fox.mixfilm1.shop Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Submission: On December 14 via api (December 14th 2023, 4:47:09 pm UTC) from US — Scanned from NL

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 88 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fox.mixfilm1.shop.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.

This is the only time fox.mixfilm1.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	82.202.165.19 82.202.165.19	29182 (RU-JSCIOT) (RU-JSCIOT)
8	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
7	50.7.239.229 50.7.239.229	174 (COGENT-174) (COGENT-174)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 7	193.169.200.3 193.169.200.3	198738 (SMARTTELE...) (SMARTTELECOM-AS)
6	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	31.40.218.243 31.40.218.243	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
5	185.211.244.33 185.211.244.33	202984 (TEAM-HOST AS) (TEAM-HOST AS)
88	19

25 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fox.mixfilm1.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
055664434375553.svetacdn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

hdvb-player.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.202.165.19 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: videoroll.net

videoroll.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.7.239.229 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)

toroca.as.newplayjj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.169.200.3 (New York, United States) 1 redirects

ASN198738 (SMARTTELECOM-AS, SC)

vid1702572423993.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-401.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.40.218.243 (Lithuania)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

cdn4571.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.211.244.33 (Moscow, Russian Federation)

ASN202984 (TEAM-HOST AS, RU)

58e-b60-1906g0.v.plground.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mixfilm1.shop fox.mixfilm1.shop	409 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	169 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1001 KB
8	vb17123filippaaniketos.pw vid1702571411.vb17123filippaaniketos.pw Failed vid1702572423993.vb17123filippaaniketos.pw b-401.vb17123filippaaniketos.pw — Cisco Umbrella Rank: 184565 cdn4571.vb17123filippaaniketos.pw — Cisco Umbrella Rank: 373119	246 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
7	newplayjj.com toroca.as.newplayjj.com	399 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	239 KB
6	svetacdn.in 1 redirects 055664434375553.svetacdn.in	372 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	42 KB
5	plground.live 58e-b60-1906g0.v.plground.live	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	71 KB
2	videoroll.net videoroll.net — Cisco Umbrella Rank: 171356	59 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	github.io hdvb-player.github.io — Cisco Umbrella Rank: 262209	1 KB
88	16

	Domain	Requested by
19	fox.mixfilm1.shop	fox.mixfilm1.shop
8	www.youtube.com	fox.mixfilm1.shop www.youtube.com
7	mc.yandex.com	3 redirects fox.mixfilm1.shop mc.yandex.ru
7	toroca.as.newplayjj.com	fox.mixfilm1.shop toroca.as.newplayjj.com
6	cdn.jsdelivr.net	055664434375553.svetacdn.in vid1702572423993.vb17123filippaaniketos.pw
6	vid1702572423993.vb17123filippaaniketos.pw	hdvb-player.github.io vid1702572423993.vb17123filippaaniketos.pw
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	055664434375553.svetacdn.in	1 redirects fox.mixfilm1.shop 055664434375553.svetacdn.in
5	58e-b60-1906g0.v.plground.live	toroca.as.newplayjj.com
5	www.gstatic.com	www.youtube.com vid1702572423993.vb17123filippaaniketos.pw www.gstatic.com
4	jnn-pa.googleapis.com	www.youtube.com
3	mc.yandex.ru	1 redirects fox.mixfilm1.shop
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	videoroll.net	fox.mixfilm1.shop videoroll.net
2	fonts.googleapis.com	fox.mixfilm1.shop vid1702572423993.vb17123filippaaniketos.pw
1	cdn4571.vb17123filippaaniketos.pw
1	b-401.vb17123filippaaniketos.pw	1 redirects
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	hdvb-player.github.io	fox.mixfilm1.shop
0	vid1702571411.vb17123filippaaniketos.pw Failed	fox.mixfilm1.shop
88	22

This site contains no links.

Subject Issuer	Validity	Valid
mixfilm1.shop GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
videoroll.net AlphaSSL CA - SHA256 - G4	`2023-05-29` - `2024-06-29`	a year	crt.sh
svetacdn.in GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
newplayjj.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vb17123filippaaniketos.pw R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
plground.live R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Frame ID: 6396A40AF4AC8D727820CD9EE93ED2B0
Requests: 33 HTTP requests in this frame

Frame: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Frame ID: CFD6D32DB07B682DCC86702DCBDD0B3E
Requests: 15 HTTP requests in this frame

Frame: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Frame ID: 415772B460892E1CA4BB1EC1AF80D7A8
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uoklaW9jPFY
Frame ID: 14BE7FCDFB820DCB2B1ED60D24EB0AD5
Requests: 18 HTTP requests in this frame

Frame: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
Frame ID: BDB79D02BB7772A184BFA0CCC96F63D4
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Семейный обмен (2023) бесплатно онлайн смотреть фильм в хорошем качестве HD720-1080

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

94 %
HTTPS

72 %
IPv6

16
Domains

22
Subdomains

19
IPs

5
Countries

3035 kB
Transfer

9842 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://055664434375553.svetacdn.in/n1xnK05iU8an?kp_id=5138526 HTTP 302
https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=

Request Chain 57

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 64

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10217.9BbWKcqK3iZZPQK8FNmYABuiC2pI3s8l5hjJ9k0KWQw7_tyjT_Ru6-u3tG8Nr8zh.uJQkRo_4XkUhTy0OQowgALd_ZRg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10217.1IIMW5lSpQlDbi6yasxQRPkGMywhEJieHIb4-udpVMXc17fK7WbBGt0vZ2ccIP5Q0KMWq72Oy-DSMVvfPlQc32PUDNxUuTtixIZic7mRgS5GkBHDtmLD8WLXA3_9KBTY0nqi8cooTPGwiRjvgFJH3MhDP_baGCoXF_YWdreacWRogzjR682cfKPOeMPf8Fa34wcQvLu-fL5Wx7YuAY1tTuRjg0eDcs84YQbhowXFg5Y%2C.HDZ96HOS2KdO-VbspwTMh5D0UKs%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.uR6CqaRIxeIagysD2u1wI-gdAMbQOGp0FF94CF95iWDjF9QdZjRvAXWJcuNFfShFtJgx4GcZ5QgIUXZmTSR66KmmAVKVoFDhZjbdKYXXZAsRIl1Sy05Ln_coDcFwQZUdm0ONy_MYNfYZXQVgi10iBY1_OTvqT301m8E9s1pLPWexz7a0WLFdNV0CklJQ_H48ULWl99gLekhqg4knFAA3Dg%2C%2C.m3nteT1aUPEzwCZENwq9Xc0Y7zY%2C

Request Chain 74

https://b-401.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEVFeZdVW04ERrlnT6VVNZ1WWwoFVstWWqVUP:1702576024:31.204.152.200:9a7e6dcc5db7fc51be9ebc4361e28d490b6586feb32b587febae63823f1d880a/index.m3u8 HTTP 302
https://cdn4571.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEVFeZdVW04ERrlnT6VVNZ1WWwoFVstWWqVUP:1702576024:31.204.152.200:9a7e6dcc5db7fc51be9ebc4361e28d490b6586feb32b587febae63823f1d880a/index.m3u8

Request Chain 78

https://mc.yandex.com/watch/90791759?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1011933765804%3Ahid%3A605960293%3Az%3A60%3Ai%3A20231214174704%3Aet%3A1702572425%3Ac%3A1%3Arn%3A764789373%3Arqn%3A1%3Au%3A1702572425890741137%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C55%2C53%2C4%2C%2C0%2C%2C249%2C15%2C%2C%2C%2C402%3Aco%3A0%3Acpf%3A1%3Ans%3A1702572423743%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702572425%3At%3A%D0%A1%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D1%8B%D0%B9%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%20(2023)%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20HD720-1080&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/90791759/1?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1011933765804%3Ahid%3A605960293%3Az%3A60%3Ai%3A20231214174704%3Aet%3A1702572425%3Ac%3A1%3Arn%3A764789373%3Arqn%3A1%3Au%3A1702572425890741137%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C55%2C53%2C4%2C%2C0%2C%2C249%2C15%2C%2C%2C%2C402%3Aco%3A0%3Acpf%3A1%3Ans%3A1702572423743%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702572425%3At%3A%D0%A1%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D1%8B%D0%B9%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%20%282023%29%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20HD720-1080&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 57290-semejnyj-obmen-2023.html Show response
fox.mixfilm1.shop/ 44 KB
11 KB 136ms
53ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 2e3fb32e6710b079fbdb2fe6f180025495d3b3e9f0f6a77853f106607e882b4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=172800, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8357ed310eb90b04-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 16:47:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=banKi5RwMP0nsTprxVi2QhTN%2B%2FWdji5mkLWX93hquAGBFO%2BdAtFoKvFFo4zR61RIJXsp5TahHO0NXySnBUbp0jJHVbL5PIsFNhpejUzu5UitQyRpFgIywgeoJs8RX3%2B7QVmjGqwUy9MNiX6llX15Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29

GET
H2 200 index.php
fox.mixfilm1.shop/engine/classes/min/ 175 KB
46 KB 46ms
45ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: bdc4afbb94f0f8c7a7e00e697d8c6f467c4d3bda565c17729eb73c590afd524e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29
etag: W/"pub1665682020;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzNMoogmEfZypqFCVyDPOTO4kuWElSaJaSsK4B0WJZepSlSTFrLCrhh5ffxjiqclWV%2BOuW%2Fjck2Thp2CjPJ0Q%2FCW9rx7d66FhdBfYgwDNzGJVEm8mmDNQPH2ELgN8OeafasNXSde7OZIx2sLhw9T3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=15552000, max-age=172800, private, must-revalidate
cf-ray: 8357ed315f280b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 16:47:05 GMT

GET
H2 200 actualize.js Show response
hdvb-player.github.io/ 2 KB
1 KB 93ms
25ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hdvb-player.github.io/actualize.js

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

684c4c1a48749fe7970543a2ef8f26d9b92fee382a27f6af5cba27cc8b5a6993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 881f899d7622543732b635bd901af3a7f94f23b3
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 14 Dec 2023 16:47:03 GMT
age: 257
x-cache: HIT
x-cache-hits: 21
x-proxy-cache: HIT
content-length: 1040
x-served-by: cache-ams21037-AMS
last-modified: Fri, 24 Feb 2023 23:27:39 GMT
server: GitHub.com
x-github-request-id: 3C58:CBE5:2312F95:2398F2E:6567C050
x-timer: S1702572424.982738,VS0,VE1
etag: W/"63f947eb-964"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 29 Nov 2023 23:00:47 GMT

GET
H2 200 logo.png
fox.mixfilm1.shop/templates/greens/images/ 3 KB
3 KB 41ms
41ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/templates/greens/images/logo.png
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f2dfb85df070dfc40e3632b2e93f39aebf717bfd5d50733e549b45fdbd32fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17455
alt-svc: h3=":443"; ma=86400
content-length: 2971
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
server: cloudflare
etag: "63484a64-b9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYwgauYPxuQ696q8No38BJhLBHCcK%2BMKPMxPleku99jQ%2B3rmbjApJHkS6IfQbXypVRIgpTcwcveDUX0EQCzpRvD980x%2Bq5rySaplLSbe87FuVlD0g5EYiEmm17BMI3qlG3bxejhdr%2F0Gi5bNgXa8%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed317f4d0b04-AMS
expires: Fri, 15 Dec 2023 11:56:10 GMT

GET
H2 200 1701977196-1683380091.webp
fox.mixfilm1.shop/uploads/posts/2023-12/ 15 KB
15 KB 34ms
34ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2023-12/1701977196-1683380091.webp
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c28eb830c05ea2d2233524aaf6af8c4199386d1ecdd9902bb0f4f8da7411d093

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454561
alt-svc: h3=":443"; ma=86400
content-length: 14970
last-modified: Thu, 07 Dec 2023 19:25:09 GMT
server: cloudflare
etag: "3a7a-60bf06d0b502b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gqG8F%2B4PnSugQXaQ7iPAM5N05QjXduknquaTWANa4kxYlfxWjYnqhGnMRyJd4WfRlnuM1L5xYh0mHO0a4eGDR6%2FIaMYLp8RwhGensRNwPvoZBSKRVUUS%2B8iO%2Bs5gW1HVIsx8HiyhMmo690wb4r3UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed317f500b04-AMS
expires: Mon, 08 Jan 2024 10:31:04 GMT

GET
H2 200 1700630990-1171680254.webp
fox.mixfilm1.shop/uploads/posts/2023-11/ 10 KB
10 KB 38ms
38ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2023-11/1700630990-1171680254.webp
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd99012cf49c162cdb57fd6a724111df53b84254cb59171cc21b3ecd2bedfb39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421790
alt-svc: h3=":443"; ma=86400
content-length: 10204
last-modified: Wed, 22 Nov 2023 05:29:14 GMT
server: cloudflare
etag: "27dc-60ab6ffeadffb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s858qVGJlppe%2FbfxuRCg2FjxbQYP3YZTlkEpOOluDnJF7B%2FXQTeQWueXgYQK0zK2okY1aRO6mr1TnF2DAAqPnwc9%2FYUDyzhcSWNoAD8VL3jxBtCTG2Js5I2aUSFunEcTLjKYi%2BI4W4R0ZU3TqFI%2FVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed31bfb30b04-AMS
expires: Mon, 08 Jan 2024 19:37:15 GMT

GET
H2 200 1695097575-1857814.webp
fox.mixfilm1.shop/uploads/posts/2023-09/ 8 KB
8 KB 38ms
36ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2023-09/1695097575-1857814.webp
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448a641f72e4a7d948fabf576081f44a3ff36204982fd40ad94964e6eecb4d90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76049
alt-svc: h3=":443"; ma=86400
content-length: 8104
last-modified: Tue, 19 Sep 2023 04:25:40 GMT
server: cloudflare
etag: "1fa8-605aea6c1e8fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0%2Bz6R3QCwkXhDtWWj1N%2F435hU%2BVaI%2BTBBOTX%2B%2BxM2JNi2iM9uS%2BRv37vtSP%2F7wwaEfJREntgQ0ZRXmDijmGsd6BYA18PPEN2SoT77gRv3vv1d6Kigp2CuaGotMf6na1FI6h2nK9HAH89UYlxPHysA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed31bfbb0b04-AMS
expires: Fri, 12 Jan 2024 19:39:36 GMT

GET
H2 200 1693131805-898504244.webp
fox.mixfilm1.shop/uploads/posts/2023-08/ 5 KB
5 KB 39ms
37ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2023-08/1693131805-898504244.webp
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aeb27d2be888400fbe238ba21444f606e270defb87bfc008b286308f7801c1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421790
alt-svc: h3=":443"; ma=86400
content-length: 5236
last-modified: Sun, 27 Aug 2023 10:23:24 GMT
server: cloudflare
etag: "1474-603e4f7bd8a01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVEWoHdp4M%2FObUR5B6TK2X7eEIGfIwCtkyDxO%2F5pQRHPK7w5jI3%2FxwG%2B2IHz%2BqBl4JzyTfsVWSikpxX6hTuDsUO8dqH8UBYEeS3cDGMAdUiXX4cCp9ztd3kvbCvd34EqlaeffiHj%2Bbfcyv%2BkYNEEKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed31bfbe0b04-AMS
expires: Mon, 08 Jan 2024 19:37:15 GMT

GET
H2 200 1653485057-316466804.webp
fox.mixfilm1.shop/uploads/posts/2022-05/ 10 KB
11 KB 40ms
39ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2022-05/1653485057-316466804.webp
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0121451b0973b9e5c83321e9ee28d9a0327d165f41327a1f4ce7f789939cd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76049
alt-svc: h3=":443"; ma=86400
content-length: 10568
last-modified: Thu, 13 Oct 2022 17:27:13 GMT
server: cloudflare
etag: "2948-5eaedd1ef78b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSml2Wsw204qTAZJtEu41WNAPucjlbD7BFtWhvvmLTms83VjUrUz%2FudB5boZiLYOuo9lZ4FK6ZpfsIttA7uUgabqeOUJOx5njLpxaCajdZ7cP42Y9gbvWsu8RzdRiN9DVyfnJnDb4LGNFUq1sqYd2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed31bfd30b04-AMS
expires: Fri, 12 Jan 2024 19:39:36 GMT

GET
H2 200 1628791131-635492004.jpg
fox.mixfilm1.shop/uploads/posts/2021-08/ 11 KB
11 KB 41ms
40ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2021-08/1628791131-635492004.jpg
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545c71b73f00400b35cfdafa36c615d759a161cde5bc1f2684ae5e5645a6af13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78276
alt-svc: h3=":443"; ma=86400
content-length: 10766
last-modified: Thu, 13 Oct 2022 17:27:12 GMT
server: cloudflare
etag: "63484a70-2a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fir3aB5DwQyQTp2E%2BNDcUi%2FkvIeQdS4sGEFASUXfuNPgnxU2l6ghB1UQ0MgpMpzivKc9Y3b4t3BF%2Bo5yGNK4m3DF1o0BQ68ws%2BAdgtO2cmD6xUZRsodM16cMmjDS5oj4sIDDx1nqiAxY3Vl1bpOMYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed31bfd70b04-AMS
expires: Thu, 14 Dec 2023 19:02:29 GMT

GET
H2 200 1599374699-423193518.jpg
fox.mixfilm1.shop/uploads/posts/2020-09/ 17 KB
17 KB 42ms
40ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/uploads/posts/2020-09/1599374699-423193518.jpg
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad6c22630c5dde026dc898df1dfe351dd53e6caebf42d02f0d34af8ed08e58d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76049
alt-svc: h3=":443"; ma=86400
content-length: 17045
last-modified: Thu, 13 Oct 2022 17:27:09 GMT
server: cloudflare
etag: "63484a6d-4295"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYc1q6o0Ob9jZ1ZRmvewZSBpjYDLXs72de9d9q1BWDKKDGYcHaB5Tjdv4g6j8ljq44WQyg93IEUiehOtTS9pgzxXznXx4FAZhX0PYmePqvoRIeMJDjcQc4utPFtKcGym4zH9P5PaDIqxDka0bWWRTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed31bfdc0b04-AMS
expires: Thu, 14 Dec 2023 19:39:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 149ms
77ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27682fb4e0efddea7c10e10bcfa097c685d00452ff0e93e35fac8593568e6e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 15:58:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 16:47:04 GMT

GET
H2 200 email-decode.min.js Show response
fox.mixfilm1.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 37ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fox.mixfilm1.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgSXG7hRiXs6ee58oT%2Fw85WEj6T%2F0RpP%2BBIRPyYfei3ExzMxaQg87XETg0sXmtqcz52AfzcmuakzW1pmk29eWsdt%2F6o5HPnm1pq35NFjcefekRKwZPhj4zcSqKr3wLbEoKVO%2BCKCnvzoiIT%2Bu6pGXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8357ed31bfc10b04-AMS
expires: Sat, 16 Dec 2023 16:47:03 GMT

GET
H2 200 index.php Show response
fox.mixfilm1.shop/engine/classes/min/ 84 KB
31 KB 127ms
126ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?g=general&v=27
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Oct 2022 17:26:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29
etag: W/"pub1665682019;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUIRAOY3nG5%2FOUl2Lk6pjSssezVHONh1QpHWIQLbHZUKOY3mPi3fBVfYc24gS%2BTAjB08YzTeL7zoj5rSs67fYClmqZD5ZS319kXi37Avw1t7uNBaVX%2B59AzUgle7yLQdCaF3a%2FgJbDTEA7LtBu3NwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000, max-age=172800, private, must-revalidate
cf-ray: 8357ed31bfcd0b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Dec 2024 16:47:06 GMT

GET
H2 200 index.php Show response
fox.mixfilm1.shop/engine/classes/min/ 152 KB
43 KB 164ms
163ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/masha/masha.js&v=27
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 3a3de4fd2c214dbc0c16ea5e07127e301b6bcc9b081b340d9d45a21bb3996114

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Oct 2022 17:26:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29
etag: W/"pub1665682019;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OGuBuwP1GL3uI9d%2FAAilwx3P0EcOnbTgxi3MLj1YSwtg7PtOmFOPHsOMRHLpkoL5uFS%2FJTmTrf%2BpYg4zIdtHq8BAbOiU84Il6hD50GKFOXS7lwJ53nYfjeXS%2BPNMRprEIKbGqk4h8CfYdUqw%2BZc8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000, max-age=172800, private, must-revalidate
cf-ray: 8357ed31dff80b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Dec 2024 16:47:06 GMT

GET
H3 200 index.php Show response
fox.mixfilm1.shop/engine/classes/min/ 146 KB
36 KB 64ms
63ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/lazydev/dle_filter/assets/dle_filter.js,/templates/greens/js/filter-xf.js,/templates/greens/js/libs.js,/templates/greens/mod_punpun/dle_search/js/dle_search.js&v=27
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 61bac7ccb3cf3a8712af097fc6ed46422024909e33a6d1c47ae0030d7ac02fa8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29
etag: W/"pub1665682020;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgqFxB3DU8rz5xeCxaRlQBrfWURlGQcmpTUUCl7%2FRbobhoFs1IargV33MIqSM6Yi8Z2LAUK1qGAi6iDzHduKBGmr80bSkxLqy4FB31eQTl9rdZhvJj4dlziSslc1mHqIM1Rtn1K3SCJpPuSWJZzMmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000, max-age=172800, private, must-revalidate
cf-ray: 8357ed31b83f1c7d-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Dec 2024 16:47:05 GMT

GET
H2 200 dle_filter.js.php Show response
fox.mixfilm1.shop/engine/lazydev/dle_filter/lib/ 69 KB
16 KB 84ms
83ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/engine/lazydev/dle_filter/lib/dle_filter.js.php
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 1e2463a3053e612ab1f6fffa0f700217da47f3522d31771f924e27a1731a0905

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oiw%2B5bMt%2FDnKP4i7xLad4mCt5nugfn4I7%2B6f9tBBBvJPHA6ysr9wKvSaiNimHdIxd%2BZwNYT66t7jhBOYN2%2Fhk9cucfgStldjfQ38Bb8OlOW87YHiAEowI2UkAmBHxRFFflqRwS11k7tLgddo%2FcJv%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=172800, private, must-revalidate
cf-ray: 8357ed31bfd00b04-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 13 Jan 2024 16:47:05 GMT

GET
H/1.1 200
OK vid_vpaut_script.js Show response
videoroll.net/js/ 59 KB
59 KB 556ms
140ms Script
application/javascript 82.202.165.19
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://videoroll.net/js/vid_vpaut_script.js
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.165.19 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: videoroll.net
Software: nginx /
Resource Hash: a7f228237fcfa33cc3ffd8aee206e1c55a4f389c14870f8f8a999a8eba585d5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:04 GMT
Last-Modified: Mon, 11 Dec 2023 15:08:10 GMT
Server: nginx
ETag: "657725da-eb0f"
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60175

GET iframe
vid1702571411.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/ Frame CFD6 0
0

GET
H2

200

70455 Show response
055664434375553.svetacdn.in/n1xnK05iU8an/movie/ Frame 4157
Redirect Chain

https://055664434375553.svetacdn.in/n1xnK05iU8an?kp_id=5138526
https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=

5 KB
2 KB

57ms
57ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 292003e03e413a7cd83ec265ac81c34db2930318842d8c2b7b9b890628671988

Request headers

Referer: https://fox.mixfilm1.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8357ed32ecd465fd-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 16:47:04 GMT
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFjO2%2By7nF23r%2FiXFauTqUmUQNZOZbYq%2BOV%2BFgi8Kh6t4zF4CCnVinZcyIboLbOvCGovaZdc3OLMw%2BqI%2Bl0PDpmqCErzRSx%2FhNudhQbh2SxP0FIA1pcm1Jf9YFFH0y9jq6BbLF6qaru5aQs007FcENWfsFaDCuCedZo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8357ed322bab65fd-AMS
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 16:47:04 GMT
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
location: /n1xnK05iU8an/movie/70455?domain=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer: https://fox.mixfilm1.shop/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFq4nkE90xsPfZwpjWBgQiG7Pou7bTXlUyCYCGneq7%2B3q0K7j3pz7m1b6uBBhY6gyfc3Mcpa8yXwO2oY6yr%2Fh1dakHMKFoDbOd15Ndykj5mAw%2B%2FtfxJJW737y7c%2F1ZbLOrWW7PJ3csQjDycHtLP81yaOde%2BC%2Fy83Qso%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 uoklaW9jPFY Show response
www.youtube.com/embed/ Frame 14BE 91 KB
39 KB 196ms
121ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uoklaW9jPFY

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0905cebf06b654911fa84616665c77fe283f6c3e05a0d172d2af13a186bbed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fox.mixfilm1.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 16:47:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
toroca.as.newplayjj.com/ Frame BDB7 12 KB
6 KB 200ms
130ms Document
text/html 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx / PHP/8.0.28

Resource Hash

7e3a965f47a1517492514807f9ef4afd8a349c79f3c64acc9c6433baef36b3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; max-age=31536000;

Request headers

Referer: https://fox.mixfilm1.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 16:47:04 GMT
server: nginx
strict-transport-security: max-age=31536000; max-age=31536000;
x-powered-by: PHP/8.0.28

GET
H3 200 bg.jpg
fox.mixfilm1.shop/templates/greens/images/ 61 KB
62 KB 34ms
34ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/templates/greens/images/bg.jpg
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54a0749bbc1d7b0ed81ccfe797b5f931f6d80669f0b8ba4508a2c578e2c2677

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17455
alt-svc: h3=":443"; ma=86400
content-length: 62790
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
server: cloudflare
etag: "63484a64-f546"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te6spafxO%2Bfsr4M%2F4MQHTMLqOy099SvmJ9AGR35PF%2FqAo45Dtb98yY%2BGQybYOamIvzIfRYWgmirGi6e4FHJoSLgnF1IX6whskGVwHxR9Fdq%2Bon0%2BrOpuF3tPA995sUrM8yEn689rG6a3W3cGfNkOaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed31c8431c7d-AMS
expires: Fri, 15 Dec 2023 11:56:10 GMT

GET
H3 200 ft-logo.png
fox.mixfilm1.shop/templates/greens/images/ 3 KB
3 KB 132ms
131ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/templates/greens/images/ft-logo.png
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdff1ede408e8c26606d60335a1397fea6efecf42c56f5e44e4d7571e8dada02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76684
alt-svc: h3=":443"; ma=86400
content-length: 2967
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
server: cloudflare
etag: "63484a64-b97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eM%2Blyf7wSEr3hq%2BTC7DJjDVQeXz0Jd5GpoukNdAFy%2BQcx%2Bo%2FL0bnjujmCgVkSXaV9YEvOXRrCE%2FMQPppBvF8hXPdWitcG%2FrrcHR9a%2FN6vmMHVrTOnZAma%2BJt0i2qUwO%2BQGdECRbwaREICrNHXe%2FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed31c84e1c7d-AMS
expires: Thu, 14 Dec 2023 19:29:01 GMT

GET
H3 200 fontawesome-webfont.woff2
fox.mixfilm1.shop/templates/greens/fonts/ 75 KB
76 KB 132ms
132ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fox.mixfilm1.shop/templates/greens/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Origin: https://fox.mixfilm1.shop
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:03 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470297
etag: "12d68-5eaedd122fd14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD7q65vPQLx0uXUoZeznxcvW6uFHh9vBmaVExFc4cMg%2BQNCmoYH5AQu8sunRVcqJdjPoRFO8YmuaIHRd9ZUXXkg0HXoHHGSBXaf7e4v6gJwdHna1YG9KRLHC5CGoZXNN%2BXnBaFR2wLrOkj0hOKZfvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8357ed31c84f1c7d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Mon, 08 Jan 2024 06:08:48 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 332ms
188ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-1158c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71052
expires: Thu, 14 Dec 2023 17:47:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 153ms
81ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fox.mixfilm1.shop
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 257431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:16:33 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 144ms
72ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fox.mixfilm1.shop
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:48:44 GMT
x-content-type-options: nosniff
age: 511100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12648
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:48:44 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v53/ 7 KB
7 KB 139ms
68ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c8f202d4a7e30d4345ec3b768e8b5076933d3c8abcac956b3fa6c6ee4b994bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fox.mixfilm1.shop
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:25:51 GMT
x-content-type-options: nosniff
age: 516073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6736
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:39:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 17:25:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 26 KB
26 KB 171ms
100ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fox.mixfilm1.shop
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:20:46 GMT
x-content-type-options: nosniff
age: 206778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26640
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 07:20:46 GMT

GET
H2 200 iframe Show response
vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/ Frame CFD6 3 KB
2 KB 246ms
136ms Document
text/html 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Requested by: Host: hdvb-player.github.io
URL: https://hdvb-player.github.io/actualize.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: 2fece9e6a445174368dbbfbb49657d6d3f64c71ce2df971c92e86cfd7826f941

Request headers

Referer: https://fox.mixfilm1.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 16:47:04 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 marker.png
fox.mixfilm1.shop/templates/greens/dleimages/ 2 KB
2 KB 32ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fox.mixfilm1.shop/templates/greens/dleimages/marker.png
Requested by: Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/engine/classes/min/index.php?f=/templates/greens/style/styles.css,/templates/greens/style/engine.css,/templates/greens/style/filter-xf.css,/templates/greens/lazydev/dle_filter/assets/dle_filter.css&rnd=1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16976
alt-svc: h3=":443"; ma=86400
content-length: 1883
last-modified: Thu, 13 Oct 2022 17:27:00 GMT
server: cloudflare
etag: "63484a64-75b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MF3CF5uLk0cAop0MaiDETqyaVfZX8RNLVh6k1fY%2FvwnTQXFixAOorPnT36XyKsQnHstUVQW6BtbQy84BGW08pzfH%2BEsieiWVfrHEVKvtHf3e1hIoD%2BvF7VgBTpITtHTj4vBSO5tIS7vGM1am880KXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8357ed3309ad1c7d-AMS
expires: Fri, 15 Dec 2023 12:04:10 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/0d02ada0/ Frame 14BE 365 KB
47 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48216
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Dec 2024 15:04:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14BE 15 KB
16 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 580808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14BE 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 71137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:27 GMT

GET
H2 200 style.css
toroca.as.newplayjj.com/style/ Frame BDB7 7 KB
2 KB 26ms
25ms Stylesheet
text/css 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/style/style.css?v=1.77

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

a67b4186834a05c738f4d1c4f93494b5e9343fdd63c4ffa60a8ec4bf5f0723ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-1cae"
content-type: text/css

GET
H2 200 jquery.min.js Show response
toroca.as.newplayjj.com/js/ Frame BDB7 87 KB
30 KB 38ms
37ms Script
application/javascript 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-15d9d"
content-type: application/javascript

GET
H2 200 baron.min.js Show response
toroca.as.newplayjj.com/js/ Frame BDB7 27 KB
10 KB 57ms
57ms Script
application/javascript 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/js/baron.min.js?v=2.22

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

81a40a24e93a9c3d86573189234cf9bd40567d227a53162dbce3f6c2c42c9630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 20:12:29 GMT
server: nginx
etag: W/"656b8fad-6d7b"
content-type: application/javascript

GET
H2 200 player.min.js Show response
toroca.as.newplayjj.com/js/ Frame BDB7 76 KB
29 KB 67ms
67ms Script
application/javascript 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/js/player.min.js?v=1.3946

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

672b10b12fb6ff5892bde058ad75f8edd3d37daa61ce003c3fdef9f15f840ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 13:43:13 GMT
server: nginx
etag: W/"656f28f1-130de"
content-type: application/javascript

GET
H2 200 playerjs-alloha-new-19.3.12.js Show response
toroca.as.newplayjj.com/js/ Frame BDB7 780 KB
270 KB 77ms
76ms Script
application/javascript 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/js/playerjs-alloha-new-19.3.12.js

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

f96f7531e215113ab9c80f29759f66760c2fa1f2c48a6c885ba0d39544699070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Sun, 03 Dec 2023 14:13:44 GMT
server: nginx
etag: W/"656c8d18-c2f65"
content-type: application/javascript

GET
H2 200 embed.js Show response
www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/ Frame 14BE 53 KB
16 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd1325df8d0d420902cfb85dbe6022871b05a608b247a30ca1714ec3c05546f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 09:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16655
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Dec 2024 09:12:13 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/ Frame 14BE 322 KB
96 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98651
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Dec 2024 16:18:16 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/ Frame 14BE 2 MB
768 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ee9b6353e843967ab3a8e7318ec1513f662a9833bdc381a0e6e54688fe6018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786195
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Dec 2024 15:27:13 GMT

GET
H3 200 iframe.css
055664434375553.svetacdn.in/Assets/ Frame 4157 7 KB
4 KB 63ms
63ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://055664434375553.svetacdn.in/Assets/iframe.css
Requested by: Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e9d15ef0853771a93a04c1a3a7e0b35614b8d1f4f0be28d8234aea956a90c2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
server: cloudflare
etag: W/"63f96222-1d34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byp3sxKcYHSJWXWa7ZUkNcs0SDs0fWKcHcYoQZHUqFoXK6MFcID61rfEo30l8cQS%2FXp0IZS7j5mFgSQl0Rbiyn1L1n37phUfuPS7GmsBAPu%2FlixXXei6QORPWM5ABUfgrD6jzR0anKnOXpJ1ZkkoMh03CHo3fO0xydo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8357ed334b5206de-AMS
access-control-allow-headers: x-csrf-token

GET
H2 200 hls.js@0.14.17 Show response
cdn.jsdelivr.net/npm/ Frame 4157 235 KB
71 KB 95ms
42ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@0.14.17

Requested by

Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1434822
x-jsd-version: 0.14.17
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220062-FRA, cache-ams21031-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"3ab62-0tMQz48mqu56W8Djvl7H6kr8/tw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpARAQjK9NsiwZAo%2BtmGMCgyw7QuNJCar6nrnvHpR9yiR%2BJuXWjcaVNyhggzb64JlhcSgft3XuDm83Fk6RmwMFsfI0VFx20FvQz%2BbZvrW13agTKDV3THxWbh8DladB%2BUG0xn3eOfhJfLzWqWeSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8357ed339e4c6560-AMS

GET
H2 200 p2p-media-loader-core.min.js Show response
cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/ Frame 4157 140 KB
40 KB 93ms
40ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js

Requested by

Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4901
x-jsd-version: 0.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230137-FRA, cache-ams21067-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtgo4%2FRHswC36ELThD1yjJONC7%2F65q0rjqayEN7yDa9a0SZYzVWGuhr8z9Bdl3twLjHaR6EbTltEFyLCzGdJcN3CToHXbS1zfcGdOHgv1fd96ztlnajedKSBNc31M0WKoGyUS5cJgEdEizZBkXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8357ed339e506560-AMS

GET
H2 200 p2p-media-loader-hlsjs.min.js Show response
cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@0.6.2/build/ Frame 4157 26 KB
8 KB 89ms
35ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@0.6.2/build/p2p-media-loader-hlsjs.min.js

Requested by

Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1418784
x-jsd-version: 0.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220067-FRA, cache-ams21047-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kedYmi0Wq2mhKilBrJakd131QT9shzS0F4bY29d6GlfL1PC%2F6IYKIE8tnOLEoRINoxZCBTa44w9p%2FEjAqsrlfMXqEZ7IauBOF0Mw3XguUgv2A6PjNIp85ZLRxFLgRKTqeoqiucQ%2FYVOxRcEVw3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8357ed339e4e6560-AMS

GET
H3 200 fb.js Show response
055664434375553.svetacdn.in/Assets/ Frame 4157 51 KB
32 KB 139ms
139ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://055664434375553.svetacdn.in/Assets/fb.js?v=111221222
Requested by: Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09dfd6dc7a9bb7b6445e7c231be887b71df85f9d6314582eb6457a9f60a33765

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
server: cloudflare
etag: W/"63f9609b-ca0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2SlsOXHIrigbsD%2Bj7qiaD4XxCvwyGEHF10vkMEXRwSxYU%2FBf5jyhDQ78ztFtwo9BAllHgMEuwMfGdTkD21%2BkUrwxSfKZ7R4m9BB%2BkLNuWbYe2gHV16gEBzWQilvHAye5lO7a70wlorRuNnIZa6JYvXiUTUekA222V0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8357ed334b5506de-AMS
access-control-allow-headers: x-csrf-token

GET
H3 200 pj_films.js Show response
055664434375553.svetacdn.in/Assets/ Frame 4157 2 MB
293 KB 128ms
128ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://055664434375553.svetacdn.in/Assets/pj_films.js?v=1702572424
Requested by: Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163ef6e2a2e6e16ea61f03df1030062edd4205818dcc8874542ced6a41cb8136

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
server: cloudflare
etag: W/"650e51be-196bce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxFRI4Qr8wfItJRwzGl7JCVAi5UAMF0f5P%2F817QdNY2WR5xXVAeHYFLjG8xwdTTnrki8OyEysuFt6xDddvk3sIondCU97lGJjteLYqfa%2FCeIE%2Bi8yCqEyx3I6b%2FlaUgFk5dnDVAjOoZNm97BvkGKeXBc7Wd%2BpM9hZsY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8357ed334b5706de-AMS
access-control-allow-headers: x-csrf-token

GET
H3 200 pj.js Show response
055664434375553.svetacdn.in/Assets/ Frame 4157 180 KB
41 KB 75ms
75ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://055664434375553.svetacdn.in/Assets/pj.js?v=1702572424
Requested by: Host: 055664434375553.svetacdn.in
URL: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c34edb78c37f7db522f24091693e28fd154683576d5ddf9e08f39f353e45356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://055664434375553.svetacdn.in/n1xnK05iU8an/movie/70455?domain=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thursday, 14-Dec-2023 16:47:04 GMT
server: cloudflare
etag: W/"657850bc-2d1d6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qSVMTtu4ILdO9T5rRtetVvSz%2BKy%2BOdXgTa73jjYSrL6kms46FhvsNt5o763qst5ngzVFgbppA%2BmfPa3PtykQRYNThm8ERu64y4NI0JsnJ2HVDE%2BTi2FJK3T5FhDalzKLCpXcbQfFzinkQZFGPSIdKZkuxYXvGFPYi8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 8357ed334b5806de-AMS
access-control-allow-headers: x-csrf-token

GET
H2 200 ch.js Show response
toroca.as.newplayjj.com/js/ Frame BDB7 208 KB
51 KB 28ms
27ms Script
application/javascript 50.7.239.229
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://toroca.as.newplayjj.com:9443/js/ch.js?v=1.31

Requested by

Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/player.min.js?v=1.3946

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.7.239.229 Halfweg, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

68625452ebd67986faa4feadbeb94a5011996d4cc7bfd33c626da6fd13d88803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toroca.as.newplayjj.com:9443/?kp=5138526&token=be9efa887059eb5420cd06fe3cc1b6&uid_q=657b3188206e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-33fdd"
content-type: application/javascript

GET
H2 200 hls.js Show response
vid1702572423993.vb17123filippaaniketos.pw/player/js/ Frame CFD6 590 KB
114 KB 196ms
191ms Script
application/javascript 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/player/js/hls.js?v=1
Requested by: Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: f55c33747b41fef6bbac1d1756598e0f1d7b8677eac6e2513a0f30a2d2c9fee0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 20:35:31 GMT
server: nginx
etag: W/"62cf2c93-93867"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
access-control-allow-headers: x-csrf-token

GET
H2 200 hls.js@0.14.17 Show response
cdn.jsdelivr.net/npm/ Frame CFD6 235 KB
71 KB 45ms
41ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@0.14.17

Requested by

Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1434822
x-jsd-version: 0.14.17
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220062-FRA, cache-ams21031-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"3ab62-0tMQz48mqu56W8Djvl7H6kr8/tw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L96noRQmMhOhrZpwlObSlOf7HNKZh5nmqXdbApT7d%2FFcFKgc9MEV4fmugerpESodi8bjEwWcftaaXsJtYq6cyRCSeRiAGvZhzwFSbdYAd4LbSpz1HorDLb5a0DmtcVi27lY9xrGdG%2BHVx%2FwmBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8357ed348f956560-AMS

GET
H2 200 p2p-media-loader-core.min.js Show response
cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/ Frame CFD6 140 KB
40 KB 42ms
38ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js

Requested by

Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4901
x-jsd-version: 0.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230137-FRA, cache-ams21067-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R%2FmC5X7T6zCLgWuSfvzqjzpbqgjgUCHBeTYLLiu2Zj7lJAkDWpoSabgZSZpTfMbMxIuOujL0KmQKA2KGjKyFy3pj%2Bk9Ttx4V0h2ixzVQZCxHwNszMVD86duK80Me0h7d8zgerHzKfhhlajCrpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8357ed348f986560-AMS

GET
H2 200 p2p-media-loader-hlsjs.min.js Show response
cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@0.6.2/build/ Frame CFD6 26 KB
8 KB 38ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@0.6.2/build/p2p-media-loader-hlsjs.min.js

Requested by

Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1418784
x-jsd-version: 0.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220067-FRA, cache-ams21047-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm8LvNeQcxQtbRpGc7uZi0I0S2E2q0euajH6YLGIR8ISIHA%2B%2B%2F%2BuXhAUeNhWXt%2F5aetvnuYyIuDyzqDM%2Fk4uR9dy6hCTsVpZxQffxS4pn2HMeyrwVjvhkG2T5hhJ2XfXHsBpJzZ%2B%2FD2jUMevSmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8357ed348f9b6560-AMS

GET
H2 200 lord2.js Show response
vid1702572423993.vb17123filippaaniketos.pw/playerjs/themes/ Frame CFD6 26 KB
7 KB 84ms
80ms Script
application/javascript 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/playerjs/themes/lord2.js?v=44313322433332223
Requested by: Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: a3fddf0e8cd83a67d47e3decbc96d25938da67cb790896659f4d9b4a28f8484c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 06:15:11 GMT
server: nginx
etag: W/"6232d1ef-6689"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
access-control-allow-headers: x-csrf-token

GET
H2 200 adblock.js Show response
vid1702572423993.vb17123filippaaniketos.pw/player/js/ Frame CFD6 19 B
270 B 80ms
76ms Script
application/javascript 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/player/js/adblock.js
Requested by: Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: 770b166e6581feb9bf6886850b17ca8d58b81e2ab946228d263fd1d2d0c297fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
last-modified: Fri, 27 Sep 2019 14:11:26 GMT
server: nginx
etag: "5d8e188e-13"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
content-length: 19

GET
H2 200 playerjs.js Show response
vid1702572423993.vb17123filippaaniketos.pw/playerjs/js/ Frame CFD6 418 KB
122 KB 105ms
102ms Script
application/javascript 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/playerjs/js/playerjs.js?=44313322433332223
Requested by: Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: aa4026e1d829c2f8dddfa453d857eb9297499ca620a5e4d5da448402eded8404

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 09:24:35 GMT
server: nginx
etag: W/"6572e0d3-689e7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
access-control-allow-headers: x-csrf-token

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 14BE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

68ms
67ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20beaf7146081da1ea513e13b713f14b2ae642865aa033dace93c551e2a090ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 14 Dec 2023 16:47:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 14BE 29 B
495 B 106ms
32ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:36:11 GMT
x-content-type-options: nosniff
age: 653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 16:51:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 115ms
41ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 16:47:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 14BE 87 KB
40 KB 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

def831c60097c37490a9ae3d73823366dbde33a4c1e7d4b65608baaaa63a4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40983
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/ Frame 14BE 116 KB
33 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ecf1e55119f3054315967be8bd3d85701e07e5c0f07158dee87f91c48071f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33693
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 12:02:22 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame 14BE 51 KB
20 KB 185ms
60ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 09:14:45 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/uoklaW9jPFY/ Frame 14BE 4 KB
4 KB 197ms
70ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uoklaW9jPFY/default.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bf19d592eefd2301ffd5b249ce0ccf453f47df91ac4203bf44160ca47f5b71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3782
x-xss-protection: 0
server: sffe
etag: "1698859511"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 18:47:04 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10217.9BbWKcqK3iZZPQK8FNmYABuiC2pI3s8l5hjJ9k0KWQw7_tyjT_Ru6-u3tG8Nr8zh.uJQkRo_4XkUhTy0OQowgALd_ZRg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10217.1IIMW5lSpQlDbi6yasxQRPkGMywhEJieHIb4-udpVMXc17fK7WbBGt0vZ2ccIP5Q0KMWq72Oy-DSMVvfPlQc32PUDNxUuTtixIZic7mRgS5GkBHDtmLD8WLXA3_9KBTY0nqi8cooTP...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.uR6CqaRIxeIagysD2u1wI-gdAMbQOGp0FF94CF95iWDjF9QdZjRvAXWJcuNFfShFtJgx4GcZ5QgIUXZmTSR66KmmAVKVoFDhZjbdKYXXZAsRI...

43 B
584 B

73ms
73ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.uR6CqaRIxeIagysD2u1wI-gdAMbQOGp0FF94CF95iWDjF9QdZjRvAXWJcuNFfShFtJgx4GcZ5QgIUXZmTSR66KmmAVKVoFDhZjbdKYXXZAsRIl1Sy05Ln_coDcFwQZUdm0ONy_MYNfYZXQVgi10iBY1_OTvqT301m8E9s1pLPWexz7a0WLFdNV0CklJQ_H48ULWl99gLekhqg4knFAA3Dg%2C%2C.m3nteT1aUPEzwCZENwq9Xc0Y7zY%2C

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.uR6CqaRIxeIagysD2u1wI-gdAMbQOGp0FF94CF95iWDjF9QdZjRvAXWJcuNFfShFtJgx4GcZ5QgIUXZmTSR66KmmAVKVoFDhZjbdKYXXZAsRIl1Sy05Ln_coDcFwQZUdm0ONy_MYNfYZXQVgi10iBY1_OTvqT301m8E9s1pLPWexz7a0WLFdNV0CklJQ_H48ULWl99gLekhqg4knFAA3Dg%2C%2C.m3nteT1aUPEzwCZENwq9Xc0Y7zY%2C
date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
474 B 82ms
82ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: fox.mixfilm1.shop
URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 14 Dec 2023 17:47:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 14BE 4 KB
2 KB 133ms
61ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 16:47:04 GMT

GET
H/1.1 200
OK vpaut_option_get.php Show response
videoroll.net/ 2 B
247 B 216ms
75ms Fetch
text/json 82.202.165.19
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://videoroll.net/vpaut_option_get.php?pl_id=14737
Requested by: Host: videoroll.net
URL: https://videoroll.net/js/vid_vpaut_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.165.19 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: videoroll.net
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Dec 2023 16:47:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/json;charset=UTF-8

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 40ms
39ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 16:47:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 14BE 90 B
133 B 72ms
72ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

200c1271c07294b386ba5d4ff279fa9f2a746a362349732df47028c79797f3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 14BE 0
10 B 60ms
60ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1W9u4A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/uoklaW9jPFY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/uoklaW9jPFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame CFD6 2 KB
643 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/playerjs/js/playerjs.js?=44313322433332223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 16:35:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 16:47:04 GMT

POST
H2 200 WPwEwJEi7$dZCk0Yrao1G0WXA3DqElXjbn6jQ-XH8BIisqqNvmtf6YXMbNDKvVxOYzTHHnxC-3PNO$uZT9YlMHrxxTuE1ctQT1dIBm8DFtYV-9QrlPUjupi$6NZLZwZwNxEe$+oDJTq0zVwHvsHVw$wr+zPuvGnql1F04hiKF9LTBgdDiY9tkWP++k$piILcgqYX9... Show response
vid1702572423993.vb17123filippaaniketos.pw/playlist/ Frame CFD6 333 B
508 B 109ms
108ms XHR
application/vnd.apple.mpegurl 193.169.200.3
SMARTTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vid1702572423993.vb17123filippaaniketos.pw/playlist/WPwEwJEi7$dZCk0Yrao1G0WXA3DqElXjbn6jQ-XH8BIisqqNvmtf6YXMbNDKvVxOYzTHHnxC-3PNO$uZT9YlMHrxxTuE1ctQT1dIBm8DFtYV-9QrlPUjupi$6NZLZwZwNxEe$+oDJTq0zVwHvsHVw$wr+zPuvGnql1F04hiKF9LTBgdDiY9tkWP++k$piILcgqYX9rvrm83R0-fqgXSttfoy7-Vr1K9yosy6p8zPJNDLwjSIOeUV$eYfx5THmT-7yodxrmDRM-9TpQH$bYSJ6Q!!.txt
Requested by: Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/playerjs/js/playerjs.js?=44313322433332223
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 193.169.200.3 New York, United States, ASN198738 (SMARTTELECOM-AS, SC),
Reverse DNS
Software: nginx /
Resource Hash: f3862b68572e48127c4ad11d29952cfd81a8bcbe58632cd0106ae1f717da91b1

Request headers

Referer: https://vid1702572423993.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film
X-CSRF-TOKEN: RtSik7mcHf3g6ed5Z-$erKdAqaHpgb8uQdp$6Hm7g0z$qy8tBlvZxdlj7Q-ceQV1
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 16:47:04 GMT
server: nginx
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CFD6 4 KB
2 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: vid1702572423993.vb17123filippaaniketos.pw
URL: https://vid1702572423993.vb17123filippaaniketos.pw/playerjs/js/playerjs.js?=44313322433332223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 16:47:04 GMT

GET
H2

200

index.m3u8 Show response
cdn4571.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEVFeZdVW... Frame CFD6
Redirect Chain

https://b-401.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEV...
https://cdn4571.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2T...

297 B
540 B

96ms
27ms

XHR
text/html

31.40.218.243
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4571.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEVFeZdVW04ERrlnT6VVNZ1WWwoFVstWWqVUP:1702576024:31.204.152.200:9a7e6dcc5db7fc51be9ebc4361e28d490b6586feb32b587febae63823f1d880a/index.m3u8
Protocol: H2
Server: 31.40.218.243 , Lithuania, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software: nginx /
Resource Hash: cc7e9516dc7caf9f6c5ab9cc07b69d366da4e28724785afa08624659f70f7985

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 16:47:05 GMT
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8

Redirect headers

date: Thu, 14 Dec 2023 16:47:04 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cdn4571.vb17123filippaaniketos.pw/stream2/b-401/86e97967b24a187f5558e6f6522f528c/MJTMsp1RshGTygnMNRUR2N2MSlnWXZEdMNDZzQWe5MDZzMmdZJTO1R2RWVHZDljekhkSsl1VwYnWtx2cihVT25kaK1WTyIVbapWTy4ERWx2TEVFeZdVW04ERrlnT6VVNZ1WWwoFVstWWqVUP:1702576024:31.204.152.200:9a7e6dcc5db7fc51be9ebc4361e28d490b6586feb32b587febae63823f1d880a/index.m3u8
access-control-allow-origin: *
access-control-allow-headers: x-csrf-token
content-length: 138

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 14BE 50 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 14 Dec 2023 20:53:13 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame CFD6 35 KB
12 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 14 Dec 2023 16:47:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame CFD6 50 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid1702572423993.vb17123filippaaniketos.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 14 Dec 2023 20:53:13 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/90791759/
Redirect Chain

https://mc.yandex.com/watch/90791759?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmp...
https://mc.yandex.com/watch/90791759/1?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxh...

427 B
591 B

72ms
72ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90791759/1?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1011933765804%3Ahid%3A605960293%3Az%3A60%3Ai%3A20231214174704%3Aet%3A1702572425%3Ac%3A1%3Arn%3A764789373%3Arqn%3A1%3Au%3A1702572425890741137%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C55%2C53%2C4%2C%2C0%2C%2C249%2C15%2C%2C%2C%2C402%3Aco%3A0%3Acpf%3A1%3Ans%3A1702572423743%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702572425%3At%3A%D0%A1%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D1%8B%D0%B9%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%20%282023%29%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20HD720-1080&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f25c53bf3bb88a186b6dbdb49f7205e3a09b7c226cc24357a942d5f14a0e8f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 16:47:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 14-Dec-2023 16:47:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fox.mixfilm1.shop
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 16:47:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 16:47:04 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Dec-2023 16:47:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90791759/1?wmode=7&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1011933765804%3Ahid%3A605960293%3Az%3A60%3Ai%3A20231214174704%3Aet%3A1702572425%3Ac%3A1%3Arn%3A764789373%3Arqn%3A1%3Au%3A1702572425890741137%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C55%2C53%2C4%2C%2C0%2C%2C249%2C15%2C%2C%2C%2C402%3Aco%3A0%3Acpf%3A1%3Ans%3A1702572423743%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702572425%3At%3A%D0%A1%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D1%8B%D0%B9%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%20%282023%29%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20HD720-1080&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://fox.mixfilm1.shop
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 16:47:04 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
58e-b60-1906g0.v.plground.live/ Frame BDB7 14 B
273 B 205ms
63ms XHR
text/plain 185.211.244.33
TEAM-HOST AS

General

Check archive.org

Show headers Download Go to

Full URL: https://58e-b60-1906g0.v.plground.live:10402/4Em7.txt
Requested by: Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.211.244.33 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5

Request headers

Accept: */*
Referer: https://toroca.as.newplayjj.com:9443/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:05 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
58e-b60-1906g0.v.plground.live/ Frame BDB7 14 B
273 B 353ms
353ms XHR
text/plain 185.211.244.33
TEAM-HOST AS

General

Check archive.org

Show headers Download Go to

Full URL: https://58e-b60-1906g0.v.plground.live:10402/4Em7.txt
Requested by: Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.211.244.33 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5

Request headers

Accept: */*
Referer: https://toroca.as.newplayjj.com:9443/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:06 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 14BE 28 B
54 B 76ms
74ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d02ada0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1702572426436
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uoklaW9jPFY
X-YouTube-Client-Version: 1.20231210.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: Cgs1T3d0UG9mZ1g4NCiI4-yrBjIKCgJOTBIEEgAgEw%3D%3D
X-YouTube-Ad-Signals: dt=1702572424264&flash=0&frm=2&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 14 Dec 2023 16:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 14 Dec 2023 16:47:06 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
58e-b60-1906g0.v.plground.live/ Frame BDB7 14 B
273 B 63ms
62ms XHR
text/plain 185.211.244.33
TEAM-HOST AS

General

Check archive.org

Show headers Download Go to

Full URL: https://58e-b60-1906g0.v.plground.live:10402/4Em7.txt
Requested by: Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.211.244.33 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5

Request headers

Accept: */*
Referer: https://toroca.as.newplayjj.com:9443/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:07 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 90791759
mc.yandex.com/webvisor/ 43 B
0 285ms
213ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/90791759?wv-part=1&wv-type=7&wmode=0&wv-hit=605960293&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&rn=868437400&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1702572428%3Aw%3A1600x1200%3Av%3A1190%3Az%3A60%3Ai%3A20231214174707%3Au%3A1702572425890741137%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Ast%3A1702572428&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 16:47:07 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Dec-2023 16:47:07 GMT
content-type: image/gif
access-control-allow-origin: https://fox.mixfilm1.shop
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 16:47:07 GMT

POST
H2 200 90791759
mc.yandex.com/webvisor/ 43 B
0 73ms
73ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/90791759?wv-part=1&wv-type=7&wmode=0&wv-hit=605960293&page-url=https%3A%2F%2Ffox.mixfilm1.shop%2F57290-semejnyj-obmen-2023.html&rn=999794973&browser-info=we%3A1%3Aet%3A1702572428%3Aw%3A1600x1200%3Av%3A1190%3Az%3A60%3Ai%3A20231214174708%3Au%3A1702572425890741137%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Ast%3A1702572428&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 16:47:08 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Dec-2023 16:47:08 GMT
content-type: image/gif
access-control-allow-origin: https://fox.mixfilm1.shop
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 16:47:08 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
58e-b60-1906g0.v.plground.live/ Frame BDB7 14 B
273 B 63ms
63ms XHR
text/plain 185.211.244.33
TEAM-HOST AS

General

Check archive.org

Show headers Download Go to

Full URL: https://58e-b60-1906g0.v.plground.live:10402/4Em7.txt
Requested by: Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.211.244.33 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5

Request headers

Accept: */*
Referer: https://toroca.as.newplayjj.com:9443/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:08 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
58e-b60-1906g0.v.plground.live/ Frame BDB7 14 B
273 B 62ms
62ms XHR
text/plain 185.211.244.33
TEAM-HOST AS

General

Check archive.org

Show headers Download Go to

Full URL: https://58e-b60-1906g0.v.plground.live:10402/4Em7.txt
Requested by: Host: toroca.as.newplayjj.com
URL: https://toroca.as.newplayjj.com:9443/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.211.244.33 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5

Request headers

Accept: */*
Referer: https://toroca.as.newplayjj.com:9443/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 16:47:09 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vid1702571411.vb17123filippaaniketos.pw
URL: https://vid1702571411.vb17123filippaaniketos.pw/movie/3a2e7b892b869929204636c4ae2f6f54/iframe?d=lordfilms.film

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fox.mixfilm1.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 97873b23cc381c4f4092c6bd674a2b88
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nJ4u_9t3dpM
.youtube.com/	1970-01-20 21:15:24	Name: VISITOR_INFO1_LIVE Value: 5OwtPofgX84
.mixfilm1.shop/	1970-01-21 01:41:48	Name: _ym_uid Value: 1702572425890741137
.mixfilm1.shop/	1970-01-21 01:41:48	Name: _ym_d Value: 1702572425
.mc.yandex.com/	1970-01-20 16:56:13	Name: sync_cookie_csrf Value: 880147272fake
.yandex.com/	1970-01-21 02:32:12	Name: i Value: yn2W6X63CU0MybihIznHhaDtP4gRPSFu+UwjPwcRzjOL69DR90SgYxVWDyHYfm9xEhZg9xQlPuMrx83SlblhOrQhHRE=
.yandex.com/	1970-01-21 01:41:48	Name: yandexuid Value: 7087041341702572424
.mixfilm1.shop/	1970-01-20 16:57:24	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 16:56:13	Name: sync_cookie_csrf Value: 276986968fake
.mc.yandex.com/	1970-01-20 16:57:38	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:32:12	Name: yandexuid Value: 7087041341702572424
.yandex.ru/	1970-01-21 02:32:12	Name: yuidss Value: 7087041341702572424
.yandex.ru/	1970-01-21 02:32:12	Name: i Value: yn2W6X63CU0MybihIznHhaDtP4gRPSFu+UwjPwcRzjOL69DR90SgYxVWDyHYfm9xEhZg9xQlPuMrx83SlblhOrQhHRE=
.yandex.ru/	1970-01-21 02:32:12	Name: yp Value: 1702658824.yu.3070176491702572424
.yandex.ru/	1970-01-21 01:41:48	Name: ymex Value: 1705164424.oyu.3070176491702572424
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1575007501702572424
.yandex.com/	1970-01-21 01:41:48	Name: yuidss Value: 7087041341702572424
.yandex.com/	1970-01-21 01:41:48	Name: ymex Value: 1734108424.yrts.1702572424
.yandex.com/	1970-01-21 01:41:48	Name: bh Value: KgI/MA==
.mixfilm1.shop/	1970-01-20 16:56:14	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fox.mixfilm1.shop/57290-semejnyj-obmen-2023.html(Line 430) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

055664434375553.svetacdn.in
58e-b60-1906g0.v.plground.live
b-401.vb17123filippaaniketos.pw
cdn.jsdelivr.net
cdn4571.vb17123filippaaniketos.pw
fonts.googleapis.com
fonts.gstatic.com
fox.mixfilm1.shop
googleads.g.doubleclick.net
hdvb-player.github.io
i.ytimg.com
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
static.doubleclick.net
toroca.as.newplayjj.com
vid1702571411.vb17123filippaaniketos.pw
vid1702572423993.vb17123filippaaniketos.pw
videoroll.net
www.google.com
www.gstatic.com
www.youtube.com
vid1702571411.vb17123filippaaniketos.pw
185.211.244.33
193.169.200.3
2606:4700::6810:5614
2606:50c0:8001::153
2a00:1450:4001:806::2016
2a00:1450:4001:808::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a06:98c1:3120::3
31.40.218.243
50.7.239.229
82.202.165.19
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0905cebf06b654911fa84616665c77fe283f6c3e05a0d172d2af13a186bbed1b
09dfd6dc7a9bb7b6445e7c231be887b71df85f9d6314582eb6457a9f60a33765
163ef6e2a2e6e16ea61f03df1030062edd4205818dcc8874542ced6a41cb8136
189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4
1bf19d592eefd2301ffd5b249ce0ccf453f47df91ac4203bf44160ca47f5b71f
1e2463a3053e612ab1f6fffa0f700217da47f3522d31771f924e27a1731a0905
200c1271c07294b386ba5d4ff279fa9f2a746a362349732df47028c79797f3ee
20beaf7146081da1ea513e13b713f14b2ae642865aa033dace93c551e2a090ea
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27682fb4e0efddea7c10e10bcfa097c685d00452ff0e93e35fac8593568e6e91
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
292003e03e413a7cd83ec265ac81c34db2930318842d8c2b7b9b890628671988
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e3fb32e6710b079fbdb2fe6f180025495d3b3e9f0f6a77853f106607e882b4d
2fece9e6a445174368dbbfbb49657d6d3f64c71ce2df971c92e86cfd7826f941
3a3de4fd2c214dbc0c16ea5e07127e301b6bcc9b081b340d9d45a21bb3996114
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a641f72e4a7d948fabf576081f44a3ff36204982fd40ad94964e6eecb4d90
4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89
4e0121451b0973b9e5c83321e9ee28d9a0327d165f41327a1f4ce7f789939cd5
545c71b73f00400b35cfdafa36c615d759a161cde5bc1f2684ae5e5645a6af13
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aeb27d2be888400fbe238ba21444f606e270defb87bfc008b286308f7801c1a
5c8f202d4a7e30d4345ec3b768e8b5076933d3c8abcac956b3fa6c6ee4b994bf
6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872
61bac7ccb3cf3a8712af097fc6ed46422024909e33a6d1c47ae0030d7ac02fa8
672b10b12fb6ff5892bde058ad75f8edd3d37daa61ce003c3fdef9f15f840ced
684c4c1a48749fe7970543a2ef8f26d9b92fee382a27f6af5cba27cc8b5a6993
68625452ebd67986faa4feadbeb94a5011996d4cc7bfd33c626da6fd13d88803
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f
770b166e6581feb9bf6886850b17ca8d58b81e2ab946228d263fd1d2d0c297fd
7e3a965f47a1517492514807f9ef4afd8a349c79f3c64acc9c6433baef36b3f7
7e9d15ef0853771a93a04c1a3a7e0b35614b8d1f4f0be28d8234aea956a90c2c
81a40a24e93a9c3d86573189234cf9bd40567d227a53162dbce3f6c2c42c9630
98ee9b6353e843967ab3a8e7318ec1513f662a9833bdc381a0e6e54688fe6018
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74
9c34edb78c37f7db522f24091693e28fd154683576d5ddf9e08f39f353e45356
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a3fddf0e8cd83a67d47e3decbc96d25938da67cb790896659f4d9b4a28f8484c
a67b4186834a05c738f4d1c4f93494b5e9343fdd63c4ffa60a8ec4bf5f0723ac
a7f228237fcfa33cc3ffd8aee206e1c55a4f389c14870f8f8a999a8eba585d5f
aa4026e1d829c2f8dddfa453d857eb9297499ca620a5e4d5da448402eded8404
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
b54a0749bbc1d7b0ed81ccfe797b5f931f6d80669f0b8ba4508a2c578e2c2677
b7ecf1e55119f3054315967be8bd3d85701e07e5c0f07158dee87f91c48071f1
bdc4afbb94f0f8c7a7e00e697d8c6f467c4d3bda565c17729eb73c590afd524e
bdd1325df8d0d420902cfb85dbe6022871b05a608b247a30ca1714ec3c05546f
c28eb830c05ea2d2233524aaf6af8c4199386d1ecdd9902bb0f4f8da7411d093
c61b62944ae46b000da9a535a63ae0072ec5fa688c15c5fb5aee2fc385dc1361
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
cc7e9516dc7caf9f6c5ab9cc07b69d366da4e28724785afa08624659f70f7985
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8f2dfb85df070dfc40e3632b2e93f39aebf717bfd5d50733e549b45fdbd32fe
dce13fd539d357834496bdbca3515e9d51ab25b4758028f6f8e66dad8ead4dd5
dd99012cf49c162cdb57fd6a724111df53b84254cb59171cc21b3ecd2bedfb39
def831c60097c37490a9ae3d73823366dbde33a4c1e7d4b65608baaaa63a4ff3
e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f25c53bf3bb88a186b6dbdb49f7205e3a09b7c226cc24357a942d5f14a0e8f57
f3862b68572e48127c4ad11d29952cfd81a8bcbe58632cd0106ae1f717da91b1
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f55c33747b41fef6bbac1d1756598e0f1d7b8677eac6e2513a0f30a2d2c9fee0
f96f7531e215113ab9c80f29759f66760c2fa1f2c48a6c885ba0d39544699070
fad6c22630c5dde026dc898df1dfe351dd53e6caebf42d02f0d34af8ed08e58d
fdff1ede408e8c26606d60335a1397fea6efecf42c56f5e44e4d7571e8dada02
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

fox.mixfilm1.shop Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

94 %HTTPS

72 %IPv6

16 Domains

22 Subdomains

19 IPs

5 Countries

3035 kBTransfer

9842 kBSize

21 Cookies

0 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fox.mixfilm1.shop Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

94 %
HTTPS

72 %
IPv6

16
Domains

22
Subdomains

19
IPs

5
Countries

3035 kB
Transfer

9842 kB
Size

21
Cookies

88 HTTP transactions
0 data transactions