyVQtxul81AqD2Xqocw9dMW6T0UoJ8MkDZM44e02ZSwRzbg1OUk5j5MoRslHCpZQ5EvgegncXkNur6Gjbg0Jub4CWz6Em6%2FhhAdXEPREjUoSVI6gogSVIqiKkWP1baFd5Oo7QruShdsYbWNc900xt0xvm2JOZmQ53yDPj7zznn3%2FTXTkuh%2BFqYwnW0HaDCMZRAmP4zRkCZcyCWPJKJyqodwuUOdhUQ3Jq629yNWQPDP1EIyuwulVcPUcaPkKaNWfiALQ%2BX6zHWAx%2BzajRWmpnpdUF%2FPOlJbLBtclgzA18uJ%2FKK54y3qDvLi5z7fzpyH52tSTP87P%2FPxEg9saua1xWX1PMKdv9i%2BaiqxcNJUjD87nheqqRVook10qaCH%2Ff%2B%2BMvFIZK04dc0tfHuEjYpR%2BNSNdcZZmQmVzjtyfVkJIe8JYLsl3p9ysZBdKNz9d2qzMz144euJUN7fSOWWyAejoYpNfwdWQ7H3r%2BOYFv9ZOoewAtqzRLdfIdkCZVfD8Gly%2BNvXLyZ%2Bu3is%2FgjMEVu%2F0sNxDVdZ9G7GdolZDsv%2BLx9Byberq%2BEs%2FPPj0E1BWw8m1qd8%2FPvrZB0%2FtB5P%2FmrLsbmLOeqDFDWTdGj1bo6drUL0EV%2B7uF7ldm3oUbwaY9vpMW2%2BFaatvbRns1LovmEhoUyQybUVh2o4mwiASUZKyCRpwLhgKN%2BR%2F7vv7HwAAAP%2F%2FAQAA%2F%2F%2Ftflh6xQQAAA%3D%3D Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID 660b8d5b71bba249a2e0942898eb9fdf Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbs oxthrilled.com/pixel/	0 469 B	388ms 195ms	Image text/plain	173.233.137.60 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://oxthrilled.com/pixel/sbs?c=1 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	impr.gif powerpsychopathcounsel.com/	7 B 641 B	340ms 202ms	Image image/gif	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/impr.gif?sid=H4sIAAAAAAAC%2F1xST2gd1Re%2Bk99PodqFihtRYdAKLTYvM%2FPmzXuPCqFpbU3%2FaGkjWd9%2Fk9y%2BmbnDvTNvkoBQW9CCmxQVXE6%2BlzbUFtGFm4IgL7oKCH1dRSRgEd25cSG4UV4SDHhg%2BM6c79zD%2Bb57P1grd4iHkm4XF%2FWKShI61Wp47tF5lQldWfftOdf3Gt4Jd15lUXjCXYrCY%2B7JPE%2FkvGTnVTHVarYbzcg9ev6tuYsXjruJ6kn3rOQ9fcw9tWh0Kqf88YBGK%2Bz4Dd%2Fz3Cs0pkbtn4PKv%2FCDqNFqNXzPb%2FgtH0vmvxVbOrDUgejvkOegxOjQoz9fgeJDZOmXp6XtFTo%2F%2FmZaJrTQBn2x8W7Wy3SVIT1IY%2BMgzjb2u6HtiJDPJqCzjX2l0P318aJgakScxztg2Z09AWD9ge97YAmu5mCCoOoPIZMhFB2C6xtQQoMLnLuELL19juY026PomBqRiR9vQlV7mKX3rui4YDTruTMzWIprqKUh1MIQebmJYuUQVLUJXlyHEj%2BQl068Op45p3vLGkpsH%2BlIEfhcdibD0AsnwyiUk92QxZMd1mFt1glYGMS71ig1hIqHSOQqqHVQjj%2FloIwdlLmDVGy7VPiy60exHzUj3ulQxiIRNlvdLuW8GQVNlHysYBVFvgqerIKba8jNNfTUrREh19dhym9hF2tY4cAWBH1Ro5IElSWoKEGlCKpi7Fh9WyQ2sPUdkdiS%2BfsY7GOzHuhiYY3e1sWCzMhavkOe3fXu98MP0JPbLg3ibteLfS9sR17k87bfFT73KW3SQHIRwKoayk7sal1RI%2FL8i4%2BRj6%2Fyvb%2FB6CZssgmungEtXwatBu3AA10chB0PK9n9pZhmBV1ZbnCdQugaefF%2FFMvOWrJDXtjd442vv4fkW9O%2FPLx%2B9%2BOnfwY3NXJT46r6jmAhuTm4rCuyfllXlnz1Tl6oVK3QQunsSkEL%2BcTn5%2BVypY2YPW1X757kY2Kc3p%2BTtrhAM6GyBUvuzSghpDmjDZfkm1k7L9ml0i7OlCYr8wuXTp2ZTXMjrVU6G4Kqh2c%2FAVcj8tRvS7tv1j02BWWGMGWNtNwi%2BwGlN8Hza7D51vRPH5369P0nX4PVBCY56GG5g6qsByZgB8VEESTy4J%2ByGlZuTf%2F64esTh2cfgMl%2F7VizN7FgHNDiBrK0Rt%2FU6Cc1aLIKW%2F5vUORma%2FpRczfAEmfAEuOss8Qkt%2FastWrbFUxENBSRjFuBH3eCtu8FIohi1qYe54KhsCP%2Bx5G%2F%2FgEAAP%2F%2FAQAA%2F%2F8apmBJswQAAA%3D%3D Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Strict-Transport-Security max-age=0; includeSubdomains Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 7 X-Request-ID 16f1c66b8aa0c8075a9f9630c585ae28 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	sbs powerpsychopathcounsel.com/pixel/	0 469 B	339ms 196ms	Image text/plain	173.233.137.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://powerpsychopathcounsel.com/pixel/sbs?c=1 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 07:45:01 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	1591703087.jpg cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/ Frame 5153 Redirect Chain https://bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RT32scVRS%2BW%2FGhiA8KPhQqjPpgC2U7s7szmaVKbVqraVINTSRPonfuvZMcd3buMHdmJ8lTUJA%2ByYIIvgiTb5sEbRH9A0Sd%2BBbwYX2KyD74D9j64qMyydrVA8P5OYfvnO%2Fcj3fzCb... https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg	32 KB 33 KB	159ms 68ms	Image image/jpeg	45.133.44.10 ATT-INTERNET4
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5d1700c20dd6305ebc410627 Protocol H2 Server 45.133.44.10 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.17.6 / Resource Hash b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers expires Wed, 22 Feb 2023 07:45:02 GMT date Mon, 20 Feb 2023 07:45:02 GMT last-modified Tue, 09 Jun 2020 11:44:50 GMT server nginx/1.17.6 etag "5edf7632-814f" content-type image/jpeg cache-control max-age=172800 accept-ranges bytes content-length 33103 x-proxy-cache HIT Redirect headers date Mon, 20 Feb 2023 07:45:01 GMT strict-transport-security max-age=0; includeSubdomains cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 8456aa1f1fd3a82a2cb5e12d9bc6ae16 accept-ch Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmJdrymv7lDS5DbmQfyIFrBUKHBNFaAwRsRkueeb%2BpsEFdkxPjpec%2FVZvbut1H4B7rFrmuU0UV%2BrP5TU%2F7rqQEI83hLn6HJZboeIxynWIgtP%2BA%2BRLqSJSJsTG69H3WQ%3D"}],"group":"cf-nel","max_age":604800} location https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg cache-control no-cache cf-ray 79c59ed0be2c3511-NRT expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated / Frame 5153	897 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be1f5cf222de390da64f302bda4ffb1b7e650b89ece430a6a08796fd64aad060 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

addresseepaper.com

URL

https://addresseepaper.com/sfp.js

Domain

bookadil.com

URL

https://bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RT32scVRS%2BW%2FGhiA8KPhQqjPpgC2U7s7szmaVKbVqraVINTSRPonfuvZMcd3buMHdmJ8lTUJA%2ByYIIvgiTb5sEbRH9A0Sd%2BBbwYX2KyD74D9j64qMyydrVA8P5OYfvnO%2Fcj3fzCbOR8%2BPstt6mKOKX3aZtXVijWOrCWG%2BtWo7dtK9YaxR7nSvWpte5aF1LkkitqWCRsstue67Z9qwLi2%2Bu3l66ZEXUU9YbSvT0Rev6Rqr76rJTN2i6Hd9pOrZtrfCQpzT9D5R87bS8pus2HdtpOq6DzbSEyRswvAE5mLBnQXJ89pe%2FXgSJCnH%2FmxvK9DKdXHq9n0c80ykG8uCduBfrIkZ%2FZoZpA2F8MK2GNmPGPj8DHR9MZ4Me3KuhIaAxa%2Fw%2BQRDvn0JGMBg5jo0ggnYQSIZiUEFFFYhXEPojkNQQEreWEff3bvGEx6cpXqfG7Myvd0HFqY7791d0mAU87lnz89gMS9BmBVqvkOSHyLYZqDiEyD4EyZ%2FZ%2BSsv1T1XdW9Lg2R5MjVRBQorRGoIbhjy%2BiOGPGwgTxroy2OLS0d1HS90vLYnfJ8HgSc7bbfb5UK0vVYbuajBDZElQ4hoCJHuIEl30KMh0vwTkKmQ8xKUlEjMfnfO6c65UOLotXPPr02eDh%2BB07Flh9zvOsoX3Y7tzrleIOZ8IYLAc1tuJ%2BQKAR1dfaXZ%2FuPRZ08gIgbFj75%2FyE4EJi4R5%2BUoTqlEqo7YVEapzI6uPq7aKGEkg8kYBrJEoRgKw1BwhoIYiqwmpNyTkWmZcl9GJg%2BcqW5Ndbsc6Wy93NPZuorZbjJhz5ww86d4Dz11bLUd7rR9z1a%2B35a%2B7zq%2B8lVLOXYndFzZbcHQvxsgcwbcNLBNY%2Fbcbw%2BR1OciP0XAD2GiQwiywPPz4EUJvlFiOy4h9YNA6x6XFDWF7iPJziLbauxGE3buBMerm%2B%2F%2Bb7UiLZGkJT6gnxjWo7ujO7pg9%2B7owrBv304y6tM2z0jHKxnP1JNfLaqtQqdy4YYZfnlN1InafLCqTLbEY0nxumH350lKld7UqVDsuwWzpoLl3GzM52mcJ0vL128u9JNUGUM6rsDrod7%2FEYLG7Cn375M38cLLX4DSCmleop8%2FJgukK4hkByaZxYxmSKOZHyQMRV6O0lYwC9bnEM1YBw9KmP%2F4wczeNT%2FAUInMsH8AAAD%2F%2FwEAAP%2F%2FOXPmNKMEAAA%3D&ap=${AUCTION_PRICE}&l=4028509&sub3=1676879099&pid=91283&sub2=icon&auid=0fa891e8c9405756bc78ccbb65254fae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg