mens.xfantazy.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mens.xfantazy.com/
Submission: On May 05 via manual (May 5th 2022, 8:33:02 am UTC) from MY — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is mens.xfantazy.com. The Cisco Umbrella rank of the primary domain is 418401.

This is the only time mens.xfantazy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.235.244.224 23.235.244.224	20454 (SSASN2) (SSASN2)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
8	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	95.211.229.248 95.211.229.248	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a02:6ea0:c70... 2a02:6ea0:c700::14	60068 (CDN77 ^_^) (CDN77 ^_^)
2	131.153.42.225 131.153.42.225	20454 (SSASN2) (SSASN2)
3	2606:4700:303... 2606:4700:3037::6815:33bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	11

12 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

mens.xfantazy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.244.224 (Phoenix, United States)

ASN20454 (SSASN2, US)

d.smopy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.fluidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.211.229.248 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::14 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

s3t3d2y8.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 131.153.42.225 (Phoenix, United States)

ASN20454 (SSASN2, US)

d.ftte.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:33bd (United States)

ASN13335 (CLOUDFLARENET, US)

s.ftte.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	realsrv.com a.realsrv.com — Cisco Umbrella Rank: 6277 syndication.realsrv.com — Cisco Umbrella Rank: 5597	113 KB
12	xfantazy.com mens.xfantazy.com — Cisco Umbrella Rank: 418401	61 KB
5	ftte.xyz d.ftte.xyz — Cisco Umbrella Rank: 88558 s.ftte.xyz — Cisco Umbrella Rank: 147869	341 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8750	2 KB
4	fluidplayer.com cdn.fluidplayer.com — Cisco Umbrella Rank: 25189	80 KB
3	ackcdn.net s3t3d2y8.ackcdn.net — Cisco Umbrella Rank: 4884	572 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2327	70 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	smopy.com d.smopy.com — Cisco Umbrella Rank: 260046	12 KB
45	9

	Domain	Requested by
12	mens.xfantazy.com	mens.xfantazy.com
8	a.realsrv.com	mens.xfantazy.com a.realsrv.com
7	syndication.realsrv.com	a.realsrv.com
5	mc.yandex.com	2 redirects mens.xfantazy.com
4	cdn.fluidplayer.com	mens.xfantazy.com cdn.fluidplayer.com
3	s.ftte.xyz
3	s3t3d2y8.ackcdn.net	mens.xfantazy.com
2	d.ftte.xyz	d.smopy.com
2	mc.yandex.ru	1 redirects mens.xfantazy.com
1	fonts.googleapis.com	cdn.fluidplayer.com
1	d.smopy.com	mens.xfantazy.com
45	11

This site contains links to these domains. Also see Links.

Domain
www.ftte.xyz

Subject Issuer	Validity	Valid
fluidplayer.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
realsrv.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
ackcdn.net R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.ftte.xyz E1	`2022-03-07` - `2022-06-05`	3 months	crt.sh
ftte.xyz R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://mens.xfantazy.com/
Frame ID: 1F305FE9B9FC66EB22EB8506CC6CF709
Requests: 29 HTTP requests in this frame

Frame: http://a.realsrv.com/iframe.php?idzone=4612486&size=300x250
Frame ID: 666EC5CD39ABDD6BA76027CEE5BC7B8D
Requests: 5 HTTP requests in this frame

Frame: http://a.realsrv.com/iframe.php?idzone=4612494&size=300x250
Frame ID: 759E5E429449D8CD2A56DD0164476DB3
Requests: 5 HTTP requests in this frame

Frame: http://a.realsrv.com/iframe.php?idzone=4612488&size=900x250
Frame ID: 4501E12C4E94AF5BD2144902D211916D
Requests: 5 HTTP requests in this frame

Frame: http://a.realsrv.com/iframe.php?idzone=4236544&size=300x250
Frame ID: F48F55841D5DD3EA7DF55BC03C7DAFAC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MensXfantazy

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

45
Requests

53 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

1251 kB
Transfer

1974 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ftte.xyz/ipnc/17jvl/direct/bs:NWY4NzBkZmQ5YTU1MDQyNjQxM2I2OWYwMGM0NzBmODA4NzkxYzkyYTE5Yzc0YTQ0NWZmMGFkZTNmODk3YTM5NnwyMDMxOTY5fDR8ODAuMjU1LjcuMTAzfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDEuMC40OTUxLjQxIFNhZmFyaS81MzcuMzZ8MzQ4MDI3fDE2NTE3Mzk1Nzh8NzA0MzkxNTIyfDM1ODA1fDc4Mzc3NzU=
Title: Jana (28), Online💚, ~3.1 kmJana hat dir (3)📷 geschickt

Search URL Search Domain Scan URL

URL: http://www.ftte.xyz/b/17jvp/MTIyNjY1fDc4NjgwODR8MTIzYWJmNzJkMGM2MzhiMzUyZDY3ZmE2YjI1MjdjMTVlYjNhMDNkNDYxMjVmMTk0NTE0OTBlODliOGRhY2RjZA==/bs:M2QwMmNmNWJlNGMxMDk0YjZkZGM5NmI4NDc1YmYyNzZlM2EwMTUzMDRiODk4ZGQyYTk1ZWFkOWIwOTA1ZjY0ZHwyMDMxOTczfDR8ODAuMjU1LjcuMTAzfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDEuMC40OTUxLjQxIFNhZmFyaS81MzcuMzZ8MzQ4MDI3fDE2NTE3Mzk1Nzh8aWJhSFIwY0RvdkwyMWxibk11ZUdaaGJuUmhlbmt1WTI5dEx3PT18TVRJeU5qWTFmRGM0Tmpnd09EUjhNVEl6WVdKbU56SmtNR00yTXpoaU16VXlaRFkzWm1FMllqSTFNamRqTVRWbFlqTmhNRE5rTkRZeE1qVm1NVGswTlRFME9UQmxPRGxpT0dSaFkyUmpaQT09

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9629.Lbe9rf3dtsr3wmrwq3C9Ja2GNUjpZMgXuA-tyT782m_SCrjHB_W8fzxFhYiGCRok.u1FsF_4TslcCtX8njJ0z4ipL9ho%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9629.-eYWZIwIxKPqANoIoRKbupdUmZIkbUExV38-O5RGqXVmD0W0ZANi28Mjd6zE1kP0XuXT1wuYlwgnVWEWXtcuag%2C%2C.ZPrmPyYlY859sZ8k6FklKfNDMF4%2C

Request Chain 40

https://mc.yandex.com/watch/71623204?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1141725178009%3Ahid%3A526411466%3Az%3A0%3Ai%3A20220505083257%3Aet%3A1651739577%3Ac%3A1%3Arn%3A969866389%3Arqn%3A1%3Au%3A1651739577240429010%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651739576551%3Ads%3A109%2C37%2C93%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651739578%3At%3AMensXfantazy&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/71623204/1?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1141725178009%3Ahid%3A526411466%3Az%3A0%3Ai%3A20220505083257%3Aet%3A1651739577%3Ac%3A1%3Arn%3A969866389%3Arqn%3A1%3Au%3A1651739577240429010%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651739576551%3Ads%3A109%2C37%2C93%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651739578%3At%3AMensXfantazy&t=gdpr%2814%29aw%281%29ti%282%29

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mens.xfantazy.com/ 11 KB
4 KB 239ms
93ms Document
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7975dfe4925a7e9a21e46f2070b7c8d0080fa9449867ca43a59e5e86b9542d00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 706820e27ed39c00-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 05 May 2022 08:32:56 GMT
Last-Modified: Thu, 24 Feb 2022 10:27:10 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqRScna5%2FVMbg1LWZ2HX5CbgdPndbgIpKHkon3xIbe2JxLDF20Cc1RkvmutPBpamULZgG6zD%2BtOOXHZHgHm%2F%2F4NNr7bj4RZprxZ7H3a8wdNqWVyUDnVaM6onXmkdzl%2BhEnRGy4PBu%2FBmyOStUwAK9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
d.smopy.com/d/ 36 KB
12 KB 474ms
181ms Script
text/html 23.235.244.224
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL: http://d.smopy.com/d/?resource=pubJS
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 23.235.244.224 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx / Express
Resource Hash: 193d5d27601b45146c4a887eb13ffe98ecb3406e9ac703de6d625af551c9569c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
ETag: W/"8e53-VDbnNgHJGAH3x9Q6ISdX59hAyyw"
Server: nginx
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK style.css
mens.xfantazy.com/css/ 5 KB
2 KB 109ms
108ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mens.xfantazy.com/css/style.css
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf273e1351390b98171a2b62594f542da75214a4b60c0d14ddef068ff6f35dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 21:09:17 GMT
Server: cloudflare
ETag: W/"6180577d-14b2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gukAcWykyIhLWuehAEbFS%2Fn42cXzxH0t0HpIsVKnEHHIn3Mni22BBBZY9pGgRKD5SPXkUV%2BiiR5RcVsJfkMwPOm%2BhRa4U8TxmF5%2B8YPdqBLpgEzR6KrCn9kMQ0RNmAZAtiIVnoevb79Q2OJLR4p8fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 706820e3284d9c00-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK menuh.css
mens.xfantazy.com/css/ 2 KB
2 KB 114ms
77ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mens.xfantazy.com/css/menuh.css
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d32f69866cacbc4cc0fd916a2ca761b891e3f974e348e188b11d8ad146333485

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 21:09:17 GMT
Server: cloudflare
ETag: W/"6180577d-773"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tniBC%2FhXVgh0kGWISbeV9LM2vDVrnuWx6Gs9kB7n8gyRn88l2GRLlHvR6yo6aoIXMUw8c7FVTwFPYDlMoUOlL%2BJ4M1zTo6BhYXZPZyA8A5xFm1s1PirAyVcORjs32ZYu3NLGvvvOMDNaqo%2BYB%2FOtw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 706820e36fbb9046-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK fluidplayer.min.css
cdn.fluidplayer.com/v2/current/ 34 KB
5 KB 354ms
39ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.css
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: b89485f60b9d7cf92ab0ac946c1728454a609e4466026626035e2102b4811193

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 11:58:08 GMT
ETag: "1584964688"
X-HW: 1651739577.dop204.fr8.t,1651739577.cds236.fr8.shn,1651739577.dop204.fr8.t,1651739577.cds219.fr8.c
Content-Type: text/css
Cache-Control: max-age=62921
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4618

GET
H/1.1 200
OK fluidplayer.min.js Show response
cdn.fluidplayer.com/v2/current/ 123 KB
28 KB 354ms
37ms Script
application/javascript 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.js
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 6d35529e97ac48abda83c68a13d780e8505ec839865a7fb84a91fde809cc6f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 11:58:08 GMT
ETag: "1584964688"
X-HW: 1651739577.dop130.fr8.t,1651739577.cds016.fr8.shn,1651739577.cds016.fr8.c
Content-Type: application/javascript
Cache-Control: max-age=6859
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28351

GET
H/1.1 200
OK saddude.jpg
mens.xfantazy.com/images/ 6 KB
7 KB 111ms
75ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/saddude.jpg
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4a3dcb8dfec3a30d8d922d9db756819f4f428f23d9333728ffedb206e5eb55

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:26 GMT
Server: cloudflare
ETag: "6180673a-19c5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhiJnQx%2BSonXKqJs%2Fx67cwT7qjmN5OU%2BlxqNnpJqoNslSVUxil%2FQR99TXFkKZH%2BT8204QvjXNZ0aEsfkC0HLCj0FXbGztKK5RKMldda%2BedBYDOiRsdZ3qD2pDchPxw3EQuybPy7tIZylEuqgPfjZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e36fec9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6597

GET
H/1.1 200
OK happydude.jpg
mens.xfantazy.com/images/ 9 KB
9 KB 107ms
70ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/happydude.jpg
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7b52c1db08053d60ca49446d17ab0a637e6800fd6f66f0010c60badae3b5a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:23 GMT
Server: cloudflare
ETag: "61806737-22eb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNiw2Eih8pJGEFa2PAQT0JVIChtF8Y22vPe8L25QMThrPQGBp%2Baxyg1OcyZjzoaAQaNDkNo9nlHbqkqt6qcvg1h81g9s0x%2Ba6%2BAc9irJwfCzJmByKQCQ8Qbn0HT1MzVyHRk6KnKLAJVj6bD8kefYyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e368b690d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8939

GET
H/1.1 200
OK submit.gif
mens.xfantazy.com/images/ 497 B
1 KB 113ms
76ms Image
image/gif 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/submit.gif
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7528f5722e33f5bb604306563460b837d1cf9fda9fd536134e2e420adf7e8dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:27 GMT
Server: cloudflare
ETag: "6180673b-1f1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlYsjXn6oiDM6yJ%2FGuNI0bdx3jPTmNgoK%2BF1%2FQXr6%2FY5zwFjo2fOvRDDqoQvbRPo%2FKnDQjvjUonVSXtA5%2FJYtHLNrReP4dSC53at%2F6dKRUYd6ltGzG0Y%2BR1ubZ2ibRl0em7DbZYYczd3BzT0YstfTA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e369e79bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 497

GET
H/1.1 200
OK badge.jpg
mens.xfantazy.com/images/ 3 KB
3 KB 150ms
113ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/badge.jpg
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f414df1bd675f4748bf9f41658c75b6cb400eeec7754e30e94399076947be8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:22 GMT
Server: cloudflare
ETag: "61806736-aa7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyQcR8ztKdUVoW6meTV6vC%2FBz8GCoWwmtH6bTbs3qmQQX9NDOzOdYFZGGFOjkai%2BzgsuRlWp6UXk2x5k4dCd%2BL9bKKzlDZD0uE%2Bfp86uVtinaC5VsQibAiOKg9M3C1aJb03xT0DOl158TF%2F3rAHbBg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e368cd9948-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2727

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 410ms
163ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:32:57 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-113e7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70631
expires: Thu, 05 May 2022 09:32:57 GMT

GET
H/1.1 200
OK iframe.php Show response
a.realsrv.com/ Frame 666E 4 KB
2 KB 276ms
38ms Document
text/html 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.realsrv.com/iframe.php?idzone=4612486&size=300x250
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3312c1fabf552e264c8a2725b6ac321fa634e735e47f37536f21a9f52f5e72b

Request headers

Referer: http://mens.xfantazy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: * *
Cache-Control: max-age=10800
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1347
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 08:32:57 GMT
Server: nginx
X-HW: 1651739577.dop005.fr8.t,1651739577.cds225.fr8.c

GET
H/1.1 404
Not Found main_bg.png
mens.xfantazy.com/images/ 555 B
555 B 66ms
66ms Image
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/main_bg.png
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/css/style.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaab2715e44d545350266cae7b5fee221f4323cc42bd333dc60d4ab3d3964fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B95gFH80AwsJt44P7BwEyV8umBo8IwVs0cVpabchWzYYcSDGKWMWQUv4IZTfTneC1Y3SnbjEBqoD1Sx%2FT4H%2FG6TXbIiBI9Ny%2BYjAc9j%2BDY4%2FOiZx97gQbD09jT97CkqAbiqOrIHJaEbeIxBRaUT6FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 706820e3eb189bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK header_bg.gif
mens.xfantazy.com/images/ 338 B
1 KB 66ms
66ms Image
image/gif 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/header_bg.gif
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/css/style.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48f03fd5d8054041721177871aa360426715092354cee2e088b6fc839220217

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:56 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:23 GMT
Server: cloudflare
ETag: "61806737-152"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t00ZABShUQii2mzkU%2FGaolGEhrnyxgMPKx%2BskFKMkp36sdAvMDMOo%2BGysf5efuV43NMBMNfdkTXpNq4eszsFznD1pA3ydRyKKjD40u%2BH6IOZzjra3zz63dYk7E9Kd2fKcd1FcsVq33aB9slRZCJ6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e3e8929046-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 338

GET
H/1.1 200
OK ad-provider.js Show response
a.realsrv.com/ Frame 666E 90 KB
25 KB 153ms
40ms Script
application/javascript 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ad-provider.js
Requested by: Host: a.realsrv.com
URL: http://a.realsrv.com/iframe.php?idzone=4612486&size=300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bb77328b2158eb46e98916e0b410dc8db62ac44b9206f0505f1dc2786a0fa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"da5e19db5e8c5089c5cee3331bc"
X-HW: 1651739577.dop153.fr8.t,1651739577.cds264.fr8.shn,1651739577.dop153.fr8.t,1651739577.cds123.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25574

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext

Requested by

Host: cdn.fluidplayer.com
URL: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9887620ad354436879d1e7cf8f48f174f41bd232b2ecb4093c7c57ab6d1e69d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.fluidplayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:05:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 08:32:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 08:32:57 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK vtt.js Show response
cdn.fluidplayer.com/v2/current//scripts/ 138 KB
29 KB 37ms
37ms Script
application/javascript 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fluidplayer.com/v2/current//scripts/vtt.js
Requested by: Host: cdn.fluidplayer.com
URL: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 645d9714a5a9b5caf59ea4aa2b65f292bc549f6be614d3b9bcaa1b6ab5c16922

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 11:58:08 GMT
ETag: "1584964688"
X-HW: 1651739577.dop130.fr8.t,1651739577.cds016.fr8.shn,1651739577.cds016.fr8.c
Content-Type: application/javascript
Cache-Control: max-age=6938
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29316

GET
H/1.1 200
OK iframe.php Show response
a.realsrv.com/ Frame 759E 4 KB
2 KB 40ms
39ms Document
text/html 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.realsrv.com/iframe.php?idzone=4612494&size=300x250
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bb18968b1b7880f5dffa603e02518b4b57b3f33117bf413fac54b820ae487b6

Request headers

Referer: http://mens.xfantazy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: * *
Cache-Control: max-age=10800
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1346
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 08:32:57 GMT
Server: nginx
X-HW: 1651739577.dop005.fr8.t,1651739577.cds148.fr8.c

GET
H/1.1 200
OK iframe.php Show response
a.realsrv.com/ Frame 4501 4 KB
2 KB 74ms
38ms Document
text/html 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.realsrv.com/iframe.php?idzone=4612488&size=900x250
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 48c1fea64884732cf0a34b6623ce966fa17963cf4c792bdedae799e8aa322490

Request headers

Referer: http://mens.xfantazy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: * *
Cache-Control: max-age=10800
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1347
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 08:32:57 GMT
Server: nginx
X-HW: 1651739577.dop055.fr8.t,1651739577.cds106.fr8.c

GET
H/1.1 200
OK iframe.php Show response
a.realsrv.com/ Frame F48F 4 KB
2 KB 76ms
39ms Document
text/html 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.realsrv.com/iframe.php?idzone=4236544&size=300x250
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5917d477141c28f0bc6fd914bcedb8dca9baac5c8189e5d7293cccad79f39ea8

Request headers

Referer: http://mens.xfantazy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: * *
Cache-Control: max-age=10800
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1347
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 08:32:57 GMT
Server: nginx
X-HW: 1651739577.dop212.fr8.t,1651739577.cds133.fr8.c

GET
H/1.1 404
Not Found main_video.mp4
mens.xfantazy.com/ 555 B
1 KB 74ms
73ms Media
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mens.xfantazy.com/main_video.mp4
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beaab2715e44d545350266cae7b5fee221f4323cc42bd333dc60d4ab3d3964fd

Request headers

Referer: http://mens.xfantazy.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNC3SRdEj6UIiIZX0of2CLYQ80UN%2B03rZTYw0VeSxD23HI3QDxlwkZOn1za7o0Vc%2Brx5%2BKNF1z%2B8fIcpFkuG2BHYbytA0yxfOzei7laYu4UngzZKUBZX%2ByPppF2PLgFcMexfnyq8yRkPRLy6Uqu8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 706820e65ccb9046-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK fluid_icons.svg
cdn.fluidplayer.com/v2/current/images/ 18 KB
18 KB 37ms
37ms Image
image/svg+xml 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fluidplayer.com/v2/current/images/fluid_icons.svg
Requested by: Host: cdn.fluidplayer.com
URL: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 0ecadcf2f6de5a604b6ec54d1b92022882edb4fa94d3f0622b1e5598bd941f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.fluidplayer.com/v2/current/fluidplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Last-Modified: Mon, 23 Mar 2020 11:58:08 GMT
ETag: "1584964688"
X-HW: 1651739577.dop204.fr8.t,1651739577.cds236.fr8.shn,1651739577.dop204.fr8.t,1651739577.cds219.fr8.c
Content-Type: image/svg+xml
Cache-Control: max-age=62922
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 18488

GET
H/1.1 200
OK hbg_img.jpg
mens.xfantazy.com/images/ 27 KB
28 KB 143ms
143ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/hbg_img.jpg
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/css/style.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ce4831cea0d8e2c02f7599f1eac52f20b2f0020370f76042ebf057ef95eca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:23 GMT
Server: cloudflare
ETag: "61806737-6d7e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb0git9NyySwGMu3mvRB92ruVTpNEbp80aYK%2FUH6a4opFONDkNyNUP9%2BA7lEge9899GIwDkmxYNky3TaVpar5g7PriQHsAyiQWqLKJUebyINSo2dpWG3o5DhQQid1YdcgN%2BFNiytXlJzyh3i87LNYA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e668129bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28030

GET
H/1.1 200
OK li.gif
mens.xfantazy.com/images/ 287 B
1 KB 74ms
73ms Image
image/gif 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mens.xfantazy.com/images/li.gif
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/css/style.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39b3232913b0e04c510ce96b23fcc3572484a12baad4eb47abe2992b5a3a010

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 01 Nov 2021 22:16:23 GMT
Server: cloudflare
ETag: "61806737-11f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LCExzkmvbuTx9W1xnALX1JEGMtEOi8S3FNZ1CVROUVhDVJ%2BPSOvoa0SnwzS7zOsFo7FkPDY3ZySNbgfCve96akEbBCmTIS410p7HJeJashnaGDWUGKPcXhk7CtwVK4WG24jUv4Ga5iJk5rNHEYwSg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 706820e66d9b9948-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 287

POST
H/1.1 200
OK api.php Show response
syndication.realsrv.com/v1/ Frame 666E 1 KB
1 KB 208ms
52ms XHR
application/json 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/v1/api.php
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: 0e871c5c75fe2ca4dbc54c6f3bf688d758508e9122c9f91ea782b204d1050334

Request headers

Referer: http://a.realsrv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Access-Control-Request-Method: POST
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://a.realsrv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: Authorization, Content-Type

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9629.Lbe9rf3dtsr3wmrwq3C9Ja2GNUjpZMgXuA-tyT782m_SCrjHB_W8fzxFhYiGCRok.u1FsF_4TslcCtX8njJ0z4ipL9ho%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9629.-eYWZIwIxKPqANoIoRKbupdUmZIkbUExV38-O5RGqXVmD0W0ZANi28Mjd6zE1kP0XuXT1wuYlwgnVWEWXtcuag%2C%2C.ZPrmPyYlY859sZ8k6FklKfNDMF4%2C

75 B
75 B

82ms
82ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9629.-eYWZIwIxKPqANoIoRKbupdUmZIkbUExV38-O5RGqXVmD0W0ZANi28Mjd6zE1kP0XuXT1wuYlwgnVWEWXtcuag%2C%2C.ZPrmPyYlY859sZ8k6FklKfNDMF4%2C

Requested by

Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:32:57 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9629.-eYWZIwIxKPqANoIoRKbupdUmZIkbUExV38-O5RGqXVmD0W0ZANi28Mjd6zE1kP0XuXT1wuYlwgnVWEWXtcuag%2C%2C.ZPrmPyYlY859sZ8k6FklKfNDMF4%2C
date: Thu, 05 May 2022 08:32:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 82ms
82ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:32:57 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 05 May 2022 09:32:57 GMT

GET
H/1.1 200
OK ad-provider.js Show response
a.realsrv.com/ Frame 759E 90 KB
25 KB 40ms
39ms Script
application/javascript 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ad-provider.js
Requested by: Host: a.realsrv.com
URL: http://a.realsrv.com/iframe.php?idzone=4612494&size=300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bb77328b2158eb46e98916e0b410dc8db62ac44b9206f0505f1dc2786a0fa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"da5e19db5e8c5089c5cee3331bc"
X-HW: 1651739577.dop153.fr8.t,1651739577.cds264.fr8.shn,1651739577.dop153.fr8.t,1651739577.cds123.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25574

GET
H/1.1 200
OK ad-provider.js Show response
a.realsrv.com/ Frame 4501 90 KB
25 KB 60ms
37ms Script
application/javascript 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ad-provider.js
Requested by: Host: a.realsrv.com
URL: http://a.realsrv.com/iframe.php?idzone=4612488&size=900x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bb77328b2158eb46e98916e0b410dc8db62ac44b9206f0505f1dc2786a0fa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"da5e19db5e8c5089c5cee3331bc"
X-HW: 1651739577.dop153.fr8.t,1651739577.cds264.fr8.shn,1651739577.dop153.fr8.t,1651739577.cds123.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25574

GET
H/1.1 200
OK ad-provider.js Show response
a.realsrv.com/ Frame F48F 90 KB
25 KB 111ms
38ms Script
application/javascript 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ad-provider.js
Requested by: Host: a.realsrv.com
URL: http://a.realsrv.com/iframe.php?idzone=4236544&size=300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bb77328b2158eb46e98916e0b410dc8db62ac44b9206f0505f1dc2786a0fa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"da5e19db5e8c5089c5cee3331bc"
X-HW: 1651739577.dop055.fr8.shc,1651739577.dop055.fr8.t,1651739577.cds123.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25574

POST
H/1.1 200
OK api.php Show response
syndication.realsrv.com/v1/ Frame 759E 1 KB
1 KB 129ms
52ms XHR
application/json 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/v1/api.php
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: b84e73ce8bf7e7db26aabd1a7d91949bf9b081a17dd4e102687b13decbaa218e

Request headers

Referer: http://a.realsrv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Access-Control-Request-Method: POST
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://a.realsrv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: Authorization, Content-Type

POST
H/1.1 200
OK api.php Show response
syndication.realsrv.com/v1/ Frame 4501 1 KB
1 KB 123ms
62ms XHR
application/json 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/v1/api.php
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: b61abb3a3fec40604ce741b4ac76cc406628961c38dc248aa73e34884fd94d67

Request headers

Referer: http://a.realsrv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Access-Control-Request-Method: POST
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://a.realsrv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: Authorization, Content-Type

GET
H/1.1 200
OK cimp.php Show response
syndication.realsrv.com/ Frame 666E 0
250 B 117ms
40ms XHR
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OQWoDMQz8Sj8QI8mWZeecvKDkAd6N3Qa6G9iEkpZ5fB1TShkJDSOJGSGRHWmvFwp7L3s1JHKi6swxeRyOJwTGUtebe7Sy3sv3l5uvC3xIUQhmWWNEDllVECJL16GUEELSFASqWbMxIRAE1OGDMGu0TtnRcacwwun1MJo7BJ7oIdr3IwA4do1Bj+d7mYhzI5ub5Bo5czCuqhbzuWq1cYjitlo+btvnCNvNewpFkhy6rSNOw4b+sOMx3q+3+2V9AzofwqVtZanAv9MnDPzLGCEzN5uaycRtppI8xdxpO0/q59n/AMy44KRkAQAA
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 206 e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y8.ackcdn.net/library/348620/ Frame 666E 51 KB
51 KB 329ms
73ms Media
video/mp4 2a02:6ea0:c700::14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s3t3d2y8.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::14 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer: http://a.realsrv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Thu, 05 May 2022 08:32:57 GMT
x-77-nzt-ray: tFWwWJRVn+k
x-77-cache: HIT
Content-Range: bytes 0-51899/51900
x-cache: HIT
x-age: 1194421
Content-Length: 51900
x-77-nzt: AYrHJQ0uE3b/tTkSAA
x-accel-expires: @1682081156
last-modified: Thu, 26 Mar 2020 22:21:37 GMT
server: CDN77-Turbo
etag: "5e7d2af1-cabc"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 21 Apr 2023 12:45:56 GMT

POST
H/1.1 200
OK api.php Show response
syndication.realsrv.com/v1/ Frame F48F 85 B
476 B 42ms
42ms XHR
application/json 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/v1/api.php
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: 7a3495a4d2355fad06bd2f80cb448680e771bf5e62e4a0b8e81174e1d49aa6dc

Request headers

Referer: http://a.realsrv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 May 2022 08:32:57 GMT
Access-Control-Request-Method: POST
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://a.realsrv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: Authorization, Content-Type

GET
H/1.1 200
OK cimp.php Show response
syndication.realsrv.com/ Frame 759E 0
250 B 117ms
41ms XHR
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02QXWrDQAyEr9ILeJG00v7kOTlByQG2jt0G6gTsUNwyh6/s9KGMlh2W0epDQiIdmdcL6SHKwTIKBTELOTBFHE9nKGMabktYx3Z7tJ/v0N8nRC1JCDlXSwlVq5lAE4tWhVGBarGigsxMUmuCEgTkiirMlrJbDnTqDJlwfj3uhzd5hmgV88BOAE7ey6B176+9D4vDaG917C8xCsXhUsypNam0LYgW5qF9LvPXTktQc0IUqepzA7FVjz15nup4vz7uy+N6ewfc7w/XcW7TAPyLbsrgP+ffaEvZStTsC6BcY3OUVPt+yFGN+1/WhON9ZgEAAA==
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 206 caafb8cdf5f71f3c262e7fbd4ea3a18c2647c3d6.mp4
s3t3d2y8.ackcdn.net/library/348620/ Frame 759E 14 KB
15 KB 356ms
122ms Media
video/mp4 2a02:6ea0:c700::14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s3t3d2y8.ackcdn.net/library/348620/caafb8cdf5f71f3c262e7fbd4ea3a18c2647c3d6.mp4
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::14 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d379e16ecd6aad7e46dcee3f1a69bda96b8832466b2c8a5e0989db37e297c871

Request headers

Referer: http://a.realsrv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Thu, 05 May 2022 08:32:57 GMT
x-77-nzt-ray: 0cdhcXW+dz4
x-77-cache: HIT
Content-Range: bytes 0-14583/14584
x-cache: HIT
x-age: 1191644
Content-Length: 14584
x-77-nzt: AYrHJQ0s2ez/3C4SAA
x-accel-expires: @1682083933
last-modified: Tue, 29 Mar 2022 09:47:08 GMT
server: CDN77-Turbo
etag: "6242d59c-38f8"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 21 Apr 2023 13:32:13 GMT

GET
H/1.1 200
OK cimp.php Show response
syndication.realsrv.com/ Frame 4501 0
250 B 95ms
40ms XHR
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OYWrDMAyFr7IL1EiKZMn93Z1g9ABOY2+FpYWkjGzo8LNTGOOz0JOQH4+A6ADS3gvwcaCjqBsEEgkaEAY/vZ6d0edyW8NW8+2Rf77D5T63ZTRy1SQxeuIkQs4Ric1cwJyNkTR6TKYJODqDk0NjYEKUqH0IAIjJFfz8dtoLG+QJYCOBpnsA1+bdNGz9PxTKiYBUIbNUksJqVi0Zjpc0aj/0HJaSP9flaw8LTwIgDbs//HHAvX3c18f19u7e9L641iXPxf3faefp3kIy9zZMjCPEzMUqT2ZRYKI6Fag8xhqHX8Sv2q1gAQAA
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.realsrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 May 2022 08:32:57 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 206 882943a2e3da15d2b72959713c434325d94fdacb.mp4
s3t3d2y8.ackcdn.net/library/41682/ Frame 4501 505 KB
506 KB 318ms
122ms Media
video/mp4 2a02:6ea0:c700::14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s3t3d2y8.ackcdn.net/library/41682/882943a2e3da15d2b72959713c434325d94fdacb.mp4
Requested by: Host: mens.xfantazy.com
URL: http://mens.xfantazy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::14 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5e17aa19411f4c8712a6cc3350951f2e7ed81f3e6af69b129436a4d74f856847

Request headers

Referer: http://a.realsrv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Thu, 05 May 2022 08:32:57 GMT
x-77-nzt-ray: kuPAfcHrqqM
x-77-cache: HIT
Content-Range: bytes 0-517227/517228
x-cache: HIT
x-age: 1194393
Content-Length: 517228
x-77-nzt: AYrHJQ2aXWn/mTkSAA
x-accel-expires: @1682081184
last-modified: Sat, 23 Oct 2021 20:30:05 GMT
server: CDN77-Turbo
etag: "617470cd-7e46c"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 21 Apr 2023 12:46:24 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71623204/
Redirect Chain

https://mc.yandex.com/watch/71623204?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/71623204/1?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%...

338 B
420 B

84ms
84ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71623204/1?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1141725178009%3Ahid%3A526411466%3Az%3A0%3Ai%3A20220505083257%3Aet%3A1651739577%3Ac%3A1%3Arn%3A969866389%3Arqn%3A1%3Au%3A1651739577240429010%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651739576551%3Ads%3A109%2C37%2C93%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651739578%3At%3AMensXfantazy&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d71b1324cfe5cbeddd587fbfb943d91e559d583b5b7ebb7c827edd39005a4462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 08:32:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 05-May-2022 08:32:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://mens.xfantazy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 05-May-2022 08:32:57 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 08:32:57 GMT
last-modified: Thu, 05-May-2022 08:32:57 GMT
location: /watch/71623204/1?wmode=7&page-url=http%3A%2F%2Fmens.xfantazy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A394%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1141725178009%3Ahid%3A526411466%3Az%3A0%3Ai%3A20220505083257%3Aet%3A1651739577%3Ac%3A1%3Arn%3A969866389%3Arqn%3A1%3Au%3A1651739577240429010%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651739576551%3Ads%3A109%2C37%2C93%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651739578%3At%3AMensXfantazy&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://mens.xfantazy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-May-2022 08:32:57 GMT

GET
H/1.1 200
OK / Show response
d.ftte.xyz/d/ 105 KB
41 KB 529ms
220ms XHR
application/json 131.153.42.225
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL: http://d.ftte.xyz/d/?resource=bundler&nada=1&widgets=2031966:1,2031969:1,2031951:1,2031973:1&isct=undefined&reqc=1&ver=4981879d17a232f0.1651739577204&page=aHR0cDovL21lbnMueGZhbnRhenkuY29tLw==
Requested by: Host: d.smopy.com
URL: http://d.smopy.com/d/?resource=pubJS
Protocol: HTTP/1.1
Server: 131.153.42.225 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx / Express
Resource Hash: 0e7f2cbdd19d66a12cc8ffeca487811c11ac4fee9ea03285532eb204e46aad33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:58 GMT
Content-Encoding: gzip
ETag: W/"1a2e8-IoaxU7/ttSXkEsR49Kh5pAVu0YI"
Server: nginx
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://mens.xfantazy.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 oHoFJes59TgjhmVsUhUgzpP9dZGMcF.jpeg
s.ftte.xyz/prnotifications/2020/12/17/ 24 KB
25 KB 266ms
49ms Image
image/jpeg 2606:4700:3037::6815:33bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ftte.xyz/prnotifications/2020/12/17/oHoFJes59TgjhmVsUhUgzpP9dZGMcF.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:33bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64befb9a066594a90f55db2f6711c290f14ae6c973763064d134a2039a1c5ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:32:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24538
last-modified: Thu, 17 Dec 2020 16:45:41 GMT
server: cloudflare
etag: "5fdb8b35-5fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtjwciuRYwVbu8YSPC4bUA9Yg9%2F5ZzoMhr4bo7nZvxEvn7fsjgYMUbJ7dFX8Uli8AvcKSVoOCZXRKGZB2JbMgF1s3VlX8WnUBZYEXSaexz99kxV1vyq73REJ8Gk%2FopWi%2FvN%2F0WC0j6lw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 706820ef4c4c9b95-FRA

GET
H2 200 ZwRkFR2KgdXsRqL6BL5gNY2mRHH7yo.jpeg
s.ftte.xyz/prnotifications/2020/12/17/ 41 KB
41 KB 267ms
51ms Image
image/jpeg 2606:4700:3037::6815:33bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ftte.xyz/prnotifications/2020/12/17/ZwRkFR2KgdXsRqL6BL5gNY2mRHH7yo.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:33bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9b64cf42a28bb77db65da2c09d5d6dc544d5d8f774667893f8957d1b0028d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:32:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41752
last-modified: Thu, 17 Dec 2020 16:45:41 GMT
server: cloudflare
etag: "5fdb8b35-a318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kM4CRSStxEZqptuTm2ee9RXFvJ5eyd5U3NeTZQigXB9ofxYFjMTPjoxepRSKqlaZT9DeW%2FIE8lD05XR6H5GYQlTiH51fOYZIDqiuxJ%2FHhJcle%2F2%2B5WQWd5ocJiOcyZOhVCKXwfvE%2FhTP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 706820ef4c4f9b95-FRA

GET
H/1.1 200
OK FFgTJmMUHziUaqZHgdgkzxrf7PQjtR.gif
s.ftte.xyz/prbanners/2022/02/17/ 233 KB
234 KB 218ms
48ms Image
image/gif 2606:4700:3037::6815:33bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.ftte.xyz/prbanners/2022/02/17/FFgTJmMUHziUaqZHgdgkzxrf7PQjtR.gif
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:33bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2875798b3cfb752a4169686aff381ea1113f0b583e06a212b72950648d2534

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 08:32:58 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3144
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 238332
Last-Modified: Thu, 17 Feb 2022 17:08:40 GMT
Server: cloudflare
ETag: "620e8118-3a2fc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64BxFfQu8srCbquFMuNuRPoDbWhoxc%2F%2BEt2dyMy3UajHoNDnAMQT3T2o5dbf8CTtpRJz4Z1c%2BdNPF4HvntXXxj05t%2BCmo%2BeiaUSoHgRaqz3SlLndaDHvI%2FgiSHwD9qo8SRgV4pxI8XDI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 706820eefb569016-FRA

GET
H/1.1 200
OK t.php
d.ftte.xyz/ 0
410 B 686ms
171ms Image
text/html 131.153.42.225
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.ftte.xyz/t.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.153.42.225 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://mens.xfantazy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 May 2022 08:32:59 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xfantazy.com/	1970-01-20 11:34:35	Name: _ym_uid Value: 1651739577240429010
.xfantazy.com/	1970-01-20 11:34:35	Name: _ym_d Value: 1651739577
.xfantazy.com/	1970-01-20 02:50:11	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 02:49:00	Name: sync_cookie_csrf Value: 994978615fake
.mc.yandex.ru/	1970-01-20 02:49:00	Name: sync_cookie_csrf Value: 177768108fake
.yandex.com/	1970-01-20 11:34:35	Name: yandexuid Value: 7562941171651739577
.yandex.com/	1970-01-20 11:34:35	Name: yuidss Value: 7562941171651739577
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1392330241651739577
.yandex.com/	1970-01-23 18:24:59	Name: i Value: EHgsOWQuS2z6HG4oSRb5OjBh8KIrMgmt+Wsc/VOpI443afPgR7DGfsKFUWTZvCKfbER7tIlKKd+8x04myvTMKrayeA0=
.yandex.com/	1970-01-20 11:34:35	Name: ymex Value: 1683275577.yrts.1651739577#1683275577.yrtsi.1651739577
.ftte.xyz/	1970-01-20 11:34:35	Name: guid Value: f0187b2c-9faa-4408-8650-9bdeafdd1c23

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://mens.xfantazy.com/images/main_bg.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://mens.xfantazy.com/main_video.mp4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9629.-eYWZIwIxKPqANoIoRKbupdUmZIkbUExV38-O5RGqXVmD0W0ZANi28Mjd6zE1kP0XuXT1wuYlwgnVWEWXtcuag%2C%2C.ZPrmPyYlY859sZ8k6FklKfNDMF4%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
cdn.fluidplayer.com
d.ftte.xyz
d.smopy.com
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
mens.xfantazy.com
s.ftte.xyz
s3t3d2y8.ackcdn.net
syndication.realsrv.com
131.153.42.225
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3a
23.235.244.224
2606:4700:3037::6815:33bd
2a00:1450:4001:82f::200a
2a02:6b8::1:119
2a02:6ea0:c700::14
2a06:98c1:3120::a
95.211.229.248
0e7f2cbdd19d66a12cc8ffeca487811c11ac4fee9ea03285532eb204e46aad33
0e871c5c75fe2ca4dbc54c6f3bf688d758508e9122c9f91ea782b204d1050334
0ecadcf2f6de5a604b6ec54d1b92022882edb4fa94d3f0622b1e5598bd941f81
0f7b52c1db08053d60ca49446d17ab0a637e6800fd6f66f0010c60badae3b5a4
193d5d27601b45146c4a887eb13ffe98ecb3406e9ac703de6d625af551c9569c
1f4a3dcb8dfec3a30d8d922d9db756819f4f428f23d9333728ffedb206e5eb55
48c1fea64884732cf0a34b6623ce966fa17963cf4c792bdedae799e8aa322490
4bb18968b1b7880f5dffa603e02518b4b57b3f33117bf413fac54b820ae487b6
4e2875798b3cfb752a4169686aff381ea1113f0b583e06a212b72950648d2534
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5917d477141c28f0bc6fd914bcedb8dca9baac5c8189e5d7293cccad79f39ea8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5e17aa19411f4c8712a6cc3350951f2e7ed81f3e6af69b129436a4d74f856847
645d9714a5a9b5caf59ea4aa2b65f292bc549f6be614d3b9bcaa1b6ab5c16922
64befb9a066594a90f55db2f6711c290f14ae6c973763064d134a2039a1c5ee3
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645
6bb77328b2158eb46e98916e0b410dc8db62ac44b9206f0505f1dc2786a0fa60
6d35529e97ac48abda83c68a13d780e8505ec839865a7fb84a91fde809cc6f14
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7528f5722e33f5bb604306563460b837d1cf9fda9fd536134e2e420adf7e8dea
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
7975dfe4925a7e9a21e46f2070b7c8d0080fa9449867ca43a59e5e86b9542d00
7a3495a4d2355fad06bd2f80cb448680e771bf5e62e4a0b8e81174e1d49aa6dc
7b9b64cf42a28bb77db65da2c09d5d6dc544d5d8f774667893f8957d1b0028d9
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
9887620ad354436879d1e7cf8f48f174f41bd232b2ecb4093c7c57ab6d1e69d1
a3312c1fabf552e264c8a2725b6ac321fa634e735e47f37536f21a9f52f5e72b
b61abb3a3fec40604ce741b4ac76cc406628961c38dc248aa73e34884fd94d67
b84e73ce8bf7e7db26aabd1a7d91949bf9b081a17dd4e102687b13decbaa218e
b89485f60b9d7cf92ab0ac946c1728454a609e4466026626035e2102b4811193
beaab2715e44d545350266cae7b5fee221f4323cc42bd333dc60d4ab3d3964fd
c48f03fd5d8054041721177871aa360426715092354cee2e088b6fc839220217
cf273e1351390b98171a2b62594f542da75214a4b60c0d14ddef068ff6f35dd7
d32f69866cacbc4cc0fd916a2ca761b891e3f974e348e188b11d8ad146333485
d379e16ecd6aad7e46dcee3f1a69bda96b8832466b2c8a5e0989db37e297c871
d39b3232913b0e04c510ce96b23fcc3572484a12baad4eb47abe2992b5a3a010
d71b1324cfe5cbeddd587fbfb943d91e559d583b5b7ebb7c827edd39005a4462
e0ce4831cea0d8e2c02f7599f1eac52f20b2f0020370f76042ebf057ef95eca5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f414df1bd675f4748bf9f41658c75b6cb400eeec7754e30e94399076947be8fc

mens.xfantazy.com Open in urlscan Pro 2a06:98c1:3120::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

53 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

1251 kBTransfer

1974 kBSize

11 Cookies

2 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

mens.xfantazy.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

53 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

1251 kB
Transfer

1974 kB
Size

11
Cookies

45 HTTP transactions
2 data transactions