phim1.sexhaydi.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 50

• https://kgfjrb711.com/sn/pr/1852039?zoneid=1852039&jp=_clbdyrowqolxboz5k8y9qm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8555774945369600&eclog=0&sp=0&im=0&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8555774945369600&eclog=0&sp=0&im=0 HTTP 302
• https://coosync.com/sn/c?zoneid=1852039&freq=0&rd=kgfjrb711.com&h=cookie.user_id.pre_sync.final&tuid=0&sign=d1de1ae251a2b912 HTTP 302
• https://kgfjrb711.com/sn/ps/1852039?freq=0&puid=7308944605812246887&so=1&zoneid=1852039

Request Chain 74

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/6c7b452c19b7ae17da92fad12927765c57125a3c6714f2ed299a047da8789907ae5d121378bf0702f2145e44b726a7ca/2f8d4843e94a7d11692e016632408979 HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0d923519b78cce4f6299c8

Request Chain 76

• https://go.xlivrdr.com/smartpop/c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594409&memberId=WHpNsc_8wqfesPd3Atn0nPtbAEX_AqnnbxC0hRLhYGZDc_7GbxnkEzffMHcCJW-OjlL5DCXw2ktXwDzbMETGNSYIY5mrcPGDxyGfeV3IwCSgvyig_gUIDRUi&p1=3756524 HTTP 302
• https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=d4b7915892550d940784a464db0b5cf9db0d5b7f130f7030c3f97cd0285df241&iterationId=765240&masterSmartpopId=1605&memberId=WHpNsc_8wqfesPd3Atn0nPtbAEX_AqnnbxC0hRLhYGZDc_7GbxnkEzffMHcCJW-OjlL5DCXw2ktXwDzbMETGNSYIY5mrcPGDxyGfeV3IwCSgvyig_gUIDRUi&mlView=1&p1=3756524&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=32243&webp=1

Request Chain 80

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/f6540e917e5efb81d8944db2a413f3b008c49f539b1d77cfd2ad0fb621b771bf7cea799f3370b6601de052f4711afcde/ad15c35eea6b4abe8a28e345b1c82216 HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0dbfe44cf782384744b358

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Show response phim1.sexhaydi.com/xem/128/	50 KB 16 KB	1506ms 671ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 94e87232c79669cb8236cefb937c39a6b288e6bafd6704723683f3fbd3585fa9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=86400, must-revalidate cf-cache-status HIT cf-ray 830923800d271c19-FRA content-encoding br content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 03:17:53 GMT expires Thu, 19 Nov 1981 08:52:00 GMT last-modified Mon, 04 Dec 2023 04:35:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpFUv%2FZS32I9MT7enkINCdVN61MuAGSu9cTwBROp%2BS%2F%2F6Ye9DrCmLkOUCYorJAqp5YNzkNUMPbGlpqFNDyDAn4XHj0KFnQs3dTDGwLYIeZqI%2BXDnfpzQ2RtjS0xAZB3y6XZdA95yJLNZBeJNCysTyVc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-cache-status MISS x-powered-by PHP/7.4.30
GET H2	200	style.min3781.css phim1.sexhaydi.com/file/css/dist/block-library/	95 KB 13 KB	204ms 198ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/css/dist/block-library/style.min3781.css Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab4b1216cc1d3bc479e20fc9b4f6ae294e82a337404341d3d4897b939c7812a4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63682 cf-polished origSize=97517 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 18 Apr 2023 16:55:40 GMT server cloudflare etag W/"17ced-5f99f2d60fb00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLjIkvBr7ZzrIryh6uBbzaGjw5vCVNjsp2pnHXsumSD78Qz9vcoHtP17ICZFmsrpOiiEgTJHAZa%2B4cVhRTL%2FHZ6mOgD7YcuIs68nCe5LAUEi1TZRHYO4UGBfaLNMqKqJq%2BZynFSFN%2Bm04ConhrY%2BAFg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 830923860f7c1c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	classic-themes.min3781.css phim1.sexhaydi.com/file/css/	288 B 501 B	304ms 300ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/css/classic-themes.min3781.css Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d0d76309641cf16f16be6de179b0e4660079f32d4981256739f29d1ce642411 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=291 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 18 Apr 2023 16:55:40 GMT server cloudflare etag W/"123-5f99f2d60fb00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZsscQydppFt%2FisZgS1B%2Bo4PaQJM1PmDBS%2FImYsAPtQTeURw57%2Ft8hjGkniDrPufzu5yMEk%2BynfTILFCCNJPQKPBQ9P69uYBd%2Fh36Mo2mcZViMPTkXJQ8h3THHIvQaO4ewsKM%2BqHGqPFHouTl3G6%2BDI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 830923860f7e1c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	font-awesome.min1849.css phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/css/	30 KB 7 KB	112ms 109ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min1849.css Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00878f6d6bfe5de4656a32bf0eee2abb1218b83aaa367a28b03dff7b49443520 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63682 cf-polished origSize=31024 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 11 Dec 2021 09:04:54 GMT server cloudflare etag W/"7930-5d2db22055980-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhSQC0DmYERC6vVMiv6jCPFRbGYxC6TPQ31uEtO4iH9i%2BP1iAJDzWXYyjR4uLu8QYvEKfVg%2BSTNIEAkq7LAXkkWplgpBDPLMS8mG7Lxy%2FsZxOmvsp5iUz91eswA9ZQs0b%2FMgcWvK0ZI5fnqxyMWRffQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 830923860f801c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	styleaff7.css phim1.sexhaydi.com/file/themes/retrotube/	51 KB 12 KB	203ms 201ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/styleaff7.css Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3514d01ae96ca1af41ce49eea6d8a65746fea9b9b8d2a90d42ef52b1e009f30b Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63682 cf-polished origSize=52408 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 22 Sep 2023 02:34:37 GMT server cloudflare etag W/"ccb8-605e9731c0940-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGun6%2FVZzuxHkbQjad9Jtb3X%2F4gmfPcbZ3izx%2FNyuo%2FCrqNSPQBgrAB1TKKC9voVwqBqz8lI4v88YF9TQIIS6wm3UAmOZFW6SOZBF75Wh3HMyli2nGhmwSIkqd89Qn2a5Xy4L13y9GYbPWy%2FzzWwGJk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 830923860f811c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	MjI4MzQ= Show response play-09.sexapi.xyz/play/sv2/video/ Frame F8DC	18 KB 9 KB	801ms 438ms	Document text/html	2606:4700:3038::6815:eb4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 2d0376fcc3895b22cc2b46a4d22011f275a065c11ec7b8c3e7638a53a17ad30b Request headers Referer https://phim1.sexhaydi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=86400, must-revalidate, proxy-revalidate cf-cache-status HIT cf-ray 83092388981b0eb2-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 03:17:55 GMT expires Sun, 31 Dec 2023 21:11:05 GMT last-modified Friday, 01-Dec-2023 21:11:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72P8UJiFU3yfOS6hy%2B82tyIS%2BinALH%2B%2FDEli1cmYNZYFHjfHBhNtwjm5e6E3OgIBYqzWRRw3AtE%2FP3nKDGwSdxvh%2BfsbS%2FkiHTxPBK1LMizZ3ZrnBTB4lWcPc0dlJ9QDvh98waBQm5Qs1TIHgk%2F5CvU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.30
GET H2	200	5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.jpg img-01.w3img.com/images_new/full_size/	13 KB 13 KB	334ms 206ms	Image image/webp	2606:4700:20::681a:1ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img-01.w3img.com/images_new/full_size/5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.jpg Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50035b3ba7e5aba8dce5064c0025cf15d37a06cc15b29c0f2eaed775a1bf8793 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished qual=85, origFmt=jpeg, origSize=36866 x-cache-status MISS content-disposition inline; filename="5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.webp" alt-svc h3=":443"; ma=86400 content-length 13014 cf-bgj imgq:85,h2pri last-modified Wed, 26 Apr 2023 10:06:34 GMT server cloudflare etag "9002-5fa3a650dce82-gzip" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEX5353r9U5e%2FO%2Fn1YdBETl4p3ysa2nBVJGKz3fQri%2BldJ01KllylOkW%2BCPui7a0ulm7%2BD%2B5UBQ1BiVbs2SNwNhsJ2xrEZ36Ngnmv%2BJnpX99%2BE25PB4nvK12mwXtSOH9OTGwULOyJyV0Q%2B2WmUw%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 830923872fd0364a-FRA expires Wed, 27 Nov 2024 10:32:02 GMT
GET H2	200	rocket-loader.min.js Show response phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	158ms 158ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 28 Nov 2023 16:06:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65660ffd-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ylw3P9fIYkVIqNIYpgXF0VuL5B9gCp%2Bx9nKQ9U8VhYjsbW6X1K8e4RBRjBuyRKVLgL9vBECXy%2FgsjZbk7T8AK2l6vBCZQOhOarbeOJKSyjtBfnLpObkS77QCXsYpVVvfX4qwoxQwCNnenGu0d%2F%2BR38I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 83092386cfcb1c19-FRA expires Thu, 07 Dec 2023 03:17:54 GMT
GET H2	200	mainaff7.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	27 KB 8 KB	685ms 680ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/mainaff7.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34b8c6531e9141997c394958259db104678cc2333485a337e83718cbd362aee7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 14 Jan 2023 10:33:32 GMT server cloudflare etag W/"6c84-5f236e1ae3700-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZLd52GvISWw7vg%2Bb81onDKuNfMVKZqFuNtFvbrwfwsI7%2Bdbs%2FEezAP7e%2Bo0LYtEw9sVZrGAQuwraHJr7V6q9Xdho%2F01O1uLMJYBQ2wneL1As0YZHQw6mATZMrWkU7HX3%2FF9rPGY4dNxHzKmFgnLhOQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 8309238808441c19-FRA expires Tue, 02 Jan 2024 23:55:39 GMT
GET H2	200	theme.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	2 KB 1 KB	367ms 363ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/theme.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abb838619222ea85ad106b5927aac10c5913304d595b5440917d8724e28046fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2190 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 03 Oct 2023 01:38:06 GMT server cloudflare etag W/"88e-606c5f13e9b80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKvVgM33XGXAmsUW1dlwpyPtTA0THwgM2x1QWRoBI%2FNDIhKbyIfr404WFyMUcmgNYD9kk1ww44Xx6tG76aa0wjGUmNlmSyMdmGQOWeSUYvwKV%2FnrguUxjjc7TzDfOgn18mCyzyB0ddaiLHlRLxcw%2FCE%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 8309238808451c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	lazyload8a54.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	6 KB 3 KB	31ms 27ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/lazyload8a54.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f8a5a2aa4a053bd70bb8af4c22e9cd3850236a5d6700bb3353f9a25187a3e15 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63682 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 11 Dec 2021 09:04:54 GMT server cloudflare etag W/"1679-5d2db22055980-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p2MezEpjWdxMZI0%2BqZ78o0E1IZYG8wVAg0%2BXhjBELpbpAo5gs%2Bt54QCgrvpmVQ%2FR5vEID1l1VvgX6IPiPEahi%2FrvziecSoBnhHWcQt1%2FGHawvxjYSDcAZSSN25saz6%2FyJq77E%2F9kHoLxQ1SR762t30%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 8309238808461c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	jquery.touchSwipe.min61ea.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	20 KB 6 KB	367ms 363ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/jquery.touchSwipe.min61ea.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash beeac2bb8b189234d98b756b7592603bc92ec397c7620d8c26a3c3d3bb69617a Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=20430 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 11 Dec 2021 09:04:54 GMT server cloudflare etag W/"4fce-5d2db22055980-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1ih3EvTqRFKeasH1ZeA3mdrqB5zM94bJM2WcHMO8W1NtRDQw7GL2Hdk%2FJTRqHhKpyTsNaJ4Q4FZoB0Vmesrw0UsS%2FsNtfKfQCGJKH89PkryprKzL6Ec%2FodlQtgaU%2FEyXDP3wKXUyzA5359ViFlxqS0%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 8309238808481c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	jquery.bxslider.min14fe.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	23 KB 7 KB	166ms 163ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/jquery.bxslider.min14fe.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1338e984cbb9dbafe132934ef65242b23f588c5be0a5397f5bec76d50306f57 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63682 cf-polished origSize=24252 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 11 Dec 2021 09:04:54 GMT server cloudflare etag W/"5ebc-5d2db22055980-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsIGQecOOCTJ42UeMkJYx7xuKfsb8ptSmwaQs%2Fmq9WyO8h%2BL%2BEpMbFebK%2BFjpmdxsQfaq6yd6TUTC0zAqpMvh768BSyLgqwfjsBfpdesbJNmveqxZ3O3c03YNzAvSX%2BWcYC8CPWD5yhSW4%2FU5MpT%2F4A%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 8309238808491c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	navigation8a54.js Show response phim1.sexhaydi.com/file/themes/retrotube/assets/js/	1 KB 830 B	178ms 175ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/js/navigation8a54.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 837f1f7050991bb53fb4562af9c14709d00fcad5e590487b229a3000e9bb9c41 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63681 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 11 Dec 2021 09:04:54 GMT server cloudflare etag W/"54d-5d2db22055980-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuGsodenWPpR23Qg4nr%2BMYL%2FQ%2BrWTy37bwVEjt9SkiddE0eeLsd6H7JtWxmV1WsF9Jp01J9zBDKceYlQcAjH%2FVb0y5e4wcEWX03mkbpd8sWgQbg8Spnu38kM1oCRiF%2BPyYdpj5DNm715SpCMXkaW4X0%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 83092388084a1c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	mobile-detect.min.js Show response cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.5/	39 KB 14 KB	97ms 46ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.5/mobile-detect.min.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6aaaf41e7fbaca1be0bfc9e35cb4bda7c2340ef786b65f802b4d6bab476e7661 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 416696 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 14005 last-modified Sat, 13 Mar 2021 15:06:24 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "604cd4f0-9aa1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwVZZYXtHAf4yM%2B1knKqVPcr5RDnDrjiq5hxUep%2Bd7SUkcIKO52ljmRWlprJl1GsE4ZGgNXVRWc1sX5p1vZ5Z8K6EWFgwRKDI5iiNMDM54iGWddCIKCXFeqTe0Xkw%2BVa1RNNUBsUBpCvTADvx%2FTp4WZz"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 830923885f6d4d79-FRA expires Sun, 24 Nov 2024 03:17:54 GMT
GET H2	200	5D9D9692-82EC-1328-33-3E52D77B7128.blpha Show response www.vipads.live/vn/	80 B 334 B	2299ms 171ms	Script text/html	172.247.89.236 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://www.vipads.live/vn/5D9D9692-82EC-1328-33-3E52D77B7128.blpha Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.247.89.236 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash fba7a8822fe3cf74bdd7d2471884fbbc6a7d5bd01860bd56d30a822c436370ef Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 05 Dec 2023 03:17:56 GMT server nginx vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * cache-control max-age=900 expires Tue, 05 Dec 2023 03:32:56 GMT
GET H2	200	jquery-migrate.min6b00.js Show response phim1.sexhaydi.com/file/js/jquery/	13 KB 5 KB	188ms 186ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/js/jquery/jquery-migrate.min6b00.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2d6844f6190b24d7a789b4769bb084bfb4ea5d0eb9d33d4f0d8bf36b8dbac26 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=13424 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 29 Mar 2023 23:08:06 GMT server cloudflare etag W/"3470-5f8120c7a6180-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBj4hqUz%2BEu9cllJF4j6%2BZkoYFd79xcgoFwnyF%2Faw2in1Fon6pK%2B5bHAbZjf6bnibswqFOYtvkX66WAIrkc8K8fqRLEhB%2FH1FLIGF189TjT0hvvtREopVtRbsmfT58FQ2cd7GZ%2Fr3CkCyiqGk%2Fd%2BRhA%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 83092388084b1c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	jquery.min5aed.js Show response phim1.sexhaydi.com/file/js/jquery/	88 KB 32 KB	371ms 369ms	Script application/x-javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/js/jquery/jquery.min5aed.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbfdcbab7f29a45379706d1421e1ee8bf9c21f8067fc4d66c1f7317da9a1e783 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=89815 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 18 Apr 2023 16:55:41 GMT server cloudflare etag W/"15ed7-5f99f2d703d40-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0R8cAJf9y5wXM9lwftdp7LfKJRczaL8geZXLMIOd7QHK9nwiOdxe0VkVKJ8uINpegXq9vZDcT%2FkoFKRj4iicDGNi786YT1zZSAPgh853bB2hrar728I8zRV8Ut8ejK6O1o5py6o5ubkFoAUKAbg%2FTkA%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 83092388084d1c19-FRA expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	fontawesome-webfont3e6e.woff2 phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/fonts/	75 KB 76 KB	1167ms 1166ms	Font application/octet-stream	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont3e6e.woff2?v=4.7.0 Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min1849.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://phim1.sexhaydi.com/file/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min1849.css Origin https://phim1.sexhaydi.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:55 GMT cf-cache-status HIT last-modified Sat, 11 Dec 2021 09:04:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "12d68-5d2db22055980" x-cache-status MISS vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5%2FCUqpuBPKDNdg3sVXcmjx7qwwZVOu3iIvzbOPji4opm1BZWOMzC6%2Ft4Aw%2FGXZ1gICvURMOEPuwIR0F4OezCUTMnB9A8eF2OtU2jJN4GdeaOqu7CaXgs6HtyLO7bvTnSCd4nMCR2nCsSmhtAM2iFNo%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 accept-ranges bytes cf-ray 8309238808511c19-FRA alt-svc h3=":443"; ma=86400 content-length 77160 expires Tue, 02 Jan 2024 20:11:28 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame F8DC	87 KB 31 KB	875ms 100ms	Script text/javascript	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 10:17:05 GMT content-encoding gzip x-content-type-options nosniff age 61251 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 03 Dec 2024 10:17:05 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame F8DC	246 KB 86 KB	912ms 139ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5TBWYGC60V Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a957bb0f8479b386b250fe139c6e16e02bd30a45ec4bd96ae7ebc8b8d2ad8358 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87704 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 05 Dec 2023 03:17:56 GMT
GET H2	200	promise-polyfill.js Show response play-09.sexapi.xyz/jwplayer/ Frame F8DC	4 KB 2 KB	283ms 282ms	Script application/x-javascript	2606:4700:3038::6815:eb4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-09.sexapi.xyz/jwplayer/promise-polyfill.js Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f0d8ebf5f423e0610678c8e80bfef35e22c3b83eab216cae69825bf80a79a03 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 287265 cf-polished origSize=6942 alt-svc h3=":443"; ma=86400 referrer-policy same-origin cf-bgj minify last-modified Friday, 01-Dec-2023 18:38:44 GMT server cloudflare etag W/"1b1e-5e8ace07f2080-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF%2FV10q1TliP1SpyAghcrwoz9qpXEqwbNpu5OOEZd3rMmQDllRZe5fmrSyQDEBs2dP6yPr70hfrfAUHwXWQIwMx6nY60gGEYf%2B5TCjlXahyPQTvLhw1Ypf%2B4CG4mFMKWNbfcN2xilULqZJg4WPeP8pQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=86400, must-revalidate, proxy-revalidate cf-ray 8309238d3b1d0eb2-AMS expires Sun, 31 Dec 2023 18:38:44 GMT
GET H2	200	devtools-detector.js Show response play-09.sexapi.xyz/jwplayer/ Frame F8DC	25 KB 5 KB	328ms 327ms	Script application/x-javascript	2606:4700:3038::6815:eb4b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-09.sexapi.xyz/jwplayer/devtools-detector.js Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb4b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9a5e230120ba86d4d170c254dfb0398ea007518a4ea1808c37c51f66a2aeadf Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 287265 cf-polished origSize=25716 alt-svc h3=":443"; ma=86400 referrer-policy same-origin cf-bgj minify last-modified Friday, 01-Dec-2023 18:38:44 GMT server cloudflare etag W/"6474-5e8ace0daae00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FrOuLSX%2Fd0tc4ich1CA4A449eDdAdMw2Mra5GrkXtJGPlxT3wd8v5ChyyGD2DkN2jMnR71Z5YT1GgKKpapEo4f%2BmLAifzXdrbc1ojSaaDE8dWB4oSXaDCBeuSF60aKvfykF0glHi7l41I2fzXYCssM%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=86400, must-revalidate, proxy-revalidate cf-ray 8309238d3b1e0eb2-AMS expires Sun, 31 Dec 2023 18:38:44 GMT
GET H2	200	dmca-badge-w100-5x1-11.png images.dmca.com/Badges/ Frame F8DC	2 KB 3 KB	54ms 54ms	Image image/png	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=4898a2d3-689b-4bab-8a79-0c0e477fd9d8 Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / ASP.NET Resource Hash 2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT cdn-edgestorageid 1082 x-powered-by ASP.NET cdn-cachedat 10/31/2023 18:59:54 cdn-pullzone 1574055 content-length 2390 last-modified Mon, 25 Jul 2016 19:39:16 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "70d0a63aace6d11:0" content-type image/png cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid 3123f8fd21b20eabd9ec6cf80eb69e69 accept-ranges bytes cdn-requestcountrycode NL link <https://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png?ID=c566a01f-b37b-45bf-953f-533e46600052>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/ Frame F8DC	465 B 844 B	982ms 209ms	Script application/javascript	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br cdn-edgestorageid 1080 x-powered-by ASP.NET cdn-cachedat 10/31/2023 19:00:40 cdn-pullzone 1574055 last-modified Fri, 21 Jun 2019 20:14:34 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"26b181f16d28d51:0" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid cf257140dede473adca07d15cc0fb65c cdn-requestcountrycode NL link <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET H2	200	63923d372922e117d8855f62 Show response play.play4db1.click/play/v2/ Frame AF9F	8 KB 4 KB	201ms 27ms	Document text/html	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63d38e4c69afd99771e615336e2dbdd22ecbca97d3750bc4692c8b1db291f592 Request headers Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * age 14159 alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status HIT cf-ray 830923944ba65cb0-FRA content-encoding br content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 03:17:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiIFE2IV6YA6Sba9vWJ7ZNbKpU9eCH14IGPLo5J7PQN0HQO1%2FGe7Ajr22PEse4uSpKImVTzXFxKCyF7E71%2Be0IctwYNLJhIu50b66601bHLY7z9MB12f0H9EcHmkFsMbsqboVR4LWAY25%2BcdoaGv9egn"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	cHRxJfVEsT3Kmkzeya4tFviuqb9gC_0NwGn.svg media-01.w3img.com/images_new/thumbs169ll/ Frame F8DC	7 KB 1 KB	44ms 26ms	Image image/svg+xml	2606:4700:20::681a:1ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media-01.w3img.com/images_new/thumbs169ll/cHRxJfVEsT3Kmkzeya4tFviuqb9gC_0NwGn.svg Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45502fad09194dcef339dbb006cff94a35338c2a6817a41a7c84465e17659335 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 581038 alt-svc h3=":443"; ma=86400 last-modified Mon, 26 Dec 2022 22:19:32 GMT server cloudflare etag W/"1b6a-5f0c287955717-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXM%2BB3XNnBT7gbHFFBQfsEGORHnqFv33yLqLadfrVvWJ%2FRo9zZAIsrH7qa08zx0ivezIArbpUDa9e7pZdNNN5fdrAPw9qghSDAof36FuUU%2BrXldBpAD1azgPtNBnFAeEWr0v4HigV5aD71pq6OOt5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=31536000 cf-ray 830923934e38364a-FRA expires Thu, 28 Dec 2023 09:53:47 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ Frame AF9F	86 KB 28 KB	26ms 24ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 339292 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27748 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15851" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNbUp%2FfND%2BRY0Y5C9dMYngnb0v%2BGoxLKw8qBQo4nerpMVIP08cZLLeyDpwxokGelffJ70puIpkmIzUtG%2B%2FWFevrAt3FwwbXnvqzKxalXkapEUfk6JttcvFyfKTl%2FN5EyP9mD2DWb7%2Bu8GCpkiuAcgvDf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 830923947ccd4d79-FRA expires Sun, 24 Nov 2024 03:17:56 GMT
GET H2	200	socket.io.min.js Show response cdnjs.cloudflare.com/ajax/libs/socket.io/4.5.4/ Frame AF9F	43 KB 12 KB	513ms 512ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.5.4/socket.io.min.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1821723 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 11798 last-modified Tue, 22 Nov 2022 21:33:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "637d400e-2e16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG%2Bg3PTZYAoF2g0YJ7Jm6TGpqX048rVnwUiqAcz8NG%2BqKZcqV2tGF9FNX%2BC8BOu%2BZSDy4UlUh5A6BP%2FtBS4iwo2A5UnHgxShxfqIH5R6iSkOOrN%2BlbcHUApl6Z%2BfILxPLE1ml5L56vCiu99p0tJhCnBq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 830923947cce4d79-FRA expires Sun, 24 Nov 2024 03:17:56 GMT
GET H2	200	jwplayer.js Show response cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/ Frame AF9F	111 KB 37 KB	602ms 543ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74989125e5098689ba79fe01185920f68d6784fa6063a50948be40d84e730aca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 503184 x-jsd-version 1.0.2 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230052-FRA x-jsd-version-type version server cloudflare etag W/"1bba4-kHqkJRBgveO9ddV0S7Xb+XQI8CM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvx0jF1%2BMk%2Brs8TJaFmQ8lNHnXVkGEtXFlaW4rDsz0C%2FvI90%2B%2FNL6Sl4L32SSfuuY%2FiuDGd7S8RS5zmLJRqpSq%2F2ZEHK4%2B6UUp6ArO%2BWqSvtFQpcHo9XzO5By3oCkStKHfq0xzhcXlEzk2Jinkg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 83092394dfd62c77-FRA
GET H2	200	app_plhq_v7_rf.js Show response cdn.jsdelivr.net/gh/nvtuan95vn/plhq-js@main/ Frame AF9F	3 KB 2 KB	582ms 524ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/nvtuan95vn/plhq-js@main/app_plhq_v7_rf.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5d5427ab786726d23f21ccf2cdd62df2643a01bdbc035edaff70b16e29d9478 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 585 x-jsd-version main content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230080-FRA x-jsd-version-type branch server cloudflare etag W/"a61-wXD7xRZj/LHz/8sp3OHgUvB1ed4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqZAekDbCZpjf8zKSCU1AMohJStoFXV9fjcnpIKiRP590dLZQS90kHfH11Do9fxzyITD3r49rc5kf7O1HO7Tap2vEYUUbtuPeSvYFYMh84GKvFX5MDk0wtPfHPaMPXb80jMcqcSEeuacaus7c5c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 83092394dfd72c77-FRA
GET H2	200	index.svg loading.io/mod/spinner/palette-ring/ Frame AF9F	1 KB 916 B	364ms 44ms	Image image/svg+xml	2606:4700:20::681a:6b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loading.io/mod/spinner/palette-ring/index.svg Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63923d372922e117d8855f62?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 152b13c4b7f7db085d82b6967a4fc7a6f72a304bd576905d12f18f12f31ed5bd Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 16 Nov 2019 08:17:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7066 etag W/"5dcfb096-418" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoHWNVGWjKAD5S1fzWQ4M7pdVz8C5b4QsnpIu6DsHVQ1%2FOpz3RM3zUuIXPWjJUDTN2nx7B5gMsPZDkaHBsu1KaTM19N6zlVd%2BHCh7ZfXAdN6NGC%2FvPXcwad0WqtkQUMV4zHXmkemlQs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=14400 cf-ray 8309239678df036e-FRA
GET H2	200	main.js Show response play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 8F37 Redirect Chain https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js	7 KB 4 KB	23ms 23ms	Script application/javascript	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js Protocol H2 Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b455133446329fe24d4f50c91884402962dfc02559565d265cfd4fa498d7488f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehLu7hUbA%2F9uqGxBrgEP2su8gi9JThw79WBhAdfZpfkpOL2tNvcgWdpnkJgSG73%2BgWIuHtTI9G8JO09aibMan%2Ba%2BejzyfyEmZgDwwpY5r5B1bKWv7MIEZFdztGEdQK2NF5%2BOs3B%2Bk1g3%2Bpqdp8ttGIUi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 8309239d1f6a5cb0-FRA alt-svc h3=":443"; ma=86400 Redirect headers date Tue, 05 Dec 2023 03:17:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWIUjp%2FQJvTUs0hThedCTyoS48RFGN6WRTfR0DjQlgPydQddlNRBKm3ma%2Ftm3zwNf4Lzd0i083vfND1RTxnaV12%2BlVP3MzvdjG6HvcMcEFPJR6fuHXzDrZDz3Ztk1SrkCh2K7rP%2B1nTwi%2BetMiORh0UV"}],"group":"cf-nel","max_age":604800} location /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js access-control-allow-origin * cache-control max-age=300, public cf-ray 8309239b5e8b5cb0-FRA alt-svc h3=":443"; ma=86400
GET H2	200	8807c09f.js Show response x7r3mk6ldr.com/aas/r45d/vki/1990706/ Frame F8DC	87 KB 34 KB	72ms 23ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Requested by Host: play-09.sexapi.xyz URL: https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 327c7c1e7aa9485029a0988654c6644d4663ae91fac5f7f2dca2c9302ddc4bf9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 11:34:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6565d04b-15e20" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	/ whos.amung.us/pingjs/ Frame F8DC	28 B 28 B	521ms 215ms	Image text/javascript	2606:4700:10::6816:4bab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whos.amung.us/pingjs/?k=psexapi&t=22834&c=d&x=https%3A%2F%2Fplay-09.sexapi.xyz%2Fplay%2Fsv2%2Fvideo%2FMjI4MzQ%3D&y=https%3A%2F%2Fphim1.sexhaydi.com%2F&a=0&v=27&r=4099 Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 8309239d4f8e3837-FRA content-type text/javascript;charset=UTF-8
POST H2	200	63923d372922e117d8855f62 Show response api-plhq.play4db1.click/apiv5/6382d2a6c281da76c6324db1/ Frame AF9F	160 B 640 B	785ms 598ms	XHR application/json	2606:4700:3032::6815:5cdd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-plhq.play4db1.click/apiv5/6382d2a6c281da76c6324db1/63923d372922e117d8855f62 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5cdd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b63b4892c4ae666567b95a7c0dbccb4b5ee384ef5fbba0a95b706dab572b7c4d Request headers Accept */* Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a0-vPLvEn5Xm2DfADLItvubWu4KN8c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnlCEudhwGJjHZzn1fQFQvQnb%2BDd9oNxX4kbuzJh3BfslUZKH6rORgtILnvPK%2FJBc%2Fwe%2BFT6JoOJqMPw6zbR0G4wyUAuXPpjWVDITldiEOHiEZxWwCUGcaRcOn3Ek2cjhuLjjg%2B%2FhkDxMNkW2gQWJe4tKjtQwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://play.play4db1.click cf-ray 8309239c98a70e20-AMS alt-svc h3=":443"; ma=86400
GET H2	200	63923d372922e117d8855f62 Show response api-view.vnstream.net/api/view/ Frame AF9F	2 B 455 B	718ms 343ms	XHR text/html	2606:4700:3036::ac43:abda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-view.vnstream.net/api/view/63923d372922e117d8855f62 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:abda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept */* Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH1rHrb%2FSimknddUsBi%2BSxbriRykkGNsDorigGq87QelaXkHlS0vdFtu1NkD5iluzzxvTnCN1O7tiLs%2FkozZG9jdV2xcVDjiu4xT%2BqsR2H2cqQlIAgjvfjWYNMasUd2EUsan1Jpw1wpGxlQoGxY8OybRxMs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 8309239dbce35d97-FRA alt-svc h3=":443"; ma=86400
GET H2	200	a www.googletagmanager.com/ Frame F8DC	0 59 B	31ms 30ms	Image text/html	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?v=3&t=l&pid=308076706&rv=3bt0&u=AAAAggAAAAAAACCA&h=Ag&gtm=45je3bt0v888299727&ccid=88299727&cid=G-5TBWYGC60V&l=G-5TBWYGC60V.L2049.S6.Y9.B29.E1261.I2093.EC6.TC10.HTC0~gtm.init.S0.V0.E42.TS5ccdemoutboundclick.TI3.TE4.TS5ccdemdownload.TI5.TE0.TS5ccdemvideo.TI6.TE0.TS5ccdemsitesearch.TI7.TE2.TS5ccdemscroll.TI8.TE0.TS5ccdempageview.TI9.TE0.TS5ccdconversionmarking.TI10.TE0.TS5setproductsettings.TI11.TE0.TS5ogtgooglesignals.TI12.TE0~gtm.js.S0.V0.E28.TS5gct.TI1.TE0~gtm.dom.S0.V0.E13~gtm.scrollDepth.S0.V0.E10~gtm.load.S0.V0.E16~gtm.init_consent.S1.V0.E32 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	89c4e9e2.js Show response x7r3mk6ldr.com/aas/r45d/vki/1990704/	87 KB 34 KB	51ms 35ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/aas/r45d/vki/1990704/89c4e9e2.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash bbcd2e1e989c2a8c0ae374e9a127d67ebf713565044e855f28cc4e6d7abfe97f Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 11:34:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6565d04b-15e20" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	ifr.html Show response media.vivaclix.com/js/ Frame C8F4	2 KB 1 KB	2140ms 34ms	Document text/html	2606:4700:3038::6815:ea3f
General Check archive.org Show headers Download Go to Full URL https://media.vivaclix.com/js/ifr.html Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea3f -, , ASN (), Reverse DNS Software cloudflare / Resource Hash d2e52aed281424d3c5821cf2b8e27059b6b2113aca93972cdfd21ac88296a42b Request headers Referer https://phim1.sexhaydi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 609681 alt-svc h3=":443"; ma=86400 cache-control max-age=259200 cf-cache-status HIT cf-ray 830923a8bb6ab89d-AMS content-encoding br content-type text/html date Tue, 05 Dec 2023 03:17:59 GMT expires Sat, 25 Nov 2023 07:26:03 GMT last-modified Tue, 21 Nov 2023 13:27:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcGH6DSDG%2FC7t3cXE8pYgtQr3n4IandftVLSt1QoFlZIEptScPT8Rn%2BoOti5S4DdphtPWT8BKjgIC9oZ6QQ0PqiW1KHfHZ0gDGcnfbsuftQ0GjPiWInY7ZTM079LBG7ImLSnP%2BPC15HwMmhtU4nisb8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-robots-tag noindex, nofollow, noarchive, noimageindex
GET H2	200	code.js Show response kgfjrb711.com/lv/esnk/1852039/	101 KB 38 KB	72ms 22ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://kgfjrb711.com/lv/esnk/1852039/code.js Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 5900a12656b8c6c9f393df0b119ea3bb4b8be6e61d606647e9e4b40fb765f2cf Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 11:34:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6565d04b-1929a" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	79ms 79ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-49VC8CBQF8 Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 931d4dffbc91f96fad719387d0aec061ad62156c2f12b51c45f6715d1630185b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93013 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 05 Dec 2023 03:17:57 GMT
GET H2	200	/ whos.amung.us/pingjs/	27 B 27 B	497ms 242ms	Image text/javascript	2606:4700:10::6816:4bab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whos.amung.us/pingjs/?k=sexapi&t=%5BMD0105%5D%20Lin%20Sihao%20v%C3%A0%20anh%20b%E1%BA%A1n%20h%C3%A0ng%20x%C3%B3m%20bi%E1%BA%BFn%20th%C3%A1i&c=d&x=https%3A%2F%2Fphim1.sexhaydi.com%2Fxem%2F128%2Fhby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai&y=&a=0&v=27&r=7560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 8309239d4f903837-FRA content-type text/javascript;charset=UTF-8
GET H2	200	5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.jpg img-01.w3img.com/images_new/full_size/	13 KB 13 KB	103ms 102ms	Image image/webp	2606:4700:20::681a:1ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img-01.w3img.com/images_new/full_size/5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50035b3ba7e5aba8dce5064c0025cf15d37a06cc15b29c0f2eaed775a1bf8793 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3 cf-polished qual=85, origFmt=jpeg, origSize=36866 x-cache-status MISS content-disposition inline; filename="5wOTkyFRLv-ohPQV7rcIDuB3tCxaAm1G8Ef.webp" alt-svc h3=":443"; ma=86400 content-length 13014 cf-bgj imgq:85,h2pri last-modified Wed, 26 Apr 2023 10:06:34 GMT server cloudflare etag "9002-5fa3a650dce82-gzip" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ0ToAxOjKmiJha32vgA7r99Bjanw7QaSGfrz3mD6dxCt5C%2BZt%2Fpo8bKhVAcsLsuMudAxjZ91CDZrNV9BIFG5hGOxvenZdtxle7OT%2FQ41hCIRHozIW0Snzz6JWcDrJ1u1gauhiCoCUyWmrVidNQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8309239bbb28364a-FRA expires Wed, 27 Nov 2024 10:32:02 GMT
POST H3	200	ajax.php Show response phim1.sexhaydi.com/	12 B 577 B	397ms 397ms	XHR text/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/ajax.php Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/file/js/jquery/jquery.min5aed.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.22 Resource Hash 697ea20b74d2b8630e04a492b66f44c2288dc94f1d9f49417d3492640e0c1543 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Tue, 05 Dec 2023 03:17:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.22 vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHiCgT5s0AWQkcFKGkvKW2Em6tWlNHYFN3du4K6XgKjcyXKe%2F3swAsoRcyLEBxDv1Jq5HVCYuTFQFBokjNahfKJwUT5VCXXUhW7roaHtyAt%2BDg5BVYCSex92uEtsGTXvtCv6A4QXs3o8upCA%2BNGRIjI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json, text/javascript cache-control no-store, no-cache, must-revalidate cf-ray 8309239bb8801965-FRA alt-svc h3=":443"; ma=86400 content-length 12 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	ajax.php Show response phim1.sexhaydi.com/	39 B 647 B	418ms 418ms	XHR text/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phim1.sexhaydi.com/ajax.php Requested by Host: phim1.sexhaydi.com URL: https://phim1.sexhaydi.com/file/js/jquery/jquery.min5aed.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.22 Resource Hash 23d787a7f9ebe4437cf080b978ee0be712a7bce92ec0f7c622fec0fa30276fe0 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://phim1.sexhaydi.com/xem/128/hby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Tue, 05 Dec 2023 03:17:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.22 vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiMuBjUMsbLjRdLAbmv3%2B8Mm7lv9buJmbPoCEG8DBzz3c2UwIy0cksbAdRqu0pfK%2BJFA2atGfgiYaIT38SNfKs%2FjzE5Gxn1jI%2FZ4CZ6ZaWnGOfxdPrDoBaG0RmFkejypPDK7DQpyI9e2y9O4FzEgFqA%3D"}],"group":"cf-nel","max_age":604800} content-type application/json, text/javascript cache-control no-store, no-cache, must-revalidate cf-ray 8309239bc8821965-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	solid.gif x7r3mk6ldr.com/ Frame F8DC	43 B 638 B	13ms 12ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/solid.gif?z=1990706&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1252&y=704&md=0&afid=4052175317979648&eclog=0&sp=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	1990706 Show response x7r3mk6ldr.com/get/ Frame F8DC	37 B 681 B	13ms 13ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/get/1990706?zoneid=1990706&jp=_clfjckh8jhochpgz9f4oj9&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1252&y=704&md=0&afid=4052175317979648&eclog=0&sp=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-09.sexapi.xyz/play/sv2/video/MjI4MzQ= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
POST H2	200	solid.gif x7r3mk6ldr.com/	43 B 547 B	13ms 12ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/solid.gif?z=1990704&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2926275411131904&eclog=0&sp=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990704/89c4e9e2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	1990704 Show response x7r3mk6ldr.com/get/	37 B 590 B	13ms 12ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/get/1990704?zoneid=1990704&jp=_cl5ixunl819gdag37r8imh&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2926275411131904&eclog=0&sp=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990704/89c4e9e2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
GET H2	200	1852039 Show response kgfjrb711.com/get/	10 KB 3 KB	15ms 14ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://kgfjrb711.com/get/1852039?zoneid=1852039&jp=_clbdyrowqolxboz5k8y9qm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8555774945369600&eclog=0&sp=0&im=0&freq=0 Requested by Host: kgfjrb711.com URL: https://kgfjrb711.com/lv/esnk/1852039/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 4cac02398c5eb113a9c5e03a46ff26068893a2d07343bccec08c1efe2201ff86 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:57 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin *
GET H2	200	1852039 Show response kgfjrb711.com/sn/ps/ Frame 6BBE Redirect Chain https://kgfjrb711.com/sn/pr/1852039?zoneid=1852039&jp=_clbdyrowqolxboz5k8y9qm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20... https://coosync.com/sn/c?zoneid=1852039&freq=0&rd=kgfjrb711.com&h=cookie.user_id.pre_sync.final&tuid=0&sign=d1de1ae251a2b912 https://kgfjrb711.com/sn/ps/1852039?freq=0&puid=7308944605812246887&so=1&zoneid=1852039	761 B 1 KB	12ms 12ms	Document text/html	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://kgfjrb711.com/sn/ps/1852039?freq=0&puid=7308944605812246887&so=1&zoneid=1852039 Requested by Host: kgfjrb711.com URL: https://kgfjrb711.com/lv/esnk/1852039/code.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash d63ccffcdc25f4754a032a6cf15e8ad8f7e91f429240fdda8546023943d6d1e8 Request headers Referer https://phim1.sexhaydi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-encoding gzip content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 03:17:57 GMT server nginx timing-allow-origin * vary Accept-Encoding x-route-id cookie.user_id.pre_sync.final Redirect headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data content-length 122 content-type text/html; charset=utf-8 date Tue, 05 Dec 2023 03:17:57 GMT location https://kgfjrb711.com/sn/ps/1852039?freq=0&puid=7308944605812246887&so=1&zoneid=1852039 server nginx timing-allow-origin * x-route-id cookie.user_id.sync
GET H2	200	da5c9f31c1b5ab6e50e7e13bdf8e0615aafb5caa.webp cdn.pncloudfl.com/pn/da5/c9f/31c/ Frame 1E02	48 KB 48 KB	374ms 20ms	Image application/octet-stream	172.67.25.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pncloudfl.com/pn/da5/c9f/31c/da5c9f31c1b5ab6e50e7e13bdf8e0615aafb5caa.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.25.161 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83feddb6427790ec7788a5af1471aada39ebefa4bf62e93c4d7d32f9a536b204 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-proxy-cache HIT date Tue, 05 Dec 2023 03:17:58 GMT x-openstack-request-id tx120f6132be9c48eca3bfd-00645b60b0 cf-cache-status HIT age 158915 alt-svc h3=":443"; ma=86400 content-length 48702 x-trans-id tx120f6132be9c48eca3bfd-00645b60b0 last-modified Fri, 28 Apr 2023 11:45:36 GMT server cloudflare etag df4639163f32fb0224e8b38e1584e328 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/octet-stream access-control-allow-origin * x-timestamp 1682682335.61778 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes cf-ray 8309239eabf066ec-AMS access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Tue, 05 Dec 2023 07:09:23 GMT
GET H2	200	b1d2a3c161bb5453005127f3187f7c4a5a4f41f5.webp cdn.pncloudfl.com/pn/b1d/2a3/c16/ Frame 1E02	40 KB 40 KB	376ms 22ms	Image application/octet-stream	172.67.25.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pncloudfl.com/pn/b1d/2a3/c16/b1d2a3c161bb5453005127f3187f7c4a5a4f41f5.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.25.161 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60465664373ab3977dff154f630741217379e775288f008e3dbb28b6521190ab Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-proxy-cache HIT date Tue, 05 Dec 2023 03:17:58 GMT x-openstack-request-id txcf3093132d71438e84b35-00644e8286 cf-cache-status HIT age 171084 alt-svc h3=":443"; ma=86400 content-length 40836 x-trans-id txcf3093132d71438e84b35-00644e8286 last-modified Fri, 28 Apr 2023 11:45:47 GMT server cloudflare etag e19ccdab86ab495e70c4eeaec76223e8 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/octet-stream access-control-allow-origin * x-timestamp 1682682346.02182 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes cf-ray 8309239eabf266ec-AMS access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Tue, 05 Dec 2023 03:46:34 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	338ms 251ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-49VC8CBQF8&gtm=45je3bt0v9132774090&_p=1701746277697&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1827630085.1701746278&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701746278&sct=1&seg=0&dl=https%3A%2F%2Fphim1.sexhaydi.com%2Fxem%2F128%2Fhby9-md0105-lin-sihao-va-anh-ban-hang-xom-bien-thai&dt=%5BMD0105%5D%20Lin%20Sihao%20v%C3%A0%20anh%20b%E1%BA%A1n%20h%C3%A0ng%20x%C3%B3m%20bi%E1%BA%BFn%20th%C3%A1i&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5789 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-49VC8CBQF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://phim1.sexhaydi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Tue, 05 Dec 2023 03:17:58 GMT server Golfe2 content-type text/plain access-control-allow-origin https://phim1.sexhaydi.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	chicken.gif kgfjrb711.com/ Frame 1E02	43 B 479 B	14ms 12ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://kgfjrb711.com/chicken.gif?z=1852039&pb=1fd77c684024fe623997303a48693dae1701753477&psp=tFwngv21uJLX6sm8WG-kugvGCORq2VU2233dJDhM6u96mcggVnTUMzq1g72JDQEbjo8cznUtF0ORKTQbE5557ANJ45NJd4kEz7IUeIy38qzOI6acCFKaiuUMdNCRoFeDdgD79t5mRSUWhCBZsyK80ffjRIQTDjyCPZaLtgvM964ijeE5EEjBVHP80p9P6JqW834kOl92p7NnJM66_Hppa7CgYmz99mZDXro5_EOgTaBdov2gCbANV4p3kbPf-x2NSZu_GZL-2qSn_YzqFMRh8gy0RV6xg_KcrmvluvbuJcC3whXwV-sYO4IHMUQvQTSDQEO-jhFxttUhHfmweO2uMiDrKaD9bqv5wavwF0G8wVixkjRKyYCLFG7wl2z0nm7VfLBc1JMEnwNVCll6s627ZM3LLGdkCyfq0pqMKpwyi2ak6G-oQbvciUznBFssnZ8AljfIgCYevjJBbLesIOzAgFaD5iu2NmPBL-yNvzgfGIelXmH5idYgDNbxBIwEwJy4oW4xQDBjO-jenYFnTQagv4wo58aDi1ygaqZYm5X3_1WP4qMpTMxgkEOgn9b3NlcGu_8wJbroxNoxusNtB_ZDAbhc5NfEMxihEl8x7fadhCsp0TwGCCapJN8Hh8TOOBKCUFJpN9Qo-3HZ-OvhmGuiGWHOrq6up0xKmcGFA48bVNtR1K9DZeLxt4j6QDCr8ZfWko57h7n2LwWn3NWTAoScc8GNHvhEiQVU_j4G6RgHP7M52F3z4r7G04ka0eJ84TF-W2NKcsgOyukRKFFaYSZCP5fnkVKrhMgsaoGrcYwbvGOsN9WxqfrrsbCUewg38fFQQ3pO3XBqy_ldteneublveSxn_Jbk3WSOs79h4XjFF4sZ8Xdp8e5UnwDpVIzYj8Br9YMuDc3_gkd5reQ9HZrewusdOAFgkJIYDR-nQp6lIr7tDmbotlcZBGTUo6scTz8rbgM7f4CO85QdfNs4IgXHi1li9YzRxn-hcxSF4sYx7Bpqg5B8WBE=&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8555774945369600&puid=7308944605812246887&eclog=0&sp=0&im=0&pload=416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	chicken.gif kgfjrb711.com/ Frame 1E02	43 B 479 B	14ms 14ms	Image image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://kgfjrb711.com/chicken.gif?z=1852039&pb=1fd77c684024fe623997303a48693dae1701753477&psp=XOKMwsAGamBa5zeTj9uJChmSIRRH-mDdnA82JU_hL1ZurMxj-r7tTKT3WtpqInA4LaE2GubHssZqg_nOXhr9Q_OiUqxNXCFuZSBH0YgZKO2u6NVt_i5kqTwVSzt5OGmAoRFNx9vjvJyHA3dFudIJTu1NzRAs8oZUMziD78YSCVxucyze1u5LVsGczZFGGedeTJ0CsoyMoTkiFmAhqiMb5WeAPy44NgjIokcZAY7Q5mwMZyLQajPEAKhGWME4u2qQJhwLQQaW_DzkTNjEWrT3AzDw4DAOpCUb_k8s9XTz1zaAKkcl9zsEOwuT6kjGZjGfZ_UaCe837iddgtLlpCrG2TKwPDH9aCDQ3RmnAX8Iy6aqPvL5g5y4J_R0K_qWvxjccgnmEVJuq99QO0LoOErd0xOeYRvEiEx3xwDVw67ae20EAw1gFW-jP3CPKrePh2bBMNAnC_Xhbq-MrjUv9X87IYi2iOH4Hd7yrUrz8vYOvAUX1LekFWMiR-Chh2SboToigCR39aFkPyaa3YlC4NKwU0aY3SDRtdKiTuFsL2iOLFW7h1aVKD4hnc1VlRpE8-gdnYM4SkhXzLfXyO7xNG1-YGbGvMzwkpwcPcnv8PSar9JZrVSg8VJFihW5hE9tqJUooBcnBu25ETUWtKJtloesHo-lrHh9pvdfLmj9ZRNb7LYWbbo1lmDYg__oN1LCy3IWnPoirQ4_M2eVM08hNskZFH-4z35knZVCYM1z9LQJhQqjqIC6HlA1cwhaGKEFntAUwVdg52w6f4HUQA9ZVU7WtCA2A36XAw_a7C85Io0xfz2GSbjaemWlMH8-0IggrJFKR4o8gYnaE0zJwykXqqAKBIGg6qSe0WcRylMUids3PfKYQpxtVR2Xfd8FggZ3XA7WKiBRUKTJehfa_R70Lf9UO7LQ9ST1j6ubRXIWC16U1JYG2oDcvtrJcqVcLwBuU7HzUHHXag1FK_33HEdDSt0sKPrLBoD7c7cieaYmvyfgFi0DNAsJA48=&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=8555774945369600&puid=7308944605812246887&eclog=0&sp=0&im=0&pload=418 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT x-route-id stats.impression server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
POST H3	200	830923944ba65cb0 Show response play.play4db1.click/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8F37	0 600 B	105ms 34ms	XHR text/plain	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/jsd/r/830923944ba65cb0 Requested by Host: play.play4db1.click URL: https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGx6lTXwY6hxNl5%2FJvsBvBC9yeVONu2zXkchIbrZsNdSBQb3nNC4v0%2B3%2BddUteNLH9%2Bttaxgxd6qD8nTJ5pLyWW5YagMaq9nMNgbCSudDtKFWRlreRq%2Ba87HwgwS7js5E9Q8C73Ic0u6RybXQg%2BtA7en"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 830923a02d6a9a12-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	57 KB 17 KB	1404ms 1286ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/jwpsrv.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding gzip via 1.1 varnish age 71 x-cache HIT content-length 17364 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:24 GMT server AmazonS3 x-timer S1701746279.568352,VS0,VE1 etag "2d642e2770c705fe7a30a5a3a28396ea" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=900, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	299 KB 77 KB	148ms 31ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/jwplayer.core.controls.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 642eaf894d98b96a6a5cb024bdb7290f10ac18795913753f12c7d763cde6118b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding gzip via 1.1 varnish age 529625 x-cache HIT content-length 78058 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:16 GMT server AmazonS3 x-timer S1701746279.568331,VS0,VE0 etag "8a4d5ae80fa2e279c1019f7d7d25d615" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 632
GET		/ count-view.play4db1.click/socket.io/ Frame AF9F	0 0
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	407 KB 112 KB	313ms 199ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.hlsjs.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7e541dc051f497557a901c58cd37d06b566a9293a3e01729b847c08381ffe1c2 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:17:58 GMT content-encoding gzip via 1.1 varnish age 7721205 x-cache HIT content-length 114710 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:19 GMT server AmazonS3 x-timer S1701746279.568595,VS0,VE0 etag "e35ca39e19aa6ae45aef6633199a3ae6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 648
GET H2	200	code.min.js Show response media.vivaclix.com/js/ Frame C8F4	37 KB 15 KB	22ms 22ms	Script application/javascript	2606:4700:3038::6815:ea3f
General Check archive.org Show headers Download Go to Full URL https://media.vivaclix.com/js/code.min.js Requested by Host: media.vivaclix.com URL: https://media.vivaclix.com/js/ifr.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea3f -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 87fe2f8d2db40cd602e142da42ff4f47621bd905cafbe66ea15b4fbb523e84c4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/js/ifr.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 589831 alt-svc h3=":443"; ma=86400 last-modified Mon, 27 Nov 2023 09:07:37 GMT server cloudflare etag W/"65645c59-932d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6ukFB6Mc63ydwYvX8Vn5NXBzt1wPeYSDSBBBbR1QlYsPThCAvGFwaptRLBnLzBDjMdOW19o82sRWfhXOvG5uWj6FSOhykXUxkVC7VrIdBcsG4MrxsSKF6FrxiAdJHkO6uAmL6siuyWkccTMcSNtdpg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=259200 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 830923aa6c8ab89d-AMS expires Fri, 01 Dec 2023 05:03:23 GMT
GET H2	200	rotor Show response srv.vivaclix.com/ Frame C8F4	4 KB 2 KB	65ms 48ms	Script application/javascript	2606:4700:3038::6815:ea3f
General Check archive.org Show headers Download Go to Full URL https://srv.vivaclix.com/rotor?data=Jghlf2BqLWloYWZgIWRbOkY4O2txD25nFmsBdj0%2FOT9gGyUqKCQkLT04eCU8NBZ8dG49cyo6PyUjawBxaGUWd2NzJic5IXR6KjQuLjIgVyccKycjZ3wNczlzAhY7Om1jd1lrKj5hEAd%2FJWt3ZGkCeQZ%2BenZyaC0lbWhHQiw0O28AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%3D_Q5VOPLETYQVFSY3N2HHNBNKUPN30MWPR&ver=4.5.3&zones=%5B%7B%22id%22%3A%2276344%22%2C%22el%22%3A%22_knqo0%22%7D%5D&__cb=0.9557982667500169 Requested by Host: media.vivaclix.com URL: https://media.vivaclix.com/js/code.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea3f -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 5b4e10b24718fb582af03f8c0303103504c2b80a12afe39f2e531910dace1494 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Tue, 05 Dec 2023 03:18:00 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B5fiio5gp0Y4m%2B9ErfeK5IdAYi0iGqRUOX3NaNgOT%2BgsP9%2BtsYwZLzZUkgNhU1I1%2BHVZLUpSzc%2BTKg0CQkE13yy%2BQUxt1U2TRmfpCq0ark8O2%2BUvugy8mvs59Qil%2FfthfSw0GKXJ5hX2dztxLBh"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-store, max-age=0 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 830923ab1d06b89d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 27 May 1979 00:00:00 GMT
GET H2	204	wtf.js Show response track.vivaclix.com/ Frame C8F4	0 355 B	945ms 919ms	Script application/javascript	2606:4700:3038::6815:ea3f
General Check archive.org Show headers Download Go to Full URL https://track.vivaclix.com/wtf.js?counters=%5B%7B%22aid%22%3A221831%2C%22zid%22%3A76344%7D%5D&uid=5f9f5cee718bdeef03ce30eba144454ccdff6aca&page=https%3A%2F%2Fphim1.sexhaydi.com%2F&referrer=%2F%2Fphim1.sexhaydi.com&lang=en-US&w=300&h=100&_t=1701746460&_h=01010169076a93a2f3afcc9dd29596e14b7f6bc9&r=867370 Requested by Host: media.vivaclix.com URL: https://media.vivaclix.com/js/code.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea3f -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Tue, 05 Dec 2023 03:18:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HWPzKXbqNRUOa%2Fu7dry58PbgzzVqwGSZN%2Bwg0wuZaCMTkvNHVWRFbk4jcdr7SaZb5yiQWqS628rAlZMahWGkVWfASwpYC8btVAULFtozWMSj5tBQDfi6a%2FjCP4itgLCY2tZKQzxyRZ1usovlQEWgRY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-store, max-age=0 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 830923abad55b89d-AMS alt-svc h3=":443"; ma=86400 expires Sun, 27 May 1979 00:00:00 GMT
GET H2	200	master.spot.js Show response cdn.tsyndicate.com/sdk/v1/ Frame E9B9	27 KB 10 KB	396ms 19ms	Script application/javascript	67.26.139.248
General Check archive.org Show headers Download Go to Full URL https://cdn.tsyndicate.com/sdk/v1/master.spot.js Requested by Host: media.vivaclix.com URL: https://media.vivaclix.com/js/code.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.26.139.248 -, , ASN (), Reverse DNS Software nginx / Resource Hash 4d255bcb6e881ab36057ca19b809fcb5f306a5839dfaa300c1431a2c625bd8f9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding gzip last-modified Fri, 01 Dec 2023 11:12:01 GMT server nginx age 316766 etag W/"6569bf81-6a0e" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 10336
GET H2	200	sub.vtt Show response w3img.com/ Frame AF9F	321 B 981 B	559ms 217ms	XHR text/vtt	2606:4700:20::ac43:4b2a
General Check archive.org Show headers Download Go to Full URL https://w3img.com/sub.vtt Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b2a -, , ASN (), Reverse DNS Software cloudflare / PHP/7.4.21 Resource Hash b26e399707acef9b210fb81f37bfd29e18b56f1bbc6d3ce4f75c47fe2b915173 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.21 alt-svc h3=":443"; ma=86400 pragma no-cache last-modified Tuesday, 05-Dec-2023 03:18:00 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0It4OV%2B2nMp9i%2BMygJeAraCuPQJtK6lF0LLScRB1wVfVOyIyjZmPdyj6puogyeWQEXaIrwmQKbEFT5RyVnGyUOiwZvQ8S2iBD5Xqj%2F5UMPhmFZAKQbDSQmVafz0PaiueZMaqhqUA%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/vtt; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-ray 830923aeee5b1cc1-FRA access-control-allow-headers * expires Tue, 01 Jan 2000 00:00:00 GMT
GET H2	200	polyfills.webvtt.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	10 KB 4 KB	287ms 287ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/polyfills.webvtt.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6124e0547ee69515af89df540254d57aefe833365438b9f0814530113f875e90 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding gzip via 1.1 varnish age 2423524 x-cache HIT content-length 4390 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:18 GMT server AmazonS3 x-timer S1701746280.437493,VS0,VE0 etag "2f81a62846aa452f1db44cfaa9057857" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 59
GET H2	200	provider.cast.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	25 KB 9 KB	282ms 282ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.cast.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6e2e39ad3123a00a852b44b7d7aab70e1786cb5c6f10107296dcb196abd6794f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding gzip via 1.1 varnish age 445322 x-cache HIT content-length 9014 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:19 GMT server AmazonS3 x-timer S1701746280.468020,VS0,VE0 etag "da5dccbaa1ffd9904b1bd9d7c47329c4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 431
GET H2	200	d68a76a9f55937562f8a5811a3984ed4.m3u8 Show response m3u8-rd.play4db1.click/m3u8/v3/5/63923d372922e117d8855f62/1701754289/ Frame AF9F	55 KB 55 KB	81ms 42ms	XHR text/plain	2606:4700:3032::6815:5cdd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m3u8-rd.play4db1.click/m3u8/v3/5/63923d372922e117d8855f62/1701754289/d68a76a9f55937562f8a5811a3984ed4.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5cdd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d24911171e55d8fb4952d9dc307c6d2edc4defa19e194f0a1569f94c8541c9d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"da03-MPGXcZ27F2VU9GYjK9jP/vmXXRs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F9cL%2F2cPj0sMQPn9AbgOO8XQj7dIZ8QaoP1huUuqQuYVNPBMc4zezTjoHwz%2FLAcMDYmTYi5pWlsF%2FwflpUA7LmOw8%2FnEPUueu%2BFvY4SV4KItDJHc3KO71bsH2xPE1lxZ%2B2tSTVeRHBP28jsrIp3SjdtSfJW"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://play.play4db1.click cache-control public, max-age=10799 accept-ranges bytes cf-ray 830923ad39960e20-AMS alt-svc h3=":443"; ma=86400 content-length 55811
GET H2	302	background_v2 cdn-01.w3img.com/images_cdn/ Frame AF9F	0 447 B	361ms 336ms	Image text/html	2606:4700:20::681a:1ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-01.w3img.com/images_cdn/background_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.21 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT cf-cache-status DYNAMIC last-modified Tuesday, 05-Dec-2023 03:18:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.21 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNU%2BPg8hVIOZhjoLYRfXfTAE6Zd8endkicMsE5E1NVCGiA%2FFWhSUdQpKQzI4RKzjVrDOcR7anWhN1rr1rzRboHnJnZN9nNEjCeHeDrj3%2BlxJQCvonROb0Hmy%2BqappSQrGLugHDmExUS1CvFiLIE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location cache-control max-age=2592000, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-ray 830923ad2c73364a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 04 Jan 2024 03:18:00 GMT
GET H2	200	master Show response tsyndicate.com/do2/m2oanUmUb9WpmXV1ZiMhZpsPytsMbXvn/ Frame E9B9	8 KB 4 KB	236ms 161ms	XHR application/json	136.243.46.131
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/do2/m2oanUmUb9WpmXV1ZiMhZpsPytsMbXvn/master?w=1600&h=1200&tz=%2D60&keywords=ifr&count=2 Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/master.spot.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.46.131 -, , ASN (), Reverse DNS Software nginx / Resource Hash 8f415bb0883de1af26151bffce8575d55881add5c654540783356645e7d93d86 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding gzip x-api-version 2 x-request-id ab6d3ee1f9d23e53 pragma no-cache server nginx vary Accept-Encoding, * access-control-allow-methods POST, GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://media.vivaclix.com report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } cache-control no-cache, no-store, no-transform, must-revalidate, no-transform access-control-allow-credentials true x-robots-tag none, noindex, nofollow access-control-allow-headers Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script expires 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame AF9F	4 KB 2 KB	320ms 28ms	Script text/javascript	2a00:1450:4001:806::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 05 Dec 2023 03:18:01 GMT
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame E9B9	8 KB 3 KB	238ms 26ms	Script application/javascript	67.27.235.249
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: media.vivaclix.com URL: https://media.vivaclix.com/js/ifr.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.235.249 -, , ASN (), Reverse DNS Software nginx / Resource Hash 4235cced32deee2b151c68167ea3504500c08cae63746dd52fdfe8a8456cca62 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:01 GMT content-encoding gzip last-modified Thu, 03 Aug 2023 13:38:21 GMT server nginx age 7644799 etag W/"64cbadcd-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2641
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame C09C	8 KB 3 KB	230ms 27ms	Script application/javascript	67.27.235.249
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/master.spot.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.235.249 -, , ASN (), Reverse DNS Software nginx / Resource Hash 4235cced32deee2b151c68167ea3504500c08cae63746dd52fdfe8a8456cca62 Request headers accept-language nl-NL,nl;q=0.9 Referer https://media.vivaclix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:01 GMT content-encoding gzip last-modified Thu, 03 Aug 2023 13:38:21 GMT server nginx age 7644799 etag W/"64cbadcd-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2641
GET H2	200	202212175d0d923519b78cce4f6299c8 Show response p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame AF9F Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/6c7b452c19b7ae17da92fad12927765c57125a3c6714f2ed299a047da8789907ae5d121378bf0702f2145e44b726a7ca/2f8d4843e94a7d11692e016632408979 https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0d923519b78cce4f6299c8	1 MB 1 MB	132ms 26ms	XHR image/png	2.19.126.74
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0d923519b78cce4f6299c8 Protocol H2 Server 2.19.126.74 -, , ASN (), Reverse DNS Software TLB / ImageX Resource Hash e2d428859d8e0111640c66c2d07a1af37c0d3c43f2d2250fd19b8e40a74a876e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-akamai-request-id 4eefca38.1898c42a date Tue, 05 Dec 2023 03:18:01 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=static x-check-cacheable YES nw-session-id 2023113020160275CD66E3B85AC7833D96wtsdw12df x-powered-by ImageX x-cache TCP_MISS from a2-16-121-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 6,2.16.121.74 server-timing cdn-cache; desc=MISS, edge; dur=6, origin; dur=0, inner; dur=4 x-length 1165292 content-length 1165292 last-modified Thu, 30 Nov 2023 20:16:03 GMT server TLB x-tt-logid 2023113020160275CD66E3B85AC7833D96 x-response-date Thu, 30 Nov 2023 20:16:03 GMT x-cache-remote TCP_HIT from a2-16-111-20.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-) content-type image/png access-control-allow-origin * nw-session-trace 2023-11-30T20:16:03.263076795Z 107 x-request-ip fdbd:dc51:ff:a001:1:251:80:246 cache-control max-age=31165043 x-tt-trace-host 013e87aaababc84da35d018bf1d13b5f6af35e823d90d97c6f32697517285426e16e9a85c98204a33d8eb95a20b78cc218cdfb45e36e7ff3a11db169e16bae4998eb1f3d4500f0b5de745695fcab0d6821f8f39dadfb52606e62546b0897f51c1cf4c523d33bb09b5bac1048739e7aa60b6c84459b0e1b61d7dcd22aaa9a42be8d x-response-cinfo fdbd:dc51:ff:a001:1:251:80:246 imagex-fmt png2png x-response-cache edge_hit timing-allow-origin * Redirect headers date Tue, 05 Dec 2023 03:18:00 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1889 vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jb88eodd6c7iLXRJtGcN0nvGd%2FHe%2B4U8WWPetrJzIHcpqokMc7T875KUQEBG6vL9mOV67%2FN9j29C2nwJR9RXCrtbOhjrjjGPQlETyOJdV1CAUagmQzfdcK1QDcZNKMMXvL1sjWLZGBjuJphWfmSNex03"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0d923519b78cce4f6299c8 cache-control public, max-age=3600 cf-ray 830923b00d509a12-FRA alt-svc h3=":443"; ma=86400 content-length 105
GET H2	200	vttparser.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame AF9F	5 KB 2 KB	55ms 54ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/vttparser.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4dd944898ed8ebf4c5086e1fcb5a3591fffa74955fdf0579397436ec6f7494ba Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:00 GMT content-encoding gzip via 1.1 varnish age 1731013 x-cache HIT content-length 2145 x-served-by cache-ams21041-AMS last-modified Wed, 31 Mar 2021 15:14:20 GMT server AmazonS3 x-timer S1701746281.998620,VS0,VE0 etag "b90179d20ab9e582c769d5bbf5870603" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 2
GET		Universal creative.mnaspm.com/widgets/v4/ Frame 8BD1 Redirect Chain https://go.xlivrdr.com/smartpop/c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=594409&memberId=WHp... https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=d4b7915892550d...	0 0
GET H2	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame AF9F	35 KB 12 KB	129ms 128ms	Script text/javascript	2a00:1450:4001:806::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:18:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Tue, 05 Dec 2023 03:18:01 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/119/ Frame AF9F	50 KB 15 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:806::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/119/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 19:47:44 GMT content-encoding gzip x-content-type-options nosniff age 27017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14705 x-xss-protection 0 last-modified Mon, 02 Oct 2023 15:08:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 05 Dec 2023 19:47:44 GMT
GET BLOB	200 OK	3cc84c24-c3d8-4f7a-8466-044e2ab7e77f https://play.play4db1.click/ Frame AF9F	89 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://play.play4db1.click/3cc84c24-c3d8-4f7a-8466-044e2ab7e77f Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 54c1920b816b16770d0accd661fe7f2b14772165e61f9c99f1ecfcd2ee0e4333 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Length 90624 Content-Type text/javascript
GET		202212175d0dbfe44cf782384744b358 p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame AF9F Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/f6540e917e5efb81d8944db2a413f3b008c49f539b1d77cfd2ad0fb621b771bf7cea799f3370b6601de052f4711afcde/ad15c35eea6b4abe8a28e345b1c82216 https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0dbfe44cf782384744b358	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

count-view.play4db1.click

URL

https://count-view.play4db1.click/socket.io/?EIO=4&transport=polling&t=Omt-u0l

Domain

creative.mnaspm.com

URL

https://creative.mnaspm.com/widgets/v4/Universal?action=sbSignupWithModel&campaignId=c6913f01500457c0bdb8597e6d4286a54c12f8dc120ca06a0ab250733289acaa&campaignType=smartpop&creativeId=d4b7915892550d940784a464db0b5cf9db0d5b7f130f7030c3f97cd0285df241&iterationId=765240&masterSmartpopId=1605&memberId=WHpNsc_8wqfesPd3Atn0nPtbAEX_AqnnbxC0hRLhYGZDc_7GbxnkEzffMHcCJW-OjlL5DCXw2ktXwDzbMETGNSYIY5mrcPGDxyGfeV3IwCSgvyig_gUIDRUi&mlView=1&p1=3756524&quality=240p&ruleId=3&smartpopId=1062&sourceId=594409&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=32243&webp=1

Domain

p16-ad-sg.ibyteimg.com

URL

https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202212175d0dbfe44cf782384744b358