xxffo.com Open in urlscan Pro
2606:4700:30::681b:bca1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://159i.com/p/hola/vvv.php?id=o0pTUof6Oh0o0pDQo!CONjcO0f!fdoNIo!COO0f!fdoepp8sHndrrGusbHOpWDTqQo08Oo08O
Effective URL:
https://xxffo.com/
Submission: On October 09 via manual (October 9th 2019, 1:55:30 pm UTC) from TW

Summary HTTP 58 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 58 HTTP transactions. The main IP is 2606:4700:30::681b:bca1, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is xxffo.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 27th 2019. Valid for: 6 months.

This is the only time xxffo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:30:... 2606:4700:30::6818:7645	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
13	2606:4700:30:... 2606:4700:30::681b:bca1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	69.165.107.69 69.165.107.69	25875 (VARIOUS) (VARIOUS - FriendFinder Networks Inc)
1	104.17.35.108 104.17.35.108	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	152.195.39.54 152.195.39.54	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
20	202.6.247.39 202.6.247.39	23620 (DOOGA Doo...) (DOOGA DooGA Co.)
9	2606:2800:234... 2606:2800:234:1f1f:1754:1fef:718:1223	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
5	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	64.59.125.120 64.59.125.120	27589 (MOJOHOST) (MOJOHOST - MOJOHOST)
1	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
58	13

2 2606:4700:30::6818:7645 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

159i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.159i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:30::681b:bca1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

xxffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.165.107.69 (United States)

ASN25875 (VARIOUS - FriendFinder Networks Inc, US)

adultfriendfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.35.108 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

theporndude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.39.54 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

secureimage.securedataimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 202.6.247.39 (Japan)

ASN23620 (DOOGA DooGA Co., Ltd., JP)
PTR: 202x6x247x39

pics.dmm.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:1f1f:1754:1fef:718:1223 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ads.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.59.125.120 (Franklin, United States) 1 redirects

ASN27589 (MOJOHOST - MOJOHOST, US)
PTR: cs2324.mojohost.com

adserver.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	dmm.co.jp pics.dmm.co.jp	298 KB
13	exosrv.com ads.exosrv.com syndication.exosrv.com static.exosrv.com	130 KB
13	xxffo.com xxffo.com	44 KB
3	juicyads.com 1 redirects adserver.juicyads.com js.juicyads.com	2 KB
2	baidu.com hm.baidu.com	13 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	159i.com 1 redirects 159i.com www.159i.com	603 B
1	exoclick.com ads.exoclick.com	830 B
1	securedataimages.com secureimage.securedataimages.com	1 KB
1	theporndude.com theporndude.com	1 KB
1	adultfriendfinder.com adultfriendfinder.com	840 B
58	11

	Domain	Requested by
20	pics.dmm.co.jp	xxffo.com
13	xxffo.com	www.159i.com xxffo.com
5	syndication.exosrv.com	ads.exosrv.com
4	static.exosrv.com	xxffo.com
4	ads.exosrv.com	xxffo.com
2	hm.baidu.com	xxffo.com
2	www.google-analytics.com	xxffo.com
2	adserver.juicyads.com	1 redirects js.juicyads.com
1	js.juicyads.com	xxffo.com
1	ads.exoclick.com	xxffo.com
1	secureimage.securedataimages.com	xxffo.com
1	theporndude.com	xxffo.com
1	adultfriendfinder.com	xxffo.com
1	www.159i.com
1	159i.com	1 redirects
58	15

This site contains links to these domains. Also see Links.

Domain
www.xxffo.com
ffkk.me
adultfriendfinder.com
theporndude.com
asianmatchmate.com
www.exoclick.com
secure.wclnk.com
com-wkejf32ljd23409system.net
www.kliktrek.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-20` - `2020-08-19`	a year	crt.sh
sni66755.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-27` - `2020-03-04`	6 months	crt.sh
*.adultfriendfinder.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-05-06`	2 years	crt.sh
*.theporndude.com COMODO RSA Domain Validation Secure Server CA	`2017-10-04` - `2020-10-08`	3 years	crt.sh
www.securedataimages.com DigiCert SHA2 Secure Server CA	`2017-10-21` - `2020-10-28`	3 years	crt.sh
*.dmm.co.jp GlobalSign Organization Validation CA - SHA256 - G2	`2018-06-05` - `2020-05-31`	2 years	crt.sh
*.exoclick.com DigiCert SHA2 Secure Server CA	`2017-12-12` - `2020-12-16`	3 years	crt.sh
exosrv.com Let's Encrypt Authority X3	`2019-09-16` - `2019-12-15`	3 months	crt.sh
*.juicyads.com COMODO RSA Domain Validation Secure Server CA	`2015-01-23` - `2020-01-22`	5 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-05-09` - `2020-06-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://xxffo.com/
Frame ID: CC492F9E3AFDCED88790878A4263B137
Requests: 53 HTTP requests in this frame

Frame: https://ads.exosrv.com/iframe.php?idzone=2605483&size=728x90
Frame ID: 06E0EFFD50DDC356909A9182621483BF
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/&dt=1570629311347&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: F6E21F6654BB962F4A97E3A6849BC128
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/&dt=1570629311348&sub=&tags=&screen_resolution=1600x1200&el=
Frame ID: B09FA62EDEB7EB06AC13488C4366290A
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: 9E758C81B283941AE2004C2498BC58C0
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=723744
Frame ID: E35EEA5F00AEAB68C5C54C6EBC60B461
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://159i.com/p/hola/vvv.php?id=o0pTUof6Oh0o0pDQo!CONjcO0f!fdoNIo!COO0f!fdoepp8sHndrrGusbH... HTTP 302
https://www.159i.com/gorank.php Page URL
https://xxffo.com/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

58
Requests

98 %
HTTPS

33 %
IPv6

11
Domains

15
Subdomains

13
IPs

5
Countries

509 kB
Transfer

689 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xxffo.com/
Title: Free Porn JAV Movies, Jav Online Free

Search URL Search Domain Scan URL

URL: https://ffkk.me/
Title: Uncensored

Search URL Search Domain Scan URL

URL: https://adultfriendfinder.com/go/g1302689-pct?page_id=492
Title: AdultFriendFinder

Search URL Search Domain Scan URL

URL: https://theporndude.com/
Title: ThePornDude-Best JAV Sites

Search URL Search Domain Scan URL

URL: https://asianmatchmate.com/go/g1302689
Title: Asianmatchmate

Search URL Search Domain Scan URL

URL: https://www.exoclick.com/
Title: Powered By

Search URL Search Domain Scan URL

URL: https://secure.wclnk.com/watch-my-girlfriend
Title: Watch My GirlfriendWatch My Girlfriend

Search URL Search Domain Scan URL

URL: https://com-wkejf32ljd23409system.net/kostenloses-porno-game-ficke-deine-gegner
Title: Kostenloses Porno Game Ficke Deine Gegner!Da es sich hier um ein Hentai-Spiel handelt, benötigen wir Ihre Bestätigung, dass Sie älter als 18 Jahre sindGetfun-Stuff

Search URL Search Domain Scan URL

URL: https://www.kliktrek.com/kostenloses-porno-game-ficke-deine-gegner
Title: Kostenloses Porno Game Ficke Deine Gegner!Da es sich hier um ein Hentai-Spiel handelt, benötigen wir Ihre Bestätigung, dass Sie älter als 18 Jahre sindGetfun-Stuff

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://159i.com/p/hola/vvv.php?id=o0pTUof6Oh0o0pDQo!CONjcO0f!fdoNIo!COO0f!fdoepp8sHndrrGusbHOpWDTqQo08Oo08O HTTP 302
https://www.159i.com/gorank.php Page URL
https://xxffo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://159i.com/p/hola/vvv.php?id=o0pTUof6Oh0o0pDQo!CONjcO0f!fdoNIo!COO0f!fdoepp8sHndrrGusbHOpWDTqQo08Oo08O HTTP 302
https://www.159i.com/gorank.php

Request Chain 44

https://adserver.juicyads.com/js/jads.js HTTP 301
https://js.juicyads.com/jads.js

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

gorank.php Show response
www.159i.com/
Redirect Chain

https://159i.com/p/hola/vvv.php?id=o0pTUof6Oh0o0pDQo!CONjcO0f!fdoNIo!COO0f!fdoepp8sHndrrGusbHOpWDTqQo08Oo08O
https://www.159i.com/gorank.php

434 B
278 B

122ms
101ms

Document
text/html

2606:4700:30::6818:7645
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.159i.com/gorank.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:7645 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.2.22
Resource Hash: 0f17e443712286005ad83bae78c12526a3851c66f608cbb234ee58457a7ffc0d

Request headers

:method: GET
:authority: www.159i.com
:scheme: https
:path: /gorank.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: __cfduid=d871377c64394472c1e26fefeb0abfb441570629310
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 09 Oct 2019 13:55:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.22
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5230d9c769aa59c4-VIE
content-encoding: br

Redirect headers

status: 302
date: Wed, 09 Oct 2019 13:55:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d871377c64394472c1e26fefeb0abfb441570629310; expires=Thu, 08-Oct-20 13:55:10 GMT; path=/; domain=.159i.com; HttpOnly; Secure
x-powered-by: PHP/7.2.22
location: //www.159i.com/gorank.php
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5230d9c6991559c4-VIE

GET
H2 200 Primary Request / Show response
xxffo.com/ 17 KB
4 KB 226ms
143ms Document
text/html 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/

Requested by

Host: www.159i.com
URL: https://www.159i.com/gorank.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/5.6.36

Resource Hash

29275454ac4ce1e814a8a35a192711a06e810a836f1a3e00fb39a7cd54526572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

:method: GET
:authority: xxffo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.159i.com/gorank.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://www.159i.com/gorank.php

Response headers

status: 200
date: Wed, 09 Oct 2019 13:55:10 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d625ae4d0709dcbdcd6d7c251a99156bc1570629310; expires=Thu, 08-Oct-20 13:55:10 GMT; path=/; domain=.xxffo.com; HttpOnly PHPSESSID=1m1uqg6qub5sd2t6mf8j36hc40; path=/ think_template=s%3A7%3A%22default%22%3B; expires=Wed, 09-Oct-2019 14:55:10 GMT; Max-Age=3600; path=/
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5230d9c89c575940-VIE
content-encoding: br

GET
H2 200 style.css
xxffo.com/Tpl/default/ 12 KB
3 KB 108ms
107ms Stylesheet
text/css 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Tpl/default/style.css

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7160f48f65be9b30247bd0eed5ff5dedb9f21bb1f2c6202a712771662bc1c297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Aug 2018 13:12:56 GMT
server: cloudflare
etag: W/"5b61b1d8-31b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d695940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 leeter.js Show response
xxffo.com/Tpl/default/js/ 2 KB
255 B 176ms
175ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Tpl/default/js/leeter.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af878e7ed9b1c99bf311067335c91e2dde6bebc9f6651fdf3c07d192490eaf12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Jun 2013 15:20:40 GMT
server: cloudflare
etag: W/"51bb34c8-7cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d6b5940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 top72090.js Show response
xxffo.com/Public/ads/ 199 B
206 B 106ms
105ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Public/ads/top72090.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

74164fd58fa63a7e6426b95d6eb3d522c932a3b237933da6e04cf52a53aa58a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Apr 2019 14:14:00 GMT
server: cloudflare
etag: W/"5cc706a8-c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d6d5940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H/1.1 200
OK favicon.ico
adultfriendfinder.com/images/ffadult/ 568 B
840 B 604ms
270ms Image
image/x-icon 69.165.107.69
FriendFinder Netw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adultfriendfinder.com/images/ffadult/favicon.ico
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.165.107.69 , United States, ASN25875 (VARIOUS - FriendFinder Networks Inc, US),
Reverse DNS
Software: /
Resource Hash: 39ffa3162f7cd91838e91963a9e9edcd692f55f619154d125e7b4e896c68a401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 13:55:11 GMT
Last-Modified: Wed, 17 Sep 2003 17:56:05 GMT
Age: 0
ETag: "fbd6f77-238-3c78a3690b740"
X-Cache: MISS
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 568
X-Cache-Hits: 0

GET
H2 200 favicon.ico
theporndude.com/ 1 KB
1 KB 60ms
37ms Image
image/x-icon 104.17.35.108
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theporndude.com/favicon.ico

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.35.108 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

165a6f04a5d00aa6a597dba8cec89bb8380f01c2522765d823f5dfa36637aaea

Security Headers

Name	Value
X-Frame-Options	allow-from https://webvisor.com/

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jun 2015 22:32:32 GMT
server: cloudflare
age: 962304
x-frame-options: allow-from https://webvisor.com/
etag: W/"47e-5581f580-52fc97da8d15420f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/x-icon
status: 200
cache-control: public, max-age=2592000
cf-ray: 5230d9ca7a96c28b-FRA
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H2 200 favicon_2.ico
secureimage.securedataimages.com/images/ffadult/ 1 KB
1 KB 183ms
7ms Image
image/x-icon 152.195.39.54
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secureimage.securedataimages.com/images/ffadult/favicon_2.ico
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.54 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: 69a6617ec0cf7afc79fad92a2a71648372bfdeb2ef3d1d3032268292b410f5c6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Mon, 02 Aug 2010 17:12:42 GMT
server: ECS (fcn/40DE)
etag: "fbd6f86-47e-48cda4ef0b680"
x-cache: HIT
content-type: image/x-icon
status: 200
expires: Fri, 08 Nov 2019 13:55:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1150
x-cache-hits: 2

GET
H2 200 z190.js Show response
xxffo.com/Public/ads/ 175 B
311 B 18ms
16ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Public/ads/z190.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b1427593ae4186f5ce920eb45754e6db05999446266e745618f0a607a836b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Apr 2019 14:14:00 GMT
server: cloudflare
age: 17745
etag: W/"5cc706a8-af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d6f5940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 search.js Show response
xxffo.com/Tpl/default/js/ 670 B
395 B 20ms
17ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Tpl/default/js/search.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55619719ea8b1eb78368b34914f50d3b803527c1ceb598a24cfde938b1ff43fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Apr 2019 05:51:52 GMT
server: cloudflare
age: 16302
etag: W/"5cc690f8-29e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d735940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 pgd736ps.jpg
pics.dmm.co.jp/mono/movie/adult/pgd736/ 12 KB
12 KB 1816ms
1050ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/pgd736/pgd736ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 643f0e1d69e700dd0ff09f504ce5284655dfc99a2a9bf140cc3bf013aa9e9abb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Wed, 05 Nov 2014 08:04:20 GMT
server: openresty
etag: "5459da04-2e38"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 11832

GET
H2 200 snis565ps.jpg
pics.dmm.co.jp/mono/movie/adult/snis565/ 15 KB
15 KB 2339ms
1573ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/snis565/snis565ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 5babf45d56dc5a45ad770cebcad353aa5ff0d9b11d4a7e2872019f6a292b831d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 19 Nov 2015 00:39:26 GMT
server: openresty
etag: "564d1a3e-3a6e"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 14958

GET
H2 200 miad985ps.jpg
pics.dmm.co.jp/mono/movie/adult/miad985/ 12 KB
13 KB 2603ms
1837ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/miad985/miad985ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 36482b031c27ddf6ad7f3a2ba1be25ebf41bbfc23ca805e4baa910d992cdfea9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 13 Oct 2016 00:15:45 GMT
server: openresty
etag: "57fed231-3199"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 12697

GET
H2 200 ipz637ps.jpg
pics.dmm.co.jp/mono/movie/adult/ipz637/ 13 KB
13 KB 1815ms
1049ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/ipz637/ipz637ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: e8a515782d191173b85d0bc59d085dc5af061cc52d4de1b14b896b20bbf7aaa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Wed, 16 Sep 2015 08:28:31 GMT
server: openresty
etag: "55f9282f-3206"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 12806

GET
H2 200 pgd828ps.jpg
pics.dmm.co.jp/mono/movie/adult/pgd828/ 14 KB
14 KB 2078ms
1312ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/pgd828/pgd828ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 861d36bc75654f0823150a69dcce8323f8363b384fd3b903849270876426cdb4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Mon, 05 Oct 2015 07:47:30 GMT
server: openresty
etag: "56122b12-3618"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 13848

GET
H2 200 avop210ps.jpg
pics.dmm.co.jp/mono/movie/adult/avop210/ 12 KB
12 KB 2602ms
1837ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/avop210/avop210ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 849c8a960e1fa5560c4b13ec0b1e4bbdb61ed1ab3cf127cce9efefc7fdbfb82d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Tue, 12 Jul 2016 00:43:45 GMT
server: openresty
etag: "57843d41-2eb6"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 11958

GET
H2 200 mide371ps.jpg
pics.dmm.co.jp/mono/movie/adult/mide371/ 14 KB
14 KB 2122ms
1574ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/mide371/mide371ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 309d17094f0d6453b69620f85e3950a89feed9934ded5778173056425ed47b10

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 13 Oct 2016 00:15:47 GMT
server: openresty
etag: "57fed233-36f9"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 14073

GET
H2 200 ipz666ps.jpg
pics.dmm.co.jp/mono/movie/adult/ipz666/ 11 KB
11 KB 812ms
262ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/ipz666/ipz666ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: ad6f13a0070397aed999c2d2d8aa654c61b72c8fb0bb53c8b40f32574d03aee3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Wed, 28 Oct 2015 08:04:39 GMT
server: openresty
etag: "56308197-2b5a"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 11098

GET
H2 200 1stars137ps.jpg
pics.dmm.co.jp/mono/movie/adult/1stars137/ 17 KB
17 KB 2123ms
1574ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/1stars137/1stars137ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: b15fef2060d529b259b2c508c0536462bf4dbb0cef4383e47714ecfc920529a3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Tue, 10 Sep 2019 02:04:19 GMT
server: openresty
etag: "5d7704a3-4209"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 16905

GET
H2 200 1sdde598ps.jpg
pics.dmm.co.jp/mono/movie/adult/1sdde598/ 18 KB
18 KB 2385ms
1836ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/1sdde598/1sdde598ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: ce1510bbde59b12ad1d60d1abc7e89a36d24c3669185b8d552ffddcfd678fc01

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Tue, 10 Sep 2019 02:03:32 GMT
server: openresty
etag: "5d770474-480b"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 18443

GET
H2 200 1sdmu952ps.jpg
pics.dmm.co.jp/mono/movie/adult/1sdmu952/ 21 KB
21 KB 2384ms
1835ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/1sdmu952/1sdmu952ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: f076447b10f93b5b84ff1112337b7bc9e386276cc1a22c79ba5b701d5aeaa0c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Tue, 10 Sep 2019 02:03:43 GMT
server: openresty
etag: "5d77047f-52b4"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 21172

GET
H2 200 1sdde599ps.jpg
pics.dmm.co.jp/mono/movie/adult/1sdde599/ 16 KB
16 KB 1336ms
787ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/1sdde599/1sdde599ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 6852d3fec587d9d20884c61c8838df5dc42fd553f946229c2453e261bd7c3c5b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Tue, 10 Sep 2019 02:03:34 GMT
server: openresty
etag: "5d770476-3fb3"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 16307

GET
H2 200 125umd704ps.jpg
pics.dmm.co.jp/mono/movie/adult/125umd704/ 16 KB
16 KB 1859ms
1311ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/125umd704/125umd704ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 93662ecf947cf33ce3e91ad43bfd6fb49f4d3d35c8a5b73c973708910e99e0e4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Wed, 17 Jul 2019 03:27:41 GMT
server: openresty
etag: "5d2e95ad-408d"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 16525

GET
H2 200 oyc279ps.jpg
pics.dmm.co.jp/mono/movie/adult/oyc279/ 16 KB
16 KB 1597ms
1049ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/oyc279/oyc279ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 2ecc945b8537f275dd86457ecbba855c87c688b5f495653ca0f9f551bca17ba2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 05 Sep 2019 23:50:09 GMT
server: openresty
etag: "5d719f31-3e13"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 15891

GET
H2 200 dvaj417sops.jpg
pics.dmm.co.jp/mono/movie/adult/dvaj417so/ 16 KB
16 KB 1861ms
1312ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/dvaj417so/dvaj417sops.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 7840c7b1ba98607803ceb77d36df4ede13c6cc24a8f5e5dcf172b79156a7e96f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 12 Sep 2019 01:05:13 GMT
server: openresty
etag: "5d7999c9-403c"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 16444

GET
H2 200 apod011ps.jpg
pics.dmm.co.jp/mono/movie/adult/apod011/ 18 KB
18 KB 1073ms
525ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/apod011/apod011ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: c98eada407417b0dff3fa56db4e2de21667ab456ea558bd8e53275a85480fe0c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 12 Sep 2019 23:58:02 GMT
server: openresty
etag: "5d7adb8a-467b"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 18043

GET
H2 200 aqsh045ps.jpg
pics.dmm.co.jp/mono/movie/adult/aqsh045/ 16 KB
16 KB 2072ms
2072ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/aqsh045/aqsh045ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: a5a4e60cce7160b6a11c219e91add1565fd049ca8a308414c0f5c9ca2c555318

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:12 GMT
last-modified: Thu, 12 Sep 2019 23:58:07 GMT
server: openresty
etag: "5d7adb8f-3e88"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 16008

GET
H2 200 apns145sops.jpg
pics.dmm.co.jp/mono/movie/adult/apns145so/ 15 KB
15 KB 2073ms
2073ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/apns145so/apns145sops.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: e831071fed49383a6d4b80a6ccfdd386635b9ee954c533f82254da958c140cf7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:12 GMT
last-modified: Thu, 12 Sep 2019 01:03:52 GMT
server: openresty
etag: "5d799978-3cc5"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 15557

GET
H2 200 kawd522ps.jpg
pics.dmm.co.jp/mono/movie/adult/kawd522/ 12 KB
12 KB 2074ms
2073ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/kawd522/kawd522ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 7df02e6770b6431280cf099968e7cabdebb9e1647b6957844a311cffbd68e07d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:12 GMT
last-modified: Mon, 24 Mar 2014 03:16:00 GMT
server: openresty
etag: "532fa370-2e44"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 11844

GET
H2 200 ipz665ps.jpg
pics.dmm.co.jp/mono/movie/adult/ipz665/ 13 KB
13 KB 2074ms
2074ms Image
image/jpeg 202.6.247.39
DOOGA DooGA Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.dmm.co.jp/mono/movie/adult/ipz665/ipz665ps.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.6.247.39 , Japan, ASN23620 (DOOGA DooGA Co., Ltd., JP),
Reverse DNS: 202x6x247x39
Software: openresty /
Resource Hash: 30d27f6b16cd1e82a8b5e8a8fea7c86b9d2cbc7a87874041dd39e71893b2964b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pics-origin: digital-master
date: Wed, 09 Oct 2019 13:55:12 GMT
last-modified: Wed, 28 Oct 2015 08:04:38 GMT
server: openresty
etag: "56308196-33fb"
x-cache-status: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 13307

GET
H2 200 popunder1000.js Show response
ads.exosrv.com/ 92 KB
33 KB 28ms
6ms Script
text/javascript 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/popunder1000.js
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: 88448b9a70a8495147c494e52777c23a5674132676bd231e3c78804df18ca2e5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 12:36:09 GMT
server: ECS (fcn/40B0)
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=10800
content-length: 33691
expires: Wed, 09 Oct 2019 16:55:11 GMT

GET
H2 200 fcxsd.js Show response
xxffo.com/sd/ 26 KB
5 KB 105ms
103ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/sd/fcxsd.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cc0149c2a7a3e2166b12436235bed1038b2f461095326f4a5e05b6598f9aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 May 2019 08:48:46 GMT
server: cloudflare
etag: W/"5cdd23ee-66ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d755940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 tob960.js Show response
xxffo.com/Public/ads/ 2 KB
495 B 106ms
104ms Script
application/javascript 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://xxffo.com/Public/ads/tob960.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

faa6ebe448470f15f3f4b68dac6b84396e93476c12093c006f5c71a53c8bcefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Apr 2019 14:14:00 GMT
server: cloudflare
etag: W/"5cc706a8-606"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 5230d9ca5d765940-VIE
expires: Thu, 10 Oct 2019 01:55:11 GMT

GET
H2 200 htop_bg.gif
xxffo.com/Tpl/default/images/ 60 B
211 B 101ms
101ms Image
image/gif 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xxffo.com/Tpl/default/images/htop_bg.gif

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7986dce3e21c042c12a1a01375111005c63d25d86174e073dbaf0e246b1ae02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/Tpl/default/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
cf-cache-status: MISS
last-modified: Sun, 26 Apr 2009 12:45:30 GMT
server: cloudflare
etag: "49f4576a-3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5230d9cb0e1b5940-VIE
content-length: 60
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H2 200 logo.png
xxffo.com/Tpl/default/images/ 28 KB
28 KB 122ms
122ms Image
image/png 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xxffo.com/Tpl/default/images/logo.png

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb307f583adc266fc78f70378b41303e17c983fd2c9bad8d9b3e9b2a532ab13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/Tpl/default/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Aug 2018 05:59:09 GMT
server: cloudflare
etag: "5b614c2d-6e99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5230d9cb6e5b5940-VIE
content-length: 28313
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H2 200 iframe.php
ads.exosrv.com/ Frame 06E0 0
0 7ms
6ms Document
text/html 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/iframe.php?idzone=2605483&size=728x90
Requested by: Host: xxffo.com
URL: https://xxffo.com/Public/ads/top72090.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4197) /
Resource Hash

Request headers

:method: GET
:authority: ads.exosrv.com
:scheme: https
:path: /iframe.php?idzone=2605483&size=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://xxffo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://xxffo.com/

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=10800
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2019 13:55:11 GMT
expires: Wed, 09 Oct 2019 16:55:11 GMT
last-modified: Wed, 09 Oct 2019 12:46:03 GMT
server: ECS (fcn/4197)
vary: Accept-Encoding
x-cache: HIT
content-length: 1100

GET
H2 200 nativeads.js Show response
ads.exosrv.com/ 32 KB
9 KB 8ms
8ms Script
text/javascript 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/nativeads.js
Requested by: Host: xxffo.com
URL: https://xxffo.com/Public/ads/z190.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: f31d6949ce1cf69e8372912075b211d8df4d2c8a87e10b7387f4ab8454c323d2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 12:36:35 GMT
server: ECS (fcn/40B0)
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=10800
content-length: 8763
expires: Wed, 09 Oct 2019 16:55:11 GMT

GET
H2 200 icon_src.gif
xxffo.com/Tpl/default/images/ 815 B
891 B 100ms
100ms Image
image/gif 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xxffo.com/Tpl/default/images/icon_src.gif

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ce466b860d2794d9f4e3c1cccdc1ad0804a13527e55966509179c989a08d22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/Tpl/default/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
cf-cache-status: MISS
last-modified: Sun, 26 Apr 2009 12:45:30 GMT
server: cloudflare
etag: "49f4576a-32f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5230d9cb8e6c5940-VIE
content-length: 815
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H2 200 icon_order.gif
xxffo.com/Tpl/default/images/ 640 B
716 B 107ms
107ms Image
image/gif 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xxffo.com/Tpl/default/images/icon_order.gif

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6fe7f72a42f2fd98e6b8634da8f45a82fcbd9fe3dbd39848a00ac9859ad99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/Tpl/default/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
cf-cache-status: MISS
last-modified: Sun, 26 Apr 2009 12:45:30 GMT
server: cloudflare
etag: "49f4576a-280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5230d9cb8e6d5940-VIE
content-length: 640
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exosrv.com/ 5 KB
3 KB 83ms
37ms XHR
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/splash.php?native-settings=1&idzone=3070718&p=https%3A%2F%2Fxxffo.com%2F
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/nativeads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: cb871d199362e6a2ed5ba15be9104d93c07613def7438b681bbd477cba05002f

Request headers

Sec-Fetch-Mode: cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 13:55:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://xxffo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK splash.php Show response
syndication.exosrv.com/ 10 KB
6 KB 158ms
110ms XHR
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/splash.php?native-settings=1&idzone=3353280&p=https%3A%2F%2Fxxffo.com%2F
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/nativeads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: d52c48272f74166109791b7f437a6e9e01a3dfe937f9bee7abb25ca9a3537e6b

Request headers

Sec-Fetch-Mode: cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 13:55:11 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://xxffo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 fang.gif
xxffo.com/Tpl/default/images/ 107 B
204 B 106ms
104ms Image
image/gif 2606:4700:30::681b:bca1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xxffo.com/Tpl/default/images/fang.gif

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:bca1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba0c99986012efcc6d2a98ad4981af9463206a103e6a4a03a799b2e117bc0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/Tpl/default/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
cf-cache-status: MISS
last-modified: Sun, 26 Apr 2009 12:45:56 GMT
server: cloudflare
etag: "49f45784-6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5230d9cbae7f5940-VIE
content-length: 107
expires: Fri, 08 Nov 2019 13:55:11 GMT

GET
H/1.1 200
OK ads-priv.php Show response
syndication.exosrv.com/ 0
330 B 88ms
20ms Script
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/ads-priv.php?i=0
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/popunder1000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 13:55:11 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 ads.js Show response
ads.exoclick.com/ 2 KB
830 B 12ms
10ms Script
text/javascript 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exoclick.com/ads.js
Requested by: Host: xxffo.com
URL: https://xxffo.com/sd/fcxsd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E2) /
Resource Hash: 59ddae45b03564f67a3341d574c10c172bd2b76cc882016f6f7c25a130b72ee1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 12:36:01 GMT
server: ECS (fcn/40E2)
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=10800
content-length: 796
expires: Wed, 09 Oct 2019 16:55:11 GMT

GET
H2 200 ads.js Show response
ads.exosrv.com/ 2 KB
828 B 7ms
6ms Script
text/javascript 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/ads.js
Requested by: Host: xxffo.com
URL: https://xxffo.com/Public/ads/tob960.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E2) /
Resource Hash: f6dff6c65c75b23df7a6cfca4bd61a756e93146349bc35a57baaff5212bf6968

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 12:36:01 GMT
server: ECS (fcn/40E2)
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=10800
content-length: 794
expires: Wed, 09 Oct 2019 16:55:11 GMT

GET
H2

200

jads.js Show response
js.juicyads.com/
Redirect Chain

https://adserver.juicyads.com/js/jads.js
https://js.juicyads.com/jads.js

4 KB
2 KB

41ms
15ms

Script
application/javascript

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jads.js
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: fee275c2cb40d5ce229d1fe7ce519689dc0baa1ecbf5c17d5d867b1136fcaff8

Request headers

Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 18:07:55 GMT
server: nginx
etag: "5cae30fb-eae"
status: 200
x-hw: 1570629311.cds057.fr8.hn,1570629311.cds013.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17945
accept-ranges: bytes
content-length: 1716

Redirect headers

Location: https://js.juicyads.com/jads.js
Date: Wed, 09 Oct 2019 13:55:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame F6E2 0
0 52ms
39ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/&dt=1570629311347&sub=&tags=&screen_resolution=1600x1200&el=
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.exosrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://xxffo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://xxffo.com/

Response headers

Server: nginx
Date: Wed, 09 Oct 2019 13:55:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225d9de6bf59ee51.515622563936339017%22%3B%7D; expires=Fri, 08-Oct-2021 13:55:11 GMT; Max-Age=63072000; domain=exosrv.com
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame B09F 0
0 64ms
43ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2605489&type=300x250&p=https%3A//xxffo.com/&dt=1570629311348&sub=&tags=&screen_resolution=1600x1200&el=
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.exosrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://xxffo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://xxffo.com/

Response headers

Server: nginx
Date: Wed, 09 Oct 2019 13:55:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225d9de6bf5d18f1.540280151631387472%22%3B%7D; expires=Fri, 08-Oct-2021 13:55:11 GMT; Max-Age=63072000; domain=exosrv.com
Content-Encoding: gzip

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6305
date: Wed, 09 Oct 2019 12:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 09 Oct 2019 14:10:06 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 972ms
481ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?382eb7a5cdf2ce55f35c964aca9d2188

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b2f705dc4b66313d1942f8307ded321fd8eb711e0d8af17b4237448348a454c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 13:55:12 GMT
Content-Encoding: gzip
Server: apache
Etag: 8dfa4315fa11175b5f77ee222f8cc2fb
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 12746

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1731135788&t=pageview&_s=1&dl=https%3A%2F%2Fxxffo.com%2F&dr=https%3A%2F%2Fwww.159i.com%2Fgorank.php&ul=en-us&de=UTF-8&dt=Free%20Porn%20JAV%20Movies%2C%20Jav%20Online%20Free%20-%20xxffo.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=553295733&gjid=1147404551&cid=107085807.1570629311&tid=UA-21443113-2&_gid=2004742837.1570629311&_r=1&z=587730580

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 13:55:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget-branding-logo.png
static.exosrv.com/ 2 KB
2 KB 9ms
8ms Image
image/png 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.exosrv.com/widget-branding-logo.png
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DA) /
Resource Hash: 5325d5beb64d82d48d3f7d78b606ee93b8e975a55868bba038905329ed1044b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Thu, 25 May 2017 10:05:00 GMT
server: ECS (fcn/40DA)
etag: "5926ac4c-60b"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1547
expires: Thu, 08 Oct 2020 13:55:11 GMT

GET
H2 200 ccc08021a778f896ebf13d08798f4eb8264d4cd7.jpg
static.exosrv.com/library/257596/ 22 KB
22 KB 8ms
7ms Image
image/jpeg 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.exosrv.com/library/257596/ccc08021a778f896ebf13d08798f4eb8264d4cd7.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 3718d0c04a651224638c0904f6291c25dccf08808f3c5fadf5ec5aa31e521fa2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Fri, 02 Jun 2017 15:56:49 GMT
server: ECS (fcn/40E6)
etag: "59318ac1-5707"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22279
expires: Thu, 08 Oct 2020 13:55:11 GMT

GET
H2 200 ef5a0267554d9a756c68885398f94f73e1326522.jpg
static.exosrv.com/library/159176/ 33 KB
33 KB 6ms
6ms Image
image/jpeg 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.exosrv.com/library/159176/ef5a0267554d9a756c68885398f94f73e1326522.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: fd5382f4a2f5a40ea8b80441ea94380c852d59ba1f7e2f34f77ccb46bc6da858

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:11 GMT
last-modified: Sat, 16 Mar 2019 04:04:52 GMT
server: ECS (fcn/41A4)
etag: "5c8c75e4-841a"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33818
expires: Thu, 08 Oct 2020 13:55:11 GMT

GET
H2 200 ed82095e8e9514fed1b1417591a0c8c00294beb1.jpg
static.exosrv.com/library/159176/ 22 KB
22 KB 7ms
6ms Image
image/jpeg 2606:2800:234:1f1f:1754:1fef:718:1223
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.exosrv.com/library/159176/ed82095e8e9514fed1b1417591a0c8c00294beb1.jpg
Requested by: Host: xxffo.com
URL: https://xxffo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DC) /
Resource Hash: 97de302db94162be63023829c16914a2e7073c865c6927063e73dabfd355ae85

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 13:55:36 GMT
last-modified: Wed, 07 Aug 2019 05:58:50 GMT
server: ECS (fcn/40DC)
etag: "5d4a689a-57d5"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22485
expires: Thu, 08 Oct 2020 13:55:36 GMT

GET adshow.php
adserver.juicyads.com/ Frame 9E75 0
0

GET
H/1.1 200
OK Cookie set adshow.php
adserver.juicyads.com/ Frame E35E 0
0 414ms
175ms Document
text/html 64.59.125.120
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.juicyads.com/adshow.php?adzone=723744
Requested by: Host: js.juicyads.com
URL: https://js.juicyads.com/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.59.125.120 Franklin, United States, ASN27589 (MOJOHOST - MOJOHOST, US),
Reverse DNS: cs2324.mojohost.com
Software: nginx /
Resource Hash

Request headers

Host: adserver.juicyads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://xxffo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://xxffo.com/

Response headers

Server: nginx
Date: Wed, 09 Oct 2019 13:55:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fe1a06f8773f65dcdbaf58e16e199cfb; expires=Thu, 08-Oct-2020 13:55:12 GMT; path=/; domain=.juicyads.com imps18956=1; expires=Thu, 10-Oct-2019 13:55:12 GMT; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjYzOTE1MTtpOjE1NzA4ODg1MTI7fQ%3D%3D; expires=Sat, 12-Oct-2019 13:55:12 GMT; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 12-Oct-2019 13:55:12 GMT; domain=juicyads.com
Content-Encoding: gzip

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 336ms
335ms Image
image/gif 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=765294159&si=382eb7a5cdf2ce55f35c964aca9d2188&su=https%3A%2F%2Fwww.159i.com%2Fgorank.php&v=1.2.61&lv=1&sn=17503&ct=!!&tt=Free%20Porn%20JAV%20Movies%2C%20Jav%20Online%20Free%20-%20xxffo.com

Requested by

Host: xxffo.com
URL: https://xxffo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://xxffo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Oct 2019 13:55:12 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=723744

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

159i.com
ads.exoclick.com
ads.exosrv.com
adserver.juicyads.com
adultfriendfinder.com
hm.baidu.com
js.juicyads.com
pics.dmm.co.jp
secureimage.securedataimages.com
static.exosrv.com
syndication.exosrv.com
theporndude.com
www.159i.com
www.google-analytics.com
xxffo.com
adserver.juicyads.com
103.235.46.191
104.17.35.108
151.139.128.10
152.195.39.54
202.6.247.39
2606:2800:234:1f1f:1754:1fef:718:1223
2606:4700:30::6818:7645
2606:4700:30::681b:bca1
2a00:1450:4001:80b::200e
64.59.125.120
69.165.107.69
95.211.229.245
0f17e443712286005ad83bae78c12526a3851c66f608cbb234ee58457a7ffc0d
0f6fe7f72a42f2fd98e6b8634da8f45a82fcbd9fe3dbd39848a00ac9859ad99e
165a6f04a5d00aa6a597dba8cec89bb8380f01c2522765d823f5dfa36637aaea
29275454ac4ce1e814a8a35a192711a06e810a836f1a3e00fb39a7cd54526572
2b1427593ae4186f5ce920eb45754e6db05999446266e745618f0a607a836b90
2ecc945b8537f275dd86457ecbba855c87c688b5f495653ca0f9f551bca17ba2
309d17094f0d6453b69620f85e3950a89feed9934ded5778173056425ed47b10
30d27f6b16cd1e82a8b5e8a8fea7c86b9d2cbc7a87874041dd39e71893b2964b
36482b031c27ddf6ad7f3a2ba1be25ebf41bbfc23ca805e4baa910d992cdfea9
3718d0c04a651224638c0904f6291c25dccf08808f3c5fadf5ec5aa31e521fa2
39ffa3162f7cd91838e91963a9e9edcd692f55f619154d125e7b4e896c68a401
5325d5beb64d82d48d3f7d78b606ee93b8e975a55868bba038905329ed1044b9
55619719ea8b1eb78368b34914f50d3b803527c1ceb598a24cfde938b1ff43fc
59ddae45b03564f67a3341d574c10c172bd2b76cc882016f6f7c25a130b72ee1
5babf45d56dc5a45ad770cebcad353aa5ff0d9b11d4a7e2872019f6a292b831d
643f0e1d69e700dd0ff09f504ce5284655dfc99a2a9bf140cc3bf013aa9e9abb
6852d3fec587d9d20884c61c8838df5dc42fd553f946229c2453e261bd7c3c5b
69a6617ec0cf7afc79fad92a2a71648372bfdeb2ef3d1d3032268292b410f5c6
6ce466b860d2794d9f4e3c1cccdc1ad0804a13527e55966509179c989a08d22e
7160f48f65be9b30247bd0eed5ff5dedb9f21bb1f2c6202a712771662bc1c297
74164fd58fa63a7e6426b95d6eb3d522c932a3b237933da6e04cf52a53aa58a4
7840c7b1ba98607803ceb77d36df4ede13c6cc24a8f5e5dcf172b79156a7e96f
7986dce3e21c042c12a1a01375111005c63d25d86174e073dbaf0e246b1ae02a
7df02e6770b6431280cf099968e7cabdebb9e1647b6957844a311cffbd68e07d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849c8a960e1fa5560c4b13ec0b1e4bbdb61ed1ab3cf127cce9efefc7fdbfb82d
861d36bc75654f0823150a69dcce8323f8363b384fd3b903849270876426cdb4
88448b9a70a8495147c494e52777c23a5674132676bd231e3c78804df18ca2e5
88cc0149c2a7a3e2166b12436235bed1038b2f461095326f4a5e05b6598f9aee
93662ecf947cf33ce3e91ad43bfd6fb49f4d3d35c8a5b73c973708910e99e0e4
97de302db94162be63023829c16914a2e7073c865c6927063e73dabfd355ae85
9ba0c99986012efcc6d2a98ad4981af9463206a103e6a4a03a799b2e117bc0e6
a5a4e60cce7160b6a11c219e91add1565fd049ca8a308414c0f5c9ca2c555318
ad6f13a0070397aed999c2d2d8aa654c61b72c8fb0bb53c8b40f32574d03aee3
af878e7ed9b1c99bf311067335c91e2dde6bebc9f6651fdf3c07d192490eaf12
b15fef2060d529b259b2c508c0536462bf4dbb0cef4383e47714ecfc920529a3
b2f705dc4b66313d1942f8307ded321fd8eb711e0d8af17b4237448348a454c3
c98eada407417b0dff3fa56db4e2de21667ab456ea558bd8e53275a85480fe0c
cb871d199362e6a2ed5ba15be9104d93c07613def7438b681bbd477cba05002f
cbb307f583adc266fc78f70378b41303e17c983fd2c9bad8d9b3e9b2a532ab13
ce1510bbde59b12ad1d60d1abc7e89a36d24c3669185b8d552ffddcfd678fc01
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d52c48272f74166109791b7f437a6e9e01a3dfe937f9bee7abb25ca9a3537e6b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e831071fed49383a6d4b80a6ccfdd386635b9ee954c533f82254da958c140cf7
e8a515782d191173b85d0bc59d085dc5af061cc52d4de1b14b896b20bbf7aaa7
f076447b10f93b5b84ff1112337b7bc9e386276cc1a22c79ba5b701d5aeaa0c0
f31d6949ce1cf69e8372912075b211d8df4d2c8a87e10b7387f4ab8454c323d2
f6dff6c65c75b23df7a6cfca4bd61a756e93146349bc35a57baaff5212bf6968
faa6ebe448470f15f3f4b68dac6b84396e93476c12093c006f5c71a53c8bcefb
fd5382f4a2f5a40ea8b80441ea94380c852d59ba1f7e2f34f77ccb46bc6da858
fee275c2cb40d5ce229d1fe7ce519689dc0baa1ecbf5c17d5d867b1136fcaff8

xxffo.com Open in urlscan Pro 2606:4700:30::681b:bca1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

33 %IPv6

11 Domains

15 Subdomains

13 IPs

5 Countries

509 kBTransfer

689 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xxffo.com Open in urlscan Pro
2606:4700:30::681b:bca1 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

33 %
IPv6

11
Domains

15
Subdomains

13
IPs

5
Countries

509 kB
Transfer

689 kB
Size

0
Cookies

58 HTTP transactions
0 data transactions