urlscan.io logo urlscan.io
SecurityTrails logo

fliporn.biz Open in urlscan Pro
2606:4700:3033::ac43:9043  Public Scan

Go To Rescan Add Verdict Report
URL: https://fliporn.biz/?action=getembedcode&v=135375
Submission Tags: falconsandbox
Submission: On July 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3033::ac43:9043, located in United States and belongs to CLOUDFLARENET, US. The main domain is fliporn.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2021. Valid for: a year.
This is the only time fliporn.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 109.206.162.83 50245 (SERVEREL-AS)
4 95.211.229.245 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 6 2a02:6b8::1:119 13238 (YANDEX)
1 3 185.94.236.245 42567 (MOJHOST-EU)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.255.6.237 7979 (SERVERS-COM)
1 69.16.175.42 33438 (HIGHWINDS2)
29 13
6    2606:4700:3033::ac43:9043 (United States)

ASN13335 (CLOUDFLARENET, US)
fliporn.biz
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
stagepopkek.com
4    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
1    2606:4700:3038::6815:eb1a (United States)

ASN13335 (CLOUDFLARENET, US)
www.fembed.com
5    2606:4700:3037::ac43:97a4 (United States)

ASN13335 (CLOUDFLARENET, US)
femax20.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
u3y8v8u3.ackcdn.net
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
3    185.94.236.245 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
s3t3d2y7.ackcdn.net
1    2606:4700:10::ac43:af1 (United States)

ASN13335 (CLOUDFLARENET, US)
thumb.fvs.io
1    172.255.6.237 (Netherlands)

ASN7979 (SERVERS-COM, US)
wormishammites.com
1    69.16.175.42 (Memphis, United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net
i.jads.co
Domain Requested by
6 fliporn.biz fliporn.biz
5 femax20.com 1 redirects fliporn.biz
femax20.com
4 syndication.realsrv.com a.realsrv.com
fliporn.biz
3 mc.yandex.com 1 redirects femax20.com
3 poweredby.jads.co 1 redirects fliporn.biz
poweredby.jads.co
3 mc.yandex.ru 1 redirects femax20.com
2 a.realsrv.com fliporn.biz
1 i.jads.co poweredby.jads.co
1 wormishammites.com fliporn.biz
1 thumb.fvs.io femax20.com
1 s3t3d2y7.ackcdn.net syndication.realsrv.com
1 u3y8v8u3.ackcdn.net fliporn.biz
1 www.fembed.com 1 redirects
1 stagepopkek.com fliporn.biz
29 14

This site contains links to these domains. Also see Links.

Domain
exoclick.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-14 -
2022-05-13		 a year crt.sh
realsrv.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
stagepopkek.com
R3		 2021-06-02 -
2021-08-31		 3 months crt.sh
ackcdn.net
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2020-11-27 -
2021-12-28		 a year crt.sh
wormishammites.com
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://fliporn.biz/?action=getembedcode&v=135375
Frame ID: CD8E1B35426B610841F9B29484CDBFDE
Requests: 10 HTTP requests in this frame

Frame: https://fliporn.biz/apii/test12.html
Frame ID: FC00847A25989C96C733E9F61F90AAA0
Requests: 1 HTTP requests in this frame

Frame: https://femax20.com/v/1j-mmaj3nnn275e
Frame ID: EA73C9FBA55FF45BE125B6A0E18275E6
Requests: 10 HTTP requests in this frame

Frame: https://fliporn.biz/apii/pcvideoad.php
Frame ID: AD65D87E0B92BB31B2561106196F90F0
Requests: 3 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3192373&type=300x250&p=https%3A//fliporn.biz/apii/test12.html&dt=1626173089825&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 0A1B996C5551503732F2E4CBA9813FFB
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=888305
Frame ID: 94A4CF5F91C961049053152C314E5726
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=888305
Frame ID: FCDEFBB9949DB60113C202CE721EE2BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

97 %
HTTPS

62 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

7420 kB
Transfer

8074 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.fembed.com/v/1j-mmaj3nnn275e HTTP 302
  • https://femax20.com/v/1j-mmaj3nnn275e
Request Chain 15
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 18
  • https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site-info=%7B%22owner%22%3A%22199765%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1134344669739%3Ahid%3A913944259%3Az%3A120%3Ai%3A20210713124449%3Aet%3A1626173090%3Ac%3A1%3Arn%3A481962509%3Au%3A1626173090674441094%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1626173089097%3Ads%3A14%2C30%2C241%2C1%2C255%2C0%2C%2C101%2C0%2C%2C%2C%2C645%3Adsn%3A15%2C30%2C240%2C1%2C255%2C0%2C%2C104%2C0%2C%2C%2C%2C646%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626173090%3At%3AVideo%20Swag%E5%8F%B0%E7%81%A3%20princessdolly%20%E6%83%85%E8%B6%A3%E7%8E%A9%E5%85%B7%E7%8E%A9%E5%88%B0%E6%AD%A3%E5%97%A8%E5%A3%9E%E6%8E%89%E4%BA%86%20%E9%A3%A2%E6%B8%B4%E9%9B%A3%E8%80%90%E5%8F%AA%E5%A5%BD%E7%94%A8%E7%B6%AD%E4%BF%AE%E5%93%A1%E7%9A%84%E8%82%89%E6%A3%92%E4%BB%A3%E6%9B%BF%E4%BA%86 HTTP 302
  • https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site-info=%7B%22owner%22%3A%22199765%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1134344669739%3Ahid%3A913944259%3Az%3A120%3Ai%3A20210713124449%3Aet%3A1626173090%3Ac%3A1%3Arn%3A481962509%3Au%3A1626173090674441094%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1626173089097%3Ads%3A14%2C30%2C241%2C1%2C255%2C0%2C%2C101%2C0%2C%2C%2C%2C645%3Adsn%3A15%2C30%2C240%2C1%2C255%2C0%2C%2C104%2C0%2C%2C%2C%2C646%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626173090%3At%3AVideo%20Swag%E5%8F%B0%E7%81%A3%20princessdolly%20%E6%83%85%E8%B6%A3%E7%8E%A9%E5%85%B7%E7%8E%A9%E5%88%B0%E6%AD%A3%E5%97%A8%E5%A3%9E%E6%8E%89%E4%BA%86%20%E9%A3%A2%E6%B8%B4%E9%9B%A3%E8%80%90%E5%8F%AA%E5%A5%BD%E7%94%A8%E7%B6%AD%E4%BF%AE%E5%93%A1%E7%9A%84%E8%82%89%E6%A3%92%E4%BB%A3%E6%9B%BF%E4%BA%86
Request Chain 21
  • https://mc.yandex.ru/watch/56313682 HTTP 302
  • https://mc.yandex.ru/watch/56313682/1
Request Chain 22
  • https://femax20.com/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100 HTTP 302
  • https://thumb.fvs.io/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fliporn.biz/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f1999b6721c37006071d186f043a9fdc13568b90812e8ce0c2f7be34ea7a97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fliporn.biz
:scheme
https
:path
/?action=getembedcode&v=135375
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-type
text/html; charset=UTF-8
cf-edge-cache
cache,platform=wordpress
wpo-cache-status
not cached
wpo-cache-message
In the settings, caching is disabled for matches for one of the current request's GET parameters
link
<https://fliporn.biz/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
feature-policy
geolocation 'self'
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cA5QJQA%2FCGwtP893xcEJ9%2Fh6VGiGY6uIjOEKUTrxWkCzse%2B66muj6Y4n%2Bj1oI%2FBcBwMyigEgBHCiCmXl%2FWhX6VerAsjFOkvQl5QLKhYb2RbEyLe429oNUYMzhD77HUZgWHMvfUo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66e1eb06aaf54ee5-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.css
fliporn.biz/wp-content/themes/videopro/ 		233 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/wp-content/themes/videopro/style.css
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19fd130886f6b5dc1e4c0458b3b2d919d25e784d35a81d6563a8ea76011690c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/videopro/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fliporn.biz
referer
https://fliporn.biz/?action=getembedcode&v=135375
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66058
cf-polished
origSize=288111
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 12:19:10 GMT
server
cloudflare
etag
W/"4656f-5ba81b5f78b80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8yrHmj4sf9F7nGcibJByYRut%2FZANnyfF%2B7fbKnp2dpRtQ2%2Bte1tSjmbsR3IyE3E6MUB0BDKYJycSKelh416ND9aRCYojr10S6L6yEKYHWKS%2F5wfhQhCTdC6qdTLtnivEDdA21PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'self'
cf-ray
66e1eb0e7f684e0e-FRA
cf-bgj
minify
main.css
fliporn.biz/wp-content/plugins/cactus-video/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/wp-content/plugins/cactus-video/css/main.css
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d664050702a53b4b92b6ee42f8b2a4f9c23ba36b8117221a447ee0090b949e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/cactus-video/css/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fliporn.biz
referer
https://fliporn.biz/?action=getembedcode&v=135375
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
66058
cf-polished
origSize=18753
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Feb 2021 23:36:57 GMT
server
cloudflare
etag
W/"4941-5bba4cfb7a16b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3PFzBrkkq4wUr2sfuTnKVx0QJWGQwMLwTZ4BSlKIBPo2RuKPzYP9ge5eVjbQZOSwsxertKRWwsms58mWe16AMvxP8C1gqTfHZ4GqrSEzx%2FR6uXyGihlfnn%2FQCjMJa9207CHdFLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'self'
cf-ray
66e1eb0e7f644e0e-FRA
cf-bgj
minify
video-slider.js
a.realsrv.com/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/video-slider.js
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef42b7d8d175733aac11faaeb611089ffdafd274d704db64cafa7e81e536ce09

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Encoding
gzip
X-HW
1626173089.dop234.fr8.t,1626173089.cds260.fr8.shn,1626173089.cds260.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9472
code.js
stagepopkek.com/lv/esnk/1834741/ 		98 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/lv/esnk/1834741/code.js
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7d9a670160d811b832ee1d11ff19b3b91043ab8449dffa6551a05978fc284b25

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 13:58:40 GMT
server
nginx
etag
W/"60bf7790-1867b"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
jquery-1.js
fliporn.biz/apii/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/apii/jquery-1.js
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33158c6da5969dc254037dd573a8a290cb12197b03d03a7c9446f6cea18f783c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/apii/jquery-1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fliporn.biz
referer
https://fliporn.biz/?action=getembedcode&v=135375
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
79640
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Oct 2020 15:52:55 GMT
server
cloudflare
etag
W/"17624-5b24475167160-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M%2F5NZc2GeNPYxTwxQ%2FUTPIWg0sMla82V5iKOFBhj1rQiWEkL7pMTHeUOSvtg0mCAPZQWvSN%2B5z7IwTKK0Bpz2WA%2FWEMbe2Jld%2BJAClwIAuFBCqSyeeSPL%2B1%2FU7QLRTld8DQStSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'self'
cf-ray
66e1eb0e7f614e0e-FRA
cf-bgj
minify
splash.php
syndication.realsrv.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/splash.php?idzone=3664793&cookieconsent=true
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/video-slider.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d4443a1a80feb6ad3a407a04d8f1cc36dc8b7d545033a75160931add95b6728c

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://fliporn.biz
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
test12.html
fliporn.biz/apii/ Frame FC00 		1 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/apii/test12.html
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99aa0311068d30b6ad94333d4c0116f57a5621c88118bf02181c186dbb959b6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fliporn.biz
:scheme
https
:path
/apii/test12.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fliporn.biz/?action=getembedcode&v=135375
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fliporn.biz/?action=getembedcode&v=135375

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-type
text/html
last-modified
Tue, 30 Mar 2021 18:00:24 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
feature-policy
geolocation 'self'
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=md6AFEhezULu5WRwW5Glm6YPFkoH0xQ2SMcvnQH48chbsV057U7apntnOyrwZx7YeEfZ9n1PTQMsVBvXaME25W%2BbLLe0VTdWhXwgMbhHNANlub66KTQPZIaXLeZhTGl4Ru9yYJs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66e1eb0ed8684e0e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1j-mmaj3nnn275e
femax20.com/v/ Frame EA73
Redirect Chain
  • https://www.fembed.com/v/1j-mmaj3nnn275e
  • https://femax20.com/v/1j-mmaj3nnn275e
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://femax20.com/v/1j-mmaj3nnn275e
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:97a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666fdfb185d7976c954ae22c48ac7189e3a599c4041d1315ea7d1d064532472e

Request headers

:method
GET
:authority
femax20.com
:scheme
https
:path
/v/1j-mmaj3nnn275e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fliporn.biz/?action=getembedcode&v=135375
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fliporn.biz/?action=getembedcode&v=135375

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
cache-control
max-age=1800
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TgurHvmkplu%2FhWOAheWkeOdY%2F3aigRNlo9QA0yHA6%2Bkhd0xsKiWA9b6RqIXN2ISZk6Wu8ybpVUqu8CfXevxJ88eai%2FT%2BTnbGSq3xNrs%2FAMwB9AD7y9Br%2FoAacf%2Bu2S1%2BsdubvIg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66e1eb10bc7a6479-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-type
text/html
content-length
151
location
https://femax20.com/v/1j-mmaj3nnn275e
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u44HPgXQNywZxmALTZYCWuku3qgtgKd5%2F5MIuFj71HZYCkqkWDbi9noeQDqz%2F%2FgSTBxWtqb8KHjWCnzWN6Nh4hbywaarrtEYw%2FHVPqKu5CFqTyP%2FuRVAUL3ZsbXQz%2BbfQBs9V%2BsYzr8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
66e1eb0ef87c2c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cb95cb141ae768f5212f83ed53cb64593e58c610.mp4
u3y8v8u3.ackcdn.net/library/579476/ 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://u3y8v8u3.ackcdn.net/library/579476/cb95cb141ae768f5212f83ed53cb64593e58c610.mp4
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
8467548b933a1efb5e17d19436cdb158f319060a18cc6cd911bcf632e16b4851

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Last-Modified
Wed, 17 Feb 2021 08:15:10 GMT
Access-Control-Allow-Origin
*
ETag
"1613549710"
X-HW
1626173089.dop234.fr8.t,1626173089.cds003.fr8.shn,1626173089.dop234.fr8.t,1626173089.cds165.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-7118780/7118781
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7118781
vregister.php
syndication.realsrv.com/ 		0
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.realsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=3664793&e1b4833997129aed56507f72ffb05dc6=tsVuZ8uHLjt4d9vHnq4dvXTp66eddlTlK8E.fjzu5dPO7t03ce_HW1NZLXThmACjrgbjYlesYecz6cddUFbi781VcrEjmbscE81Mu5mDHXA2w3a5TXBU5Tn17.enftrgbnsZjgqfcpz69uPTpy1wN1QVuZ9.fXx48a4G8ZpXM.fbt07.eeuBtpitx6anDPrw8a4G2mJJ2IHpc.nLzz6d.muBu1imBiuCaXPp479uHjty1wNzVZ9OGuBtmma6pynPlrgbbctgacz4a4G2mKaYHKc.GuBuCqfPv0466rGc.Gu1iOxzPhu4cOuuexmOCp9ylelitzPvw1z2MxwVPuUrtWU0uStYZonga2mJJ2IHpV2rKaXJWsMwUTtbl7T7Erzi9cy89jMcFT7lOfHdx8dPOty9p9iV5xeuZeVyu6amLPju4.OnnWw2vXhO5nz463ZqZGK89cDcrld01MWfHW1NZLXTgvNTA9BKxHmACjrfrrnXvXdmpuYpbcbXdmpz1wNz0zN2NVrtMVuPTU4Z9.WuemBqCV5eSZtyPPprfrrnqz466mqXHJV6XKpo7K4Jpc9dlTlK8DefDXZTGu.xU_n18tuNs9eDTvlvwzw7tc2G3WmvPTi6255YY1wST0uVVQTSr1VsV2VZ8NcEk9LlVUE0q8EtrEcDa9LjFU0ufLXS465S5SvVBW4u_NVXKxI5m7HBPNTLuZgx1sNsxzNRZ8NcDczrrlOfXpw88tcDcbErcEry87DzmfHhz7dOWty9xqyuCaVeuCRzPhu4dNcDbbFbDTktblOfLXA20xTTA5SvVNZS05nw1yzVNUwT158NcErUz0sFcy8kzbmfDXW5VWvJM25nw10uPQTSrvOTSsSOLwN58vPXhx699c9M1.C9VbFdlWe3jrgbnYprlcpz4a2oK8F3nJpWJHF4G8.Xnrw49fOuVythqyCvBeema_BevCdzN.aquCV7XK5Ww1ZBXgvPTNfgu25U1TBPXBNLnbPLrYbZjmaiXtcpz1wST0uVVQTSrsRxrwS2sRwNr0uMVTS1Z8tdVjPLPhrqsZ558NdTVME9a9eE7meupqmCeteViRzPXU1TBPWva5TnrZpmuqcpXtcpz8eddtOfDXBLW5TKxHnw1yzLu2St1Z8NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ8ddlTlK7TE88Ery7tLlFjkrWGfHp04a7bLIG8.Pbl249.fDx549evPr448fHbtwcb7OMceTLPBvXXBI5VWxJPnx7cu3Hvz4ePOtqaaKBxqaWpyWvPj
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
pcvideoad.php
fliporn.biz/apii/ Frame AD65 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fliporn.biz/apii/pcvideoad.php
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/apii/test12.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746241cc158c31752b0f2b72b276488f560682b43fb3ab5b2aca8cba1bc5a856
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fliporn.biz
:scheme
https
:path
/apii/pcvideoad.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fliporn.biz/apii/test12.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fliporn.biz/apii/test12.html

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
feature-policy
geolocation 'self'
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3JeW%2F2QBKmYvNg%2F5T7TqP%2ByGBO0XTE5i98ky0tg2V2oazJuPwT3FzGcA2xuc0mv69SAFJpuzK0HZX7wHvT95NArNf87HJrgsyVfBhdQ9w%2F0ZESKYbxOducJCp8LpKnL2E%2Bf3Hlc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66e1eb112eb04e0e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
base.js
femax20.com/asset/default/player/ Frame EA73 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://femax20.com/asset/default/player/base.js?v=1595607720
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:97a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852b8e4b98f80848776b0914e5c122da54824a69619975e8a136e138b64d0471

Request headers

Referer
https://femax20.com/v/1j-mmaj3nnn275e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1688763
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 24 Jul 2020 16:22:00 GMT
server
cloudflare
etag
W/"5f1b0aa8-30eae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EixK0lvXejnVCJwyJm7S%2F%2Bd5n%2BG2r9R1M%2BK0wcRLZ0puFqR62HptVZEqWP5zdbrppf27UKJ2Shvgg5v9pw7ursNeWKSrYN3%2B9o5pNaEXcVi4Czs35MmZHEnxTM5LiHY%2FvoPOWZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
66e1eb126d7f4ddc-FRA
1j-mmaj3nnn275e
femax20.com/api/source/ Frame EA73 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://femax20.com/api/source/1j-mmaj3nnn275e
Requested by
Host: femax20.com
URL: https://femax20.com/asset/default/player/base.js?v=1595607720
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:97a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920351652a177008bdd394ecd088f5db82361f3e448cdc5cbec184d08973fff0

Request headers

Accept
*/*
Referer
https://femax20.com/v/1j-mmaj3nnn275e
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Voi19gflErMfMLnLEWJRjcWbx7KduopBa%2Fk3r7%2BDX%2BvAbyMtSkVkf7%2BPBkeAaB0yJihTxAX27EGQUlDCBLs5uU8Oj%2BawEapQ5PuLE%2BcyeRwFCIQuuKdWDjqETPr8KpIgFYXTICM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
66e1eb12eeb94ddc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/ Frame EA73 		223 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:49 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 10:34:08 GMT
etag
"60ec4755-11a70"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
72304
expires
Tue, 13 Jul 2021 11:44:49 GMT
ads.js
a.realsrv.com/ Frame AD65 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/apii/pcvideoad.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Referer
https://fliporn.biz/apii/pcvideoad.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Encoding
gzip
X-HW
1626173089.dop234.fr8.t,1626173089.cds260.fr8.shn,1626173089.cds260.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
jads2.js
poweredby.jads.co/js/ Frame AD65
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/apii/pcvideoad.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Referer
https://fliporn.biz/apii/pcvideoad.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Tue, 13 Jul 2021 10:44:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 0A1B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.realsrv.com/ads-iframe-display.php?idzone=3192373&type=300x250&p=https%3A//fliporn.biz/apii/test12.html&dt=1626173089825&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1d3e1e731961fa802d5f6be3499671b27451899758ad142a26d6c18b84ad67b8

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fliporn.biz/apii/pcvideoad.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ed6ea120e892.036171373609428770%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CDEU%7C3664793%7C48760862%7C103642%7C%7C508%7C41%7C2%7C40%7C0%7C0%7C0%7C741%7C2950157%7C2950159%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cfliporn.biz%7C%7C%7C0%7C0%7C0%7C89%7C0%7C0%7C0%7C0%7Cok%22%7D; impressions=x%9C%7D%CF%3B%0E%C2%40%0C%04%D0%BB%A4%DE%95%FC%F7%98%AB+n%10%D1Q%21%EE%CE%26%8B%80%26%A9%FD43%7E.%0A%81%25w%A3%029%D5r%B9r%E3%90+%0B%10%B5%FBc%5DomgN%3AY%98%9E1%AE%C92N%D3%24%27%83%9F%A6%89%7F%98%FA%09%B3%FAl%F3%E3m%A5%A1i%DD%84%BC%98%E9%80%99%A4%06%D0%0D%8A%8C%3Cd%3C%1EDt%ABDE%D9a%9A%CFR%D08e%FCX1%25%B5%85%CDh%D9%21%C6%40%19%D0%95%19%F8%83.%A2ms%1B%B3%0C%8D%E8%EE%E9%E3%24_%C6%5B%CF%8FI%A9%ED%B5%19%84%F8c%A9%84%9A%EC%F5%06%06%F1qT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fliporn.biz/apii/pcvideoad.php

Response headers

Server
nginx
Date
Tue, 13 Jul 2021 10:44:49 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ed6ea120e892.036171373609428770%22%3B%7D; expires=Thu, 13 Jul 2023 10:44:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 0A1B 		51 KB
51 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3192373&type=300x250&p=https%3A//fliporn.biz/apii/test12.html&dt=1626173089825&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer
https://syndication.realsrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Jul 2021 10:44:49 GMT
Last-Modified
Thu, 26 Mar 2020 22:21:37 GMT
Access-Control-Allow-Origin
*
ETag
"1585261297"
X-HW
1626173089.dop145.fr8.t,1626173089.cds266.fr8.shn,1626173089.cds266.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-51899/51900
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51900
1
mc.yandex.com/watch/49788082/ Frame EA73
Redirect Chain
  • https://mc.yandex.com/watch/49788082?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site-i...
  • https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site...
335 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site-info=%7B%22owner%22%3A%22199765%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1134344669739%3Ahid%3A913944259%3Az%3A120%3Ai%3A20210713124449%3Aet%3A1626173090%3Ac%3A1%3Arn%3A481962509%3Au%3A1626173090674441094%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1626173089097%3Ads%3A14%2C30%2C241%2C1%2C255%2C0%2C%2C101%2C0%2C%2C%2C%2C645%3Adsn%3A15%2C30%2C240%2C1%2C255%2C0%2C%2C104%2C0%2C%2C%2C%2C646%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626173090%3At%3AVideo%20Swag%E5%8F%B0%E7%81%A3%20princessdolly%20%E6%83%85%E8%B6%A3%E7%8E%A9%E5%85%B7%E7%8E%A9%E5%88%B0%E6%AD%A3%E5%97%A8%E5%A3%9E%E6%8E%89%E4%BA%86%20%E9%A3%A2%E6%B8%B4%E9%9B%A3%E8%80%90%E5%8F%AA%E5%A5%BD%E7%94%A8%E7%B6%AD%E4%BF%AE%E5%93%A1%E7%9A%84%E8%82%89%E6%A3%92%E4%BB%A3%E6%9B%BF%E4%BA%86
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3ebcc24434ef03a38fcba34fa0e918714075703b5ee786f17cc13529c1fb8de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 10:44:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 13-Jul-2021 10:44:50 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://femax20.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Tue, 13-Jul-2021 10:44:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Jul 2021 10:44:50 GMT
last-modified
Tue, 13-Jul-2021 10:44:50 GMT
location
/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Ffemax20.com%2Fv%2F1j-mmaj3nnn275e&page-ref=https%3A%2F%2Ffliporn.biz%2F%3Faction%3Dgetembedcode%26v%3D135375&charset=utf-8&site-info=%7B%22owner%22%3A%22199765%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1134344669739%3Ahid%3A913944259%3Az%3A120%3Ai%3A20210713124449%3Aet%3A1626173090%3Ac%3A1%3Arn%3A481962509%3Au%3A1626173090674441094%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1626173089097%3Ads%3A14%2C30%2C241%2C1%2C255%2C0%2C%2C101%2C0%2C%2C%2C%2C645%3Adsn%3A15%2C30%2C240%2C1%2C255%2C0%2C%2C104%2C0%2C%2C%2C%2C646%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1626173090%3At%3AVideo%20Swag%E5%8F%B0%E7%81%A3%20princessdolly%20%E6%83%85%E8%B6%A3%E7%8E%A9%E5%85%B7%E7%8E%A9%E5%88%B0%E6%AD%A3%E5%97%A8%E5%A3%9E%E6%8E%89%E4%BA%86%20%E9%A3%A2%E6%B8%B4%E9%9B%A3%E8%80%90%E5%8F%AA%E5%A5%BD%E7%94%A8%E7%B6%AD%E4%BF%AE%E5%93%A1%E7%9A%84%E8%82%89%E6%A3%92%E4%BB%A3%E6%9B%BF%E4%BA%86
strict-transport-security
max-age=31536000
access-control-allow-origin
https://femax20.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 13-Jul-2021 10:44:50 GMT
advert.gif
mc.yandex.com/metrika/ Frame EA73 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:50 GMT
last-modified
Mon, 12 Jul 2021 13:56:48 GMT
etag
"60ec4755-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 13 Jul 2021 11:44:50 GMT
slim.min.js
femax20.com/asset/jquery/ Frame EA73 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://femax20.com/asset/jquery/slim.min.js?c=DE&t=138
Requested by
Host: femax20.com
URL: https://femax20.com/asset/default/player/base.js?v=1595607720
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:97a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901c9e21c2156240e9adf6ba190ee6e06f224a4318609e734c1d5727dcf51e25

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://femax20.com/v/1j-mmaj3nnn275e
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89677
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oHi0K0id3upuJ5l1jJIroDMC8C%2BJI84DI2e4pJDk8A2GmBdhk083fjduo%2FqQqYvLJ2g0bkCNRIs%2BrlTM0Qyldb6t%2FqvO927L9BpchdR3HVJVMEUlM6puCSfGFXL1yX%2FZrL8Ace4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset="utf-8"
cache-control
max-age=1800, must-revalidate
cf-ray
66e1eb14fca84ddc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1
mc.yandex.ru/watch/56313682/ Frame EA73
Redirect Chain
  • https://mc.yandex.ru/watch/56313682
  • https://mc.yandex.ru/watch/56313682/1
43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56313682/1
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 10:44:50 GMT
last-modified
Tue, 13-Jul-2021 10:44:50 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 13-Jul-2021 10:44:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Jul 2021 10:44:50 GMT
last-modified
Tue, 13-Jul-2021 10:44:50 GMT
strict-transport-security
max-age=31536000
location
/watch/56313682/1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 13-Jul-2021 10:44:50 GMT
1j-mmaj3nnn275e.png
thumb.fvs.io/asset/userdata/199765/poster/1/j-/ Frame EA73
Redirect Chain
  • https://femax20.com/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100
  • https://thumb.fvs.io/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.fvs.io/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100
Requested by
Host: femax20.com
URL: https://femax20.com/v/1j-mmaj3nnn275e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590214f1ac90653832a1f3008bded19936fc47752897a8c699cd9309e65d56df

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:52 GMT
cf-cache-status
MISS
last-modified
Sat, 18 Jul 2020 11:18:20 GMT
server
cloudflare
etag
"5f12da7c-4f7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66e1eb15fe1c1776-FRA
content-length
20346

Redirect headers

date
Tue, 13 Jul 2021 10:44:50 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=29QfT3nQoNxTyJ3g2rcCYxfhZPLZ6Von2nYAuATmoiOCFnj6pi%2BNVJJKLOFtnaP%2FIBiWKZkfrtJ8kUXFEs3mm6%2BiJqC03FgipWxsM8EJviTlGjcEVnfrhnap2HDJ2k2yWyiidGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://thumb.fvs.io/asset/userdata/199765/poster/1/j-/1j-mmaj3nnn275e.png?v=1595071100
cf-ray
66e1eb14fcb34ddc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
145
adshow.php
poweredby.jads.co/ Frame 94A4 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame FCDE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=888305
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
6b1c796e7990f41e3cac4187966070571a38d79f6a7a809c40ce8158ca8ba5f7

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fliporn.biz/apii/pcvideoad.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fliporn.biz/apii/pcvideoad.php

Response headers

Server
nginx
Date
Tue, 13 Jul 2021 10:44:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=26daf3e9883cc1f876701b9c881a850b; expires=Wed, 13-Jul-2022 10:44:50 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps28961=1; expires=Wed, 14-Jul-2021 10:44:50 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjY3MDUwNjtpOjE2MjY0MzIyOTA7fQ%3D%3D; expires=Fri, 16-Jul-2021 10:44:50 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 16-Jul-2021 10:44:50 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
36593
wormishammites.com/rRq2irMeWoB/ Frame EA73 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wormishammites.com/rRq2irMeWoB/36593
Requested by
Host: fliporn.biz
URL: https://fliporn.biz/?action=getembedcode&v=135375
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.237 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://femax20.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:50 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://femax20.com
Access-Control-Max-Age
600
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
28961-1535499077-0177368001535499077.jpg
i.jads.co/network/user43557/ Frame FCDE 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user43557/28961-1535499077-0177368001535499077.jpg
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=888305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Memphis, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
f467e7716b60380bd9717be8c9109dd07d5255267eaff1183ddc91f57531d820

Request headers

Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 10:44:50 GMT
last-modified
Tue, 28 Aug 2018 23:31:17 GMT
etag
"1535499077"
x-hw
1626173090.dop043.lo4.t,1626173090.cds251.lo4.hn,1626173090.cds271.lo4.c
content-type
image/jpeg
cache-control
max-age=2666206
accept-ranges
bytes
content-length
122321
vregister.php
syndication.realsrv.com/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.realsrv.com/vregister.php?a=vview&tracking_event=progress&progress=00:00:10.000&idzone=3664793&e1b4833997129aed56507f72ffb05dc6=tsVuZ8uHLjt4d9vHnq4dvXTp66eddlTlK8E.fjzu5dPO7t03ce_HW1NZLXThmACjrgbjYlesYecz6cddUFbi781VcrEjmbscE81Mu5mDHXA2w3a5TXBU5Tn17.enftrgbnsZjgqfcpz69uPTpy1wN1QVuZ9.fXx48a4G8ZpXM.fbt07.eeuBtpitx6anDPrw8a4G2mJJ2IHpc.nLzz6d.muBu1imBiuCaXPp479uHjty1wNzVZ9OGuBtmma6pynPlrgbbctgacz4a4G2mKaYHKc.GuBuCqfPv0466rGc.Gu1iOxzPhu4cOuuexmOCp9ylelitzPvw1z2MxwVPuUrtWU0uStYZonga2mJJ2IHpV2rKaXJWsMwUTtbl7T7Erzi9cy89jMcFT7lOfHdx8dPOty9p9iV5xeuZeVyu6amLPju4.OnnWw2vXhO5nz463ZqZGK89cDcrld01MWfHW1NZLXTgvNTA9BKxHmACjrfrrnXvXdmpuYpbcbXdmpz1wNz0zN2NVrtMVuPTU4Z9.WuemBqCV5eSZtyPPprfrrnqz466mqXHJV6XKpo7K4Jpc9dlTlK8DefDXZTGu.xU_n18tuNs9eDTvlvwzw7tc2G3WmvPTi6255YY1wST0uVVQTSr1VsV2VZ8NcEk9LlVUE0q8EtrEcDa9LjFU0ufLXS465S5SvVBW4u_NVXKxI5m7HBPNTLuZgx1sNsxzNRZ8NcDczrrlOfXpw88tcDcbErcEry87DzmfHhz7dOWu2BtyZdy1yWvPW5TTNS1M25nrgbbYrYaclrcpz5a4G2mKaYHKV6prKWnM.GuWapqmCevPhrglamelgrmXkmbcz4a63Kq15Jm3M.Gulx6CaVd5yaViRxeBvPl568OPXvrnpmvwXqrYrsqz28dcDc7FNcrlOfDW1BXgu85NKxI4vA3ny89eHHr51yuVsNWQV4Lz0zX4L14TuZvzVVwSva5XK2GrIK8F56Zr8F23KmqYJ64Jpc7Z5dbDbMczUS9rlOeuCSelyqqCaVdiONeCW1iOBtelxiqaWrPlrqsZ5Z8NdVjPPPhrqapgnrXrwncz11NUwT1rysSOZ66mqYJ617XKc9bNM11TlK9rlOfjzrtpz4a4Ja3KZWI8.GuWZd2yVurPhrgbpcqnmlqgtcXjYwmsrz4a4G5LI64MZpXM.Gu2yyBvPj25duPfnw8eePDz18.fPLjz7cHG.zjHHkx14d9dcEjlVbEk.fHty7ce_Ph4862ppooHGppanJa8.M
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fliporn.biz/?action=getembedcode&v=135375
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 10:44:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=888305

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ExoOutstreamSliderCommon function| ExoSlider object| ExoVideoSlider object| adConfig function| $ function| jQuery function| J5aa function| y566 function| v0vv function| A5aa undefined| handleException function| J3KK function| _cl2jdnnqo4eepks0r1h739

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
femax20.com
fliporn.biz
i.jads.co
mc.yandex.com
mc.yandex.ru
poweredby.jads.co
s3t3d2y7.ackcdn.net
stagepopkek.com
syndication.realsrv.com
thumb.fvs.io
u3y8v8u3.ackcdn.net
wormishammites.com
www.fembed.com
poweredby.jads.co
109.206.162.83
172.255.6.237
185.94.236.245
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
2606:4700:10::ac43:af1
2606:4700:3033::ac43:9043
2606:4700:3037::ac43:97a4
2606:4700:3038::6815:eb1a
2a02:6b8::1:119
69.16.175.42
95.211.229.245
0d664050702a53b4b92b6ee42f8b2a4f9c23ba36b8117221a447ee0090b949e6
19fd130886f6b5dc1e4c0458b3b2d919d25e784d35a81d6563a8ea76011690c3
1d3e1e731961fa802d5f6be3499671b27451899758ad142a26d6c18b84ad67b8
33158c6da5969dc254037dd573a8a290cb12197b03d03a7c9446f6cea18f783c
3ebcc24434ef03a38fcba34fa0e918714075703b5ee786f17cc13529c1fb8de0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
590214f1ac90653832a1f3008bded19936fc47752897a8c699cd9309e65d56df
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
64f1999b6721c37006071d186f043a9fdc13568b90812e8ce0c2f7be34ea7a97
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645
666fdfb185d7976c954ae22c48ac7189e3a599c4041d1315ea7d1d064532472e
6b1c796e7990f41e3cac4187966070571a38d79f6a7a809c40ce8158ca8ba5f7
746241cc158c31752b0f2b72b276488f560682b43fb3ab5b2aca8cba1bc5a856
7d9a670160d811b832ee1d11ff19b3b91043ab8449dffa6551a05978fc284b25
8467548b933a1efb5e17d19436cdb158f319060a18cc6cd911bcf632e16b4851
852b8e4b98f80848776b0914e5c122da54824a69619975e8a136e138b64d0471
901c9e21c2156240e9adf6ba190ee6e06f224a4318609e734c1d5727dcf51e25
920351652a177008bdd394ecd088f5db82361f3e448cdc5cbec184d08973fff0
99aa0311068d30b6ad94333d4c0116f57a5621c88118bf02181c186dbb959b6d
d4443a1a80feb6ad3a407a04d8f1cc36dc8b7d545033a75160931add95b6728c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
ef42b7d8d175733aac11faaeb611089ffdafd274d704db64cafa7e81e536ce09
f467e7716b60380bd9717be8c9109dd07d5255267eaff1183ddc91f57531d820
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9