fantasy.mn Open in urlscan Pro
82.166.139.113 Public Scan

URL:
http://fantasy.mn/
Submission: On June 16 via manual (June 16th 2021, 5:22:43 am UTC) from AU

Summary HTTP 139 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 17 domains to perform 139 HTTP transactions. The main IP is 82.166.139.113, located in Rishon LeZiyyon, Israel and belongs to NV-ASN CELLCOM ltd., IL. The main domain is fantasy.mn.

This is the only time fantasy.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
70	82.166.139.113 82.166.139.113	1680 (NV-ASN CE...) (NV-ASN CELLCOM ltd.)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
9	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
4	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
139	28

70 82.166.139.113 (Rishon LeZiyyon, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)

fantasy.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	fantasy.mn fantasy.mn	1 MB
9	youtube.com www.youtube.com	653 KB
9	facebook.com www.facebook.com	160 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	213 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	161 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com translate.googleapis.com	327 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	36 KB
5	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	5 KB
4	twimg.com cdn.syndication.twimg.com pbs.twimg.com	20 KB
4	google.com translate.google.com adservice.google.com www.google.com	18 KB
2	fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frx5-2.xx.fbcdn.net	21 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	ytimg.com i.ytimg.com	27 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	657 B
139	17

	Domain	Requested by
70	fantasy.mn	fantasy.mn
9	www.youtube.com	fantasy.mn www.youtube.com
9	www.facebook.com	fantasy.mn www.facebook.com
7	platform.twitter.com	fantasy.mn platform.twitter.com
6	pagead2.googlesyndication.com	fantasy.mn pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.gstatic.com	fantasy.mn translate.googleapis.com www.youtube.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
3	pbs.twimg.com	fantasy.mn
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	www.google-analytics.com	fantasy.mn www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	ajax.googleapis.com	fantasy.mn
1	cdn.syndication.twimg.com	platform.twitter.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	scontent-frx5-2.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	translate.google.com	fantasy.mn
1	fonts.googleapis.com	fantasy.mn
139	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
www.s-an-d.co.za
translate.google.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://fantasy.mn/
Frame ID: 36755E40ACCB971D8420F7AEBD6E68E5
Requests: 98 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Frame ID: 475C6014D7E1C3E508A7D38CDC190823
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_tm8X40tSCE
Frame ID: B0C77EC20C60377A983CFC661CC13AD1
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn
Frame ID: D87635D477C69941C53BC297995E969C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html
Frame ID: 2D8FE9FB8F403A794C3DB288FF65266C
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 8AF77E24E867E284F46B3A506C6AA84E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124
Frame ID: D3EEA3B27564BDC9D3F86D7850BF147A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150
Frame ID: 90A3B9816FE70590125D038038EE17DC
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1405031116038295554/sSfUYbFK?format=jpg&name=280x280
Frame ID: DA0F665DD46E77F0ECA1A54DAE43308F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 89947713CECCF0D85A05FD097BF2DEA6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F5E0BAA6C5D4C876C2067467B6A2495
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 63FE22B26AA2B72797A16E7F4060ECDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

139
Requests

44 %
HTTPS

89 %
IPv6

17
Domains

27
Subdomains

28
IPs

3
Countries

2820 kB
Transfer

5993 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/SMBSRubinstein-Software/47287399942?sk=info

Search URL Search Domain Scan URL

URL: https://twitter.com/service_smbs

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/smbs-rubinstein

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/101407786685589576891/+FantasyBz/about

Search URL Search Domain Scan URL

URL: http://www.s-an-d.co.za/
Title: web design

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false HTTP 307
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false

Request Chain 46

http://www.youtube.com/embed/_tm8X40tSCE HTTP 307
https://www.youtube.com/embed/_tm8X40tSCE

Request Chain 49

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 135

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
fantasy.mn/ 18 KB
6 KB 305ms
160ms Document
text/html 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98b77371ef0408c481830bfcdcc3a729550d9966d8c0d839bcb3ce11da4fdd44

Request headers

Host: fantasy.mn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private,no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Content-Encoding: gzip
Expires: 0
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; path=/
X-Powered-By: ASP.NET
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Length: 5894

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 21ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e965559c45dc9185c3715129c514f6f24570908614871884e8bdeeb0458e02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Jun 2021 03:29:04 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 16 Jun 2021 05:22:22 GMT

GET
H/1.1 200
OK rubinstein.css
fantasy.mn/common/ 2 KB
936 B 88ms
86ms Stylesheet
text/css 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/common/rubinstein.css
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27eddaa95b76ffd74cbc9009dc9ade86359777cc03879e40142cdc7c33b48524

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "0cc5616e4bd01:0"
Last-Modified: Wed, 18 Feb 2015 11:31:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 562
Expires: 0

GET
H/1.1 200
OK imagerollover.js Show response
fantasy.mn/js/ 4 KB
2 KB 168ms
152ms Script
application/javascript 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/js/imagerollover.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 263be2b0390f336d5ce3b0f40ea56a4b4165f5dd8e861d9bd1dd33f0f0da7010

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "096ed588f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1507
Expires: 0

GET
H/1.1 200
OK home_blocks.css
fantasy.mn/common/ 1 KB
947 B 162ms
147ms Stylesheet
text/css 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/common/home_blocks.css
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b0a6f682bb162fe145ae5b59475e14ebc47effca5946bf9b3cc1556ac4a26b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "0bfb0a98e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:26:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 572
Expires: 0

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:02:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1208
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33333
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 16 Jun 2022 05:02:14 GMT

GET
H/1.1 200
OK jquery.simplyscroll.js Show response
fantasy.mn/js/ 12 KB
4 KB 156ms
141ms Script
application/javascript 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/js/jquery.simplyscroll.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef806aba43683fdfa44cd0f0b934a5e67942d3275abcbbec6989777821b1cb1c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "093316d8f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:42 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 4132
Expires: 0

GET
H/1.1 200
OK jquery.simplyscroll.css
fantasy.mn/common/ 2 KB
1 KB 155ms
140ms Stylesheet
text/css 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/common/jquery.simplyscroll.css
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 306e7ce929e761a54396a94dd9d743285551cf7f9ce4de268d39500c44d5cd31

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "0bfb0a98e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:26:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 963
Expires: 0

GET
H/1.1 200
OK allinone_bannerRotator.css
fantasy.mn/common/ 6 KB
2 KB 176ms
161ms Stylesheet
text/css 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/common/allinone_bannerRotator.css
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30889d1f07bbc3d68d22e2a4581ba4b17ea5351acfcff8da059a35801dd161c8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "0927fa88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:26:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1489
Expires: 0

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/ 196 KB
197 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0414cd9a63cee7af991c13817e46d30190ac41a8711cdae78718da6d380e572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 04:52:49 GMT
X-Content-Type-Options: nosniff
Age: 1773
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 200748
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 16 Jun 2022 04:52:49 GMT

GET
H/1.1 200
OK jquery.ui.touch-punch.min.js Show response
fantasy.mn/js/ 1 KB
1 KB 174ms
86ms Script
application/javascript 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/js/jquery.ui.touch-punch.min.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6c368f0258fe8a0e5c72892749c747c4e44d76aa11e41a1f185d876a337be47

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "0ed936f8f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 736
Expires: 0

GET
H/1.1 200
OK allinone_bannerRotator.js Show response
fantasy.mn/js/ 25 KB
8 KB 240ms
84ms Script
application/javascript 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/js/allinone_bannerRotator.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 781a60f1acd62d77ea3583dd0ad841b0eeded58aeb40eb53a7554ed1e0329ed2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "069bc578f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:06 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 7980
Expires: 0

GET
H/1.1 200
OK logo.png
fantasy.mn/images/common/ 2 KB
3 KB 83ms
78ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/logo.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 64db6cafdbe3eb83f7044e3e90a94fb6ac4719b4445911ee6eedc05a6efa78ad

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "09772ec8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:06 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 2354
Expires: 0

GET
H/1.1 200
OK nav_home_over.png
fantasy.mn/images/common/ 825 B
1 KB 91ms
86ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_home_over.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "01e6f08e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 825
Expires: 0

GET
H/1.1 200
OK nav_about.png
fantasy.mn/images/common/ 1 KB
1 KB 88ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_about.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "09772ec8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:06 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1026
Expires: 0

GET
H/1.1 200
OK nav_products.png
fantasy.mn/images/common/ 922 B
1 KB 85ms
80ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_products.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "01e6f08e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 922
Expires: 0

GET
H/1.1 200
OK nav_clients.png
fantasy.mn/images/common/ 899 B
1 KB 85ms
81ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_clients.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0c4a3ed8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 899
Expires: 0

GET
H/1.1 200
OK nav_contact.png
fantasy.mn/images/common/ 958 B
1 KB 161ms
86ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_contact.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0f1d4ee8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 958
Expires: 0

GET
H/1.1 200
OK icon_FB.png
fantasy.mn/images/common/ 731 B
1 KB 183ms
87ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_FB.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0b67ce68e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:27:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 731
Expires: 0

GET
H/1.1 200
OK icon_twitter.png
fantasy.mn/images/common/ 825 B
1 KB 228ms
80ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_twitter.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "06a41eb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 825
Expires: 0

GET
H/1.1 200
OK icon_linkedin.png
fantasy.mn/images/common/ 779 B
1 KB 148ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_linkedin.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "06a41eb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 779
Expires: 0

GET
H/1.1 200
OK icon_google.png
fantasy.mn/images/common/ 1 KB
2 KB 156ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_google.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "03d10ea8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1414
Expires: 0

GET
H/1.1 200
OK home_banner_01.jpg
fantasy.mn/images/content/ 57 KB
58 KB 500ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_01.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 58687
Expires: 0

GET
H/1.1 200
OK home_banner_02.jpg
fantasy.mn/images/content/ 51 KB
51 KB 78ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_02.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 52190
Expires: 0

GET
H/1.1 200
OK home_banner_03.jpg
fantasy.mn/images/content/ 66 KB
67 KB 89ms
89ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_03.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0e0f1fb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 68009
Expires: 0

GET
H/1.1 200
OK icon_news.png
fantasy.mn/images/content/ 566 B
894 B 150ms
79ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/icon_news.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 92d83b64e8246125206a18ed12a3dd6d1ec60377151786f9ce6449d3bc3fd015

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0c1e718f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:42 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 566
Expires: 0

GET
H/1.1 200
OK Harmony_samples.png
fantasy.mn/images/content/ 286 KB
287 KB 147ms
79ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/Harmony_samples.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59ea71a57f1643405f78000304d400ffec53a9f05d4cdaa3e79feb02b9adc95b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0a5f099a59acf1:0"
Last-Modified: Tue, 08 Jul 2014 12:10:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 293341
Expires: 0

GET
H/1.1 200
OK arrow_readmore.png
fantasy.mn/images/common/ 2 KB
2 KB 230ms
80ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/arrow_readmore.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "011da2c9f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 11:24:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 2010
Expires: 0

GET
H/1.1 200
OK jquery.capSlide.js Show response
fantasy.mn/js/ 2 KB
1 KB 88ms
87ms Script
application/javascript 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: http://fantasy.mn/js/jquery.capSlide.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6ce08e9aa75691bf826585fa190004f5187fd1e55989a0aac7efeb6c329edf6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
ETag: "058d9648f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 741
Expires: 0

GET
H/1.1 200
OK home_fantasy.jpg
fantasy.mn/images/content/ 33 KB
33 KB 371ms
81ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_fantasy.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2f4d82003a9ccaea85da33302a956d5d0b25eba62de84a472a88559044f8cd8f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0b3c0fa8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 33664
Expires: 0

GET
H/1.1 200
OK home_harmony.jpg
fantasy.mn/images/content/ 43 KB
44 KB 375ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_harmony.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 63e64263f2644078147f97897a41a218ae5389b1e2b481c0d04fbe7ba4bfd3bf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0d23fd8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:34 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 44265
Expires: 0

GET
H/1.1 200
OK home_meetTeam.jpg
fantasy.mn/images/content/ 26 KB
26 KB 395ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_meetTeam.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f4ee39bf62c358118df64a88f9ba7715716320091512526171126dbe4a22957

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "03a54fe8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:36 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 26480
Expires: 0

GET
H/1.1 200
OK icon_clients.png
fantasy.mn/images/content/ 576 B
905 B 289ms
80ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/icon_clients.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd91af7aafe4cb87de04cf2cfa7e4d0e4f3019935c6dfd29152e333e12611987

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "06785ff8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:38 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 576
Expires: 0

GET
H/1.1 200
OK logos_04.jpg
fantasy.mn/images/content/ 15 KB
15 KB 325ms
86ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_04.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 409ee755ad7c6aedd167c216500282f1cbf790700874a56b04765f320f93f2f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "05aedfe4ea7d01:0"
Last-Modified: Mon, 15 Jun 2015 09:38:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 15000
Expires: 0

GET
H/1.1 200
OK logos_01.jpg
fantasy.mn/images/content/ 21 KB
21 KB 284ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_01.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 827d621a7ec6c588784bb98b03e2ad8469971761bde32a6b551615dd4febbf9d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "075ac68f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 21328
Expires: 0

GET
H/1.1 200
OK logos_02.jpg
fantasy.mn/images/content/ 24 KB
24 KB 370ms
83ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_02.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: edec3b266f399077c27933aa77e749dcca3372d5feafa0229ab6d948d78028a1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "075ac68f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 24399
Expires: 0

GET
H/1.1 200
OK logos_03.jpg
fantasy.mn/images/content/ 22 KB
22 KB 219ms
84ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_03.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1d9bfe56d6f73224dd12c41db77ca25e354eb8c78dac7be47da19200ef3f6f80

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0a2dd78f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 22395
Expires: 0

GET
H/1.1 200
OK logos_05.jpg
fantasy.mn/images/content/ 22 KB
22 KB 231ms
86ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_05.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00fdf9f52c63f09dc4dd47c14149081a3540d4344257e822ca5b8d65d6a50a2f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0fc3fa8f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 22048
Expires: 0

GET
H/1.1 200
OK logos_06.jpg
fantasy.mn/images/content/ 28 KB
28 KB 250ms
88ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/logos_06.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 558c4c9e5d7148cc4f2dd5e695bbf6d5f66b7a84a268fd95d17309abe38d372d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0b48910a143d01:0"
Last-Modified: Sun, 08 Feb 2015 13:13:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 28543
Expires: 0

GET
H/1.1 200
OK footer_twitter.png
fantasy.mn/images/common/ 346 B
675 B 405ms
86ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/footer_twitter.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5db5a50cb3bbb884be3bc5d1ca0e590b02663d11d9d2a9345ef9fa0f9ae27a96

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "05c1ae48e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:27:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 346
Expires: 0

GET
H/1.1 200
OK footer_FB.png
fantasy.mn/images/common/ 243 B
572 B 410ms
86ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/footer_FB.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85d3c2b48d1b2a8da9437a329ae39da1c39c77381bb152d52276f54ce84d39b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "05c1ae48e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:27:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 243
Expires: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3458964890517975314
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48824
X-XSS-Protection: 0
Expires: Wed, 16 Jun 2021 05:22:22 GMT

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

de179b376f13f57bbf77368070f74aeaf16fcab52479fcee885ced8a0c4e3da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: en
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 3771
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found bg_main.png
fantasy.mn/images/common/ 1 KB
1 KB 95ms
87ms Image
text/html 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/bg_main.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/rubinstein.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/rubinstein.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/rubinstein.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1245
Expires: 0

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fantasy.mn
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 12:56:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:19 GMT
Server: sffe
Age: 318376
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Sun, 12 Jun 2022 12:56:06 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 15ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6712)
Age: 701
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame 475C
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&st...
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&s...

47 KB
14 KB

83ms
82ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45f788f5719338adf23aeb69b7a68c80293cb3f85e23606c1b96390894ecd699

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Ib17pdKKKUVj9FeWBinmoslVG0Cp1O2wH2TPcIbK9ynHGJJhOQGVs6TNcvvk3mZcqhkddOwuS/2PhJqsItHKuQ==
date: Wed, 16 Jun 2021 05:22:22 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Non-Authoritative-Reason: HSTS

GET
H2

200

_tm8X40tSCE Show response
www.youtube.com/embed/ Frame B0C7
Redirect Chain

http://www.youtube.com/embed/_tm8X40tSCE
https://www.youtube.com/embed/_tm8X40tSCE

52 KB
22 KB

93ms
73ms

Document
text/html

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_tm8X40tSCE

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3072b0128ce0987315c4074f0e4e6c61d3f12219c497d4282a58e7a82387905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_tm8X40tSCE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Jun 2021 05:22:22 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=zEITVRoBmNg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=hzNiHJAA0Vk; Domain=.youtube.com; Expires=Mon, 13-Dec-2021 05:22:22 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+537; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/_tm8X40tSCE
Non-Authoritative-Reason: HSTS

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Jun 2021 06:15:05 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:18:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2154
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 16 Jun 2021 06:18:53 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1425
date: Wed, 16 Jun 2021 04:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 16 Jun 2021 06:58:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bottomNavBg.png
fantasy.mn/skins/classic/ 115 B
444 B 486ms
88ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/classic/bottomNavBg.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5f0e6d59ac597b8bcbc6f85e0eea1b96710f1878f88de94834f6c0a0bbad1187

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "07427738f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 115
Expires: 0

GET
H/1.1 200
OK leftNavOFF.png
fantasy.mn/skins/classic/ 598 B
927 B 448ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/classic/leftNavOFF.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90062a4d70d3df2d56150dee6e79c3245a5f300bdbde9f3fadf284dd63e55dea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0fbba768f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:58 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 598
Expires: 0

GET
H/1.1 200
OK rightNavOFF.png
fantasy.mn/skins/classic/ 602 B
931 B 462ms
78ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/classic/rightNavOFF.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b0802aa12255d2fee14aecb6b0e28a3c38fa1051691aeeea1f76852a587876f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "028ec778f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:32:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 602
Expires: 0

GET
H/1.1 200
OK bottomNavOFF.png
fantasy.mn/skins/classic/ 122 B
451 B 489ms
86ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/classic/bottomNavOFF.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 24b89546fe9f900228f3a5efc4c3b55650f7e75a0152e5164f4cd6e544124040

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0a158748f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 122
Expires: 0

GET
H/1.1 404
Not Found hand.cur
fantasy.mn/skins/ 1 KB
1 KB 504ms
80ms Image
text/html 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/hand.cur
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1245
Expires: 0

GET
H/1.1 200
OK bottomNavON.png
fantasy.mn/skins/classic/ 122 B
451 B 528ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/skins/classic/bottomNavON.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a6a8442d6bde0d404ddbbe9658f4a5075aa3f18910057f01e91fb030aa88d132

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
ETag: "0a158748f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:31:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 122
Expires: 0

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 21:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 21:15:04 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame D876 319 KB
103 KB 25ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://fantasy.mn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 655
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Jun 2021 05:22:22 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/ 233 KB
87 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87957
x-xss-protection: 0
server: cafe
etag: 17726926907594691985
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:22:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/ Frame 2D8F 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Jun 2021 10:43:54 GMT
expires: Tue, 29 Jun 2021 10:43:54 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 67108
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=804139499&t=pageview&_s=1&dl=http%3A%2F%2Ffantasy.mn%2F&ul=en-us&de=UTF-8&dt=Diamond%20Software%2C%20Diamond%20Inventory%2C%20Jewelry%20Stock.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1645369104&gjid=772832199&cid=298461400.1623820942&tid=UA-7390195-4&_gid=1268245140.1623820942&_r=1&_slc=1&z=949267887

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fantasy.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 27ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 04:56:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1540
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Thu, 16 Jun 2022 04:56:42 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
997 B 27ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 04:33:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2952
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Thu, 16 Jun 2022 04:33:10 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 26ms
8ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:17:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 291
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 16 Jun 2022 05:17:31 GMT

GET
H3-29 200 ycAE5xxyu8a.css
www.facebook.com/rsrc.php/v3/yq/l/0,cross/ Frame 475C 17 KB
5 KB 10ms
8ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46c35d5a3c8c6b50ab5774ea6db20a7e5cc067240b625163ee53062a3738f26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 19:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QTDaDFpAg11U7XRvkIvWtA==
cross-origin-resource-policy: cross-origin
content-length: 4596
x-fb-rlafr: 0
x-fb-debug: RfrOH7qPHZ7qx2SQccP7yzqvw0S3RxMsBZIU16kCDCOZJ437ZL4nGAZ9OUsoIUXcqJDdrwl1P2PjgBXfk8ocCw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 19:33:52 GMT

GET
H3-29 200 ggzcJLJkhSr.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame 475C 3 KB
1 KB 10ms
8ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 23:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy: cross-origin
content-length: 1102
x-fb-rlafr: 0
x-fb-debug: 3+4j1ykubwYFku1ScjEyNtMW5oB9SV82187DaaZSt7siJA5lxpO0gyicSR9S+82rJEd3f8ByNTrvIcIZFFnMiQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Jun 2022 23:43:32 GMT

GET
H3-29 200 7xPhjVEY-GQ.js Show response
www.facebook.com/rsrc.php/v3/yC/r/ Frame 475C 296 KB
80 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b6b5de27dfe738825048ac82fadc8a71ac90734bdbea1b5213377cc957d67c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 00:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 49Euh+HrGyj8vpTTtttm0Q==
cross-origin-resource-policy: cross-origin
content-length: 82280
x-fb-rlafr: 0
x-fb-debug: LciUGJiKIKRJ4bkNlQgOuW/UaCIs2UTzutHxNfNVFIxuyNovS4QFzTRofb+8JDkH4MzYS6xclM6qjaS7bniWVA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 00:35:04 GMT

GET
H3-29 200 GG1Y0sYc7My.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 475C 5 KB
2 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 00:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
cross-origin-resource-policy: cross-origin
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: 3ghk9q1GQL9uKSacB5859rGMBmuamdQ/YMVwg77QggmQf00iMTgkHWLsG6107SVQ/LsKJy9w+CZ4L/F2WAAjcQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 00:03:35 GMT

GET
H3-29 200 8hTzoNzz8sh.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 475C 65 KB
20 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/8hTzoNzz8sh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08f03875899b086d58114180e1df68968e7bb589f451f4d1712c02450db519cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 05:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ee21FiLy8dQL+GohSRPyFA==
cross-origin-resource-policy: cross-origin
content-length: 20319
x-fb-rlafr: 0
x-fb-debug: 0TTCJP6Dl1nvZCMXcL4FVw2LuP51vkLGBMDm5tWs4lald7H4xSxJAdJBO0kaL3a0753Q5HjQgDrZxKMIfNuOWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 05:46:22 GMT

GET
H3-29 200 oKA9MKofxU-.js Show response
www.facebook.com/rsrc.php/v3iAxA4/yc/l/de_DE/ Frame 475C 127 KB
35 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAxA4/yc/l/de_DE/oKA9MKofxU-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f74712e2008087c27b65bc52392c9e7ae3afaef694175506fe0ea28b203c9217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 22:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VzVXhTvQ3X4ezMv28B6C6Q==
cross-origin-resource-policy: cross-origin
content-length: 36064
x-fb-rlafr: 0
x-fb-debug: Xtx7aZt1XCXderT8ANbkJRLyQgpJDJpTzvzkAU0UinlfKluhGlGZGLF0c6frvmieno/DvwREcbpKwNJg0d3QFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 22:29:45 GMT

GET
H2 200 10333703_10150388985649943_742353635764173590_o.jpg
scontent-frt3-2.xx.fbcdn.net/v/t31.18172-0/p130x130/ Frame 475C 18 KB
18 KB 303ms
301ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t31.18172-0/p130x130/10333703_10150388985649943_742353635764173590_o.jpg?_nc_cat=103&ccb=1-3&_nc_sid=dd9801&_nc_ohc=0ZVgxzTHYGgAX_dyB0O&_nc_ht=scontent-frt3-2.xx&tp=6&oh=a684d58e570f9a0772e68859fce5b0de&oe=60EE205D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0a5fe7fe11a5974b224d65ff9394bfa63d70230f95452f62c1e91fe6cd4a5889

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3285663512
date: Wed, 16 Jun 2021 05:22:22 GMT
x-fb-trip-id: 686109401
last-modified: Thu, 29 May 2014 13:45:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: gr-7-lWyT6rozTGuc15-5HAPxOdsdsdCD-FVEzzeMSV1HfUEnTlAeDivHHol1fmqkVlY1Co19PASLQS5WwB17Q
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2863409852
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 18072

GET
H2 200 10390260_10150390064474943_8828354065596066817_n.png
scontent-frx5-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 475C 3 KB
3 KB 23ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/10390260_10150390064474943_8828354065596066817_n.png?_nc_cat=109&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=5tTcf-0Jp-cAX8yeSQa&_nc_ht=scontent-frx5-2.xx&tp=30&oh=796cd2295215b383fb2375cc54b93f7e&oe=60CE0287
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bd2b4184f9da77f6e70691fbdfb60cc61ca34005bad9916758490b87c3835463

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 226827437
date: Wed, 16 Jun 2021 05:22:22 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 02 Jun 2014 06:57:27 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 373130571
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2923

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/997fe684/ Frame B0C7 359 KB
45 KB 19ms
12ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb2261167a008616c0620bf0bec8a9b6969ff99250864f3e8702b3c59c9ee175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:00:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
age: 51702
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46281
x-xss-protection: 0
expires: Wed, 15 Jun 2022 15:00:40 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/997fe684/www-embed-player.vflset/ Frame B0C7 194 KB
64 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3648ff9c18270446e4106c1b332ea27992dc0ac33e1b1b2d35f4ed59598eee71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
age: 51694
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65602
x-xss-protection: 0
expires: Wed, 15 Jun 2022 15:00:48 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7 2 MB
483 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823b19bdfd38969d4800b9e876b4d11eba38e00bd576e5e11c60bb0d20aa168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
age: 51693
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 494431
x-xss-protection: 0
expires: Wed, 15 Jun 2022 15:00:49 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/997fe684/fetch-polyfill.vflset/ Frame B0C7 8 KB
3 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
age: 51694
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 15 Jun 2022 15:00:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B0C7 15 KB
15 KB 9ms
5ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:48:34 GMT
x-content-type-options: nosniff
age: 347628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:48:34 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame 8AF7 3 KB
962 B 20ms
16ms Script
application/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5UyFcr+zn6yWRwGk8CP0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5UyFcr+zn6yWRwGk8CP0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Wed, 16 Jun 2021 05:22:22 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
657 B 92ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fantasy.mn&callback=_gfp_s_&client=ca-pub-8146121578325900

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8f007314fb6f682c0ee70d620b178c95f0a9efbaf355996c013cedccee4c5c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fantasy.mn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fantasy.mn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3EE 603 B
67 B 27ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Jun 2021 05:22:22 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Jun-2021 05:37:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Wed, 16 Jun 2021 05:22:22 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8146121578325900&c=10&n=0&t=0&w=61&x=2

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:22 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D876 256 B
441 B 176ms
125ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d5a5c343a5eb0aea0c4655f0182fbc63fdba3305

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 05:22:22 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 474cc36fc37500e8b7960538b7620ae952a56f69c9501ad70c03fd8cc9a069a5
content-length: 176

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90A3 0
20 B 15ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Jun 2021 05:22:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlJT9JaKSeSzmdeLtFWS1QR1LMeGgkE_sVLl05NGFRleqPYPFFcTtIomTaC; expires=Mon, 11-Jul-2022 05:22:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Jun 2021 05:22:22 GMT
cache-control: private

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 475C 573 B
623 B 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: FsvwSwVMmXwkTE5MLho9t2f/fD32frMa/rt3jWLRpgUQXSNEAuP9E1Bf0zd7hPes+pynghlk1CaaE9fLb2c6WA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Fri, 11 Jun 2021 23:34:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Sat, 11 Jun 2022 23:34:55 GMT

GET
H3-29 200 SaK3b-CCIOe.js Show response
www.facebook.com/rsrc.php/v3/ym/r/ Frame 475C 7 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ym/r/SaK3b-CCIOe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af16a76f192bd7571fc53306adaec4736b59a7edc08fe5ba466f65ecd5ee569b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 19:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ROUK85omt6I8l4YkGp5hjw==
cross-origin-resource-policy: cross-origin
content-length: 2265
x-fb-rlafr: 0
x-fb-debug: o766VOQHSuSxiJZQfw/nl81U1+siYdGHCvFC8CJUSAX9MYEaEJL1XAAYLgNcHn+c8gOf6REJsUhTZrGUpog+ZA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jun 2022 19:33:53 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame B0C7 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535453f10de9c4ab8470189db0af2d0f6e2cbb8016b28e54bf5151f7d003b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B0C7 29 B
424 B 25ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:16:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 325
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 16 Jun 2021 05:31:57 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7 93 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dee1ca0646a4d4b316fd25e6f4ffda67f3650ff369522b7d8aef3b70ac15ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
age: 51626
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29283
x-xss-protection: 0
expires: Wed, 15 Jun 2022 15:01:56 GMT

GET
H2 200 Plk04VvIO51FvnH88uf5HfFM8FhHGRJP4cFq7FoB5yo.js Show response
www.google.com/js/th/ Frame B0C7 35 KB
13 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Plk04VvIO51FvnH88uf5HfFM8FhHGRJP4cFq7FoB5yo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e5934e15bc83b9d45be71fcf2e7f91df14cf0584719124fe1c16aec5a01e72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 17:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13321
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 17:18:16 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14b9320954426385bad57a756c93f0b5c8a16ad429fc1e792ad2da69dd1a305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 15:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 01:01:25 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 15:00:51 GMT

GET
DATA 200
OK truncated
/ Frame B0C7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwni2tD3AI2BCykiXtdv1ZyDaKrE9LPwkwCQ1eng0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B0C7 3 KB
3 KB 169ms
148ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwni2tD3AI2BCykiXtdv1ZyDaKrE9LPwkwCQ1eng0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ee11ed68f6f1ddee70ebf78a755f4f247a2ac90938d6474240400719dd7d5809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3016
x-xss-protection: 0
server: fife
etag: "v17"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 15 Jun 2021 17:52:44 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/_tm8X40tSCE/ Frame B0C7 27 KB
27 KB 47ms
26ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_tm8X40tSCE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64aa29f5701ddc2027356b3fed9f32e07f161813450f5161ca09d8c439f1eddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27481
x-xss-protection: 0
expires: Wed, 16 Jun 2021 07:22:22 GMT

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 18735
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/674C)
Age: 18725
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B0C7 4 KB
2 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 16 Jun 2021 05:22:22 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame B0C7 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GJBT0w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/_tm8X40tSCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 15 KB
3 KB 185ms
165ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_service_smbs_old&dnt=false&domain=fantasy.mn&lang=en&screen_name=service_smbs&suppress_response_codes=true&t=1804245&tweet_limit=2&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

41b6463669fa6d15b1f6569ea941a21799c378fbe0e22c667bdc3947c21316fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 2991
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Wed, 16 Jun 2021 05:22:23 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: e2568453cd63e6e2adf116ac50bcc29cb43f4a10ab73a8d5a3d89aa2abd92c25
timing-allow-origin: *
x-transaction: 304e1575f1e100fa
expires: Wed, 16 Jun 2021 05:27:23 GMT

GET
H2 200 sSfUYbFK
pbs.twimg.com/card_img/1405031116038295554/ Frame DA0F 10 KB
11 KB 165ms
160ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1405031116038295554/sSfUYbFK?format=jpg&name=280x280

Requested by

Host: fantasy.mn
URL: http://fantasy.mn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

55d7a7286702f8568ee346606e1fc61720806c4c744257e230980e12fe941a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 10706
surrogate-key: card_img card_img/bucket/7 card_img/1405031116038295554
last-modified: Wed, 16 Jun 2021 05:12:56 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ac95250122d8f3b3ac39db819f0b19ad22f308417444c3cb331b3c12cc2f0edb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK nav_home_over.png
fantasy.mn/images/common/ 825 B
1 KB 100ms
98ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_home_over.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "01e6f08e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 825
Expires: 0

GET
H/1.1 200
OK nav_about.png
fantasy.mn/images/common/ 1 KB
1 KB 79ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_about.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "09772ec8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:06 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1026
Expires: 0

GET
H/1.1 200
OK nav_products.png
fantasy.mn/images/common/ 922 B
1 KB 87ms
85ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_products.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "01e6f08e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 922
Expires: 0

GET
H/1.1 200
OK nav_clients.png
fantasy.mn/images/common/ 899 B
1 KB 80ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_clients.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0c4a3ed8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 899
Expires: 0

GET
H/1.1 200
OK nav_contact.png
fantasy.mn/images/common/ 958 B
1 KB 97ms
95ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_contact.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0f1d4ee8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 958
Expires: 0

GET
H/1.1 200
OK icon_FB.png
fantasy.mn/images/common/ 731 B
1 KB 98ms
95ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_FB.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0b67ce68e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:27:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 731
Expires: 0

GET
H/1.1 200
OK icon_twitter.png
fantasy.mn/images/common/ 825 B
1 KB 79ms
78ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_twitter.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "06a41eb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 825
Expires: 0

GET
H/1.1 200
OK icon_linkedin.png
fantasy.mn/images/common/ 779 B
1 KB 78ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_linkedin.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "06a41eb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 779
Expires: 0

GET
H/1.1 200
OK icon_google.png
fantasy.mn/images/common/ 1 KB
2 KB 89ms
88ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_google.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "03d10ea8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1414
Expires: 0

GET
H/1.1 200
OK arrow_readmore.png
fantasy.mn/images/common/ 2 KB
2 KB 89ms
88ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/arrow_readmore.png
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "011da2c9f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 11:24:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 2010
Expires: 0

GET
H/1.1 200
OK nav_about_over.png
fantasy.mn/images/common/ 1 KB
1 KB 81ms
80ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_about_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ae1712a19dc03dea1d8cd626e7757f2172cd788b5561fb706a3dcf7b0a48427

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0c4a3ed8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1026
Expires: 0

GET
H/1.1 200
OK nav_products_over.png
fantasy.mn/images/common/ 925 B
1 KB 84ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_products_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7461e819865c78b19f5815d597fda2be68311768c4ed9190ae8a8c3f26076aef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "01e6f08e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 925
Expires: 0

GET
H/1.1 200
OK nav_clients_over.png
fantasy.mn/images/common/ 899 B
1 KB 78ms
78ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_clients_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28c84ac512cd8d44289efa1bf2e1cf85037e40f437fa3d72fd7e360c0070f7fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0f1d4ee8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 899
Expires: 0

GET
H/1.1 200
OK nav_contact_over.png
fantasy.mn/images/common/ 958 B
1 KB 78ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/nav_contact_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3acbb4df5d400485c97bab929566e9d6be4223420c7e9a0a1d96588689d7c2ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0f1d4ee8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 958
Expires: 0

GET
H/1.1 200
OK icon_FB_over.png
fantasy.mn/images/common/ 732 B
1 KB 81ms
81ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_FB_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33549ab5c147847d8caf14b4d061c88e1e3505f1ef558c653eda5b8b379d32c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "010dfe88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 732
Expires: 0

GET
H/1.1 200
OK icon_twitter_over.png
fantasy.mn/images/common/ 825 B
1 KB 84ms
83ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_twitter_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 239f4f8361e3cab60b3164de0ef064fda6bcb4bc6f07ec7f02cc4b8c16cc100b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "09772ec8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:06 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 825
Expires: 0

GET
H/1.1 200
OK icon_linkedin_over.png
fantasy.mn/images/common/ 779 B
1 KB 88ms
88ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_linkedin_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35c82533b012024689300b1e85befa3e042c7a662fe1c7833db545a4d7affc95

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "06a41eb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 779
Expires: 0

GET
H/1.1 200
OK icon_google_over.png
fantasy.mn/images/common/ 1 KB
2 KB 87ms
87ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/icon_google_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b2fb7c9c72c784762cbf9d62cc35b613be568ebe0aa1c10ff17c4f3284dae7f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "03d10ea8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1394
Expires: 0

GET
H/1.1 200
OK arrow_readmore_over.png
fantasy.mn/images/common/ 2 KB
2 KB 78ms
77ms Image
image/png 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/common/arrow_readmore_over.png
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 88c4c30f3e5093e07196e3cbeab1f269304ad8a9ea106e17e5ba4b7f07572610

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:23 GMT
ETag: "0e1ec3f9f9acf1:0"
Last-Modified: Tue, 08 Jul 2014 11:24:58 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1762
Expires: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210610&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecfc8cfc090c6e54e5faf93aea9d729bd6376382e9fc0a492e25230b61a770a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Jun 2021 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8406
x-xss-protection: 0

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame DA0F 53 KB
12 KB 8ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/673A)
Age: 18736
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 9ms
8ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 05:22:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/673A)
Age: 18736
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 UyjIkLT__normal.png
pbs.twimg.com/profile_images/473357983368237056/ Frame DA0F 3 KB
3 KB 16ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/473357983368237056/UyjIkLT__normal.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

5aab40d50a055caec4c7b87833e046d61c10e4643fcc8eba3bd0fc46ef4e1ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options: nosniff
age: 222013
x-cache: MISS
content-length: 3251
surrogate-key: profile_images profile_images/bucket/9 profile_images/473357983368237056
last-modified: Mon, 02 Jun 2014 06:56:32 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3503d80ee6c86b5b7e788e1973c5878c06e613375bb93dc512b2347ab9a50926
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 JXNWY7iv_normal.jpg
pbs.twimg.com/profile_images/1398259947847233538/ Frame DA0F 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1398259947847233538/JXNWY7iv_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) /

Resource Hash

34a32a1e9862c96edb41c42c4d8ea0bc14475f185709ac9161f74be011657848

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options: nosniff
age: 405218
x-cache: HIT
content-length: 1959
surrogate-key: profile_images profile_images/bucket/4 profile_images/1398259947847233538
last-modified: Fri, 28 May 2021 12:46:44 GMT
server: ECS (frb/6796)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 458daa16a49985ce40df6100594236a56bace8f82dbc831aa2ed79851376ad75
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame DA0F 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame DA0F 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame DA0F 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame DA0F 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 16 Jun 2021 05:22:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8994 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 15 Jun 2021 19:34:23 GMT
expires: Wed, 15 Jun 2022 19:34:23 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F5E 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e568b78c19ce7d51b6f7d49c8c4966e9ee2d5bfe5be069575c89c52ce6ed1846

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-95/gJI6AFWAA8haYTXX3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fantasy.mn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fantasy.mn/

Response headers

expires: Wed, 16 Jun 2021 05:22:23 GMT
date: Wed, 16 Jun 2021 05:22:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-95/gJI6AFWAA8haYTXX3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js Show response
pagead2.googlesyndication.com/bg/ Frame 8994 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 11:18:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210610&jk=1221609258163507&bg=!jY6ljsrNAAY2kFOVNpA7ACkAdvg8WpBg1TvikiodQHcDnFNJOeFhvO07tCDif3Ny0ko7i71VCJpjtgIAAABFUgAAAAtoAQcKAEa7e1dNVPx3AxyFo_3NJWUoctBd8zSom5z6liwq80jSUeg-JBSsqW4G-dQZEa3qToX7WiO3xZp0ZPF2BSySQ1-uNOlbp0LrmQJv_HeqavZoAXpKM1D3siTHHcBYy3ENmpynbUeYe6trlwjXOiJfPiRf7r-C8tHfsTpL9DCHfCz0plyWVvQaCrj3OowR9IABn1NeOpN7gd14tfWzNx7msno1bGwdFCdh8srSYDjaKzDkAEL-qAjxWUVWUSg9VM6n15804geaJ6F9CGP8_RnJFvv9lb6U943wggDzAJ1m8M78uvZu3BRksTUWMMfrQRPaEBUz6eklsOktxG4R4UnDGxvKrvU6IzPATanX0_-Ls0QKZLxOx6bsYw_IFiqfFsAh9zOwy_JDv55dPsSCaLgd_vRp_BgZbjhZlVGr6jJ_wvTyhUYEOEidSWmV4dOIo7j1mVo0vbuYVnXpsyuyyQ8dv-6FosVHywiAkxyKRs4CMlKiQWBOltHlwnyjSHpWhIKAx41yWWgXic6dtP_vUQVc94irFEy1EOidH7tHcCbW7D67U5Y13Uumc16EdW3_4LfeYNwiHyukymMzfulDS5jYHuJs8Js1_SXoMI4r59OvOEOC5MASBxcpagc7XDHp69RJAIkZ-RlExgN1BD_YGM-JNZ7iEKKXGhnmlppMLsYmIcfS1HLqyU7awSjW2XNhFTRguRWN1l88Q6qMb2JEmNr7dsBWaXYmZh_nhDrebJ15W7jkZfA1jPMA_s12SfB4w62UzvznOR6nHj_zTQ_PGRKAG3vR9A-KEriM0xwZNV6-5PDyxqrTF4Hs5z7rZnawhhsltDy4vDdUAiatKrRJoa0uP54HqbqqSFHizNhIov244q5Qgytm993t7yONqlm6YCPdRd4pVdqzqklmcphZGDcxX_DLoq_Qfn1uGLA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 63FE
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
570 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://fantasy.mn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 18731
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Jun 2021 05:22:23 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Wed, 16 Jun 2021 05:22:23 GMT
pragma: no-cache
server: tsa_f
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Wed, 16 Jun 2021 05:22:23 GMT
x-transaction: 22f52ac3c18c1505
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 474cc36fc37500e8b7960538b7620ae952a56f69c9501ad70c03fd8cc9a069a5

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B0C7 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_tm8X40tSCE
X-YouTube-Client-Version: 1.20210614.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgtoek5pSEpBQTBWayiOlaaGBg%3D%3D
X-YouTube-Ad-Signals: dt=1623820942690&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C350%2C300&vis=1&wgl=true&ca_type=image&bid=ANyPxKpWvQBx-LLuMlnnCkE2Co7M4UccMcY0uhCtgf6iQZ8EV8Gob4-jfzBxC3cAYplbMT5oWHHPGquRLTvVHYm378dmdwRE9g

Response headers

date: Wed, 16 Jun 2021 05:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 16 Jun 2021 05:22:24 GMT

GET
H/1.1 200
OK home_banner_02.jpg
fantasy.mn/images/content/ 51 KB
51 KB 79ms
79ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_02.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:26 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 52190
Expires: 0

GET
H/1.1 200
OK home_banner_02.jpg
fantasy.mn/images/content/ 51 KB
51 KB 77ms
76ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_02.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Cookie: ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:26 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 52190
Expires: 0

GET
H/1.1 200
OK home_banner_03.jpg
fantasy.mn/images/content/ 66 KB
67 KB 79ms
79ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_03.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:30 GMT
ETag: "0e0f1fb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 68009
Expires: 0

GET
H/1.1 200
OK home_banner_03.jpg
fantasy.mn/images/content/ 66 KB
67 KB 77ms
77ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_03.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:30 GMT
ETag: "0e0f1fb8e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 68009
Expires: 0

GET
H/1.1 200
OK home_banner_01.jpg
fantasy.mn/images/content/ 57 KB
58 KB 78ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_01.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:35 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 58687
Expires: 0

GET
H/1.1 200
OK home_banner_01.jpg
fantasy.mn/images/content/ 57 KB
58 KB 78ms
78ms Image
image/jpeg 82.166.139.113
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fantasy.mn/images/content/home_banner_01.jpg
Requested by: Host: fantasy.mn
URL: http://fantasy.mn/
Protocol: HTTP/1.1
Server: 82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fantasy.mn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fantasy.mn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fantasy.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Jun 2021 05:22:35 GMT
ETag: "0595ef88e9acf1:0"
Last-Modified: Tue, 08 Jul 2014 09:28:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 58687
Expires: 0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:25:16	Name: IDE Value: AHWqTUlJT9JaKSeSzmdeLtFWS1QR1LMeGgkE_sVLl05NGFRleqPYPFFcTtIomTaC
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zEITVRoBmNg
fantasy.mn/	1969-12-31 23:59:59	Name: ASPSESSIONIDSCQCBQTC Value: BCJDOPLAEJKFIKEOCJICOPKC
.fantasy.mn/	1970-01-20 04:25:16	Name: __gads Value: ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
.youtube.com/	1970-01-19 23:22:52	Name: VISITOR_INFO1_LIVE Value: hzNiHJAA0Vk
.fantasy.mn/	1970-01-19 19:03:41	Name: _gat Value: 1
.fantasy.mn/	1970-01-20 12:34:52	Name: _ga Value: GA1.2.298461400.1623820942
.fantasy.mn/	1970-01-19 19:05:07	Name: _gid Value: GA1.2.1268245140.1623820942

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz(Line 57) Message: ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api	info	URL: http://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.syndication.twimg.com
fantasy.mn
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-2.xx.fbcdn.net
static.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.136
142.250.185.130
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
82.166.139.113
00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fdf9f52c63f09dc4dd47c14149081a3540d4344257e822ca5b8d65d6a50a2f
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
08f03875899b086d58114180e1df68968e7bb589f451f4d1712c02450db519cd
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0a5fe7fe11a5974b224d65ff9394bfa63d70230f95452f62c1e91fe6cd4a5889
0b6b5de27dfe738825048ac82fadc8a71ac90734bdbea1b5213377cc957d67c5
0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b0a6f682bb162fe145ae5b59475e14ebc47effca5946bf9b3cc1556ac4a26b4
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d9bfe56d6f73224dd12c41db77ca25e354eb8c78dac7be47da19200ef3f6f80
1e965559c45dc9185c3715129c514f6f24570908614871884e8bdeeb0458e02b
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
239f4f8361e3cab60b3164de0ef064fda6bcb4bc6f07ec7f02cc4b8c16cc100b
24b89546fe9f900228f3a5efc4c3b55650f7e75a0152e5164f4cd6e544124040
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
263be2b0390f336d5ce3b0f40ea56a4b4165f5dd8e861d9bd1dd33f0f0da7010
27eddaa95b76ffd74cbc9009dc9ade86359777cc03879e40142cdc7c33b48524
28c84ac512cd8d44289efa1bf2e1cf85037e40f437fa3d72fd7e360c0070f7fc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f4d82003a9ccaea85da33302a956d5d0b25eba62de84a472a88559044f8cd8f
306e7ce929e761a54396a94dd9d743285551cf7f9ce4de268d39500c44d5cd31
30889d1f07bbc3d68d22e2a4581ba4b17ea5351acfcff8da059a35801dd161c8
33549ab5c147847d8caf14b4d061c88e1e3505f1ef558c653eda5b8b379d32c4
34a32a1e9862c96edb41c42c4d8ea0bc14475f185709ac9161f74be011657848
35c82533b012024689300b1e85befa3e042c7a662fe1c7833db545a4d7affc95
3648ff9c18270446e4106c1b332ea27992dc0ac33e1b1b2d35f4ed59598eee71
368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928
3acbb4df5d400485c97bab929566e9d6be4223420c7e9a0a1d96588689d7c2ff
3b2fb7c9c72c784762cbf9d62cc35b613be568ebe0aa1c10ff17c4f3284dae7f
3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5934e15bc83b9d45be71fcf2e7f91df14cf0584719124fe1c16aec5a01e72a
409ee755ad7c6aedd167c216500282f1cbf790700874a56b04765f320f93f2f3
41b6463669fa6d15b1f6569ea941a21799c378fbe0e22c667bdc3947c21316fb
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45f788f5719338adf23aeb69b7a68c80293cb3f85e23606c1b96390894ecd699
46c35d5a3c8c6b50ab5774ea6db20a7e5cc067240b625163ee53062a3738f26e
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
535453f10de9c4ab8470189db0af2d0f6e2cbb8016b28e54bf5151f7d003b8d9
558c4c9e5d7148cc4f2dd5e695bbf6d5f66b7a84a268fd95d17309abe38d372d
55d7a7286702f8568ee346606e1fc61720806c4c744257e230980e12fe941a09
59ea71a57f1643405f78000304d400ffec53a9f05d4cdaa3e79feb02b9adc95b
5aab40d50a055caec4c7b87833e046d61c10e4643fcc8eba3bd0fc46ef4e1ff4
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5db5a50cb3bbb884be3bc5d1ca0e590b02663d11d9d2a9345ef9fa0f9ae27a96
5dee1ca0646a4d4b316fd25e6f4ffda67f3650ff369522b7d8aef3b70ac15ef1
5f0e6d59ac597b8bcbc6f85e0eea1b96710f1878f88de94834f6c0a0bbad1187
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63e64263f2644078147f97897a41a218ae5389b1e2b481c0d04fbe7ba4bfd3bf
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64aa29f5701ddc2027356b3fed9f32e07f161813450f5161ca09d8c439f1eddd
64db6cafdbe3eb83f7044e3e90a94fb6ac4719b4445911ee6eedc05a6efa78ad
674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487
6f4ee39bf62c358118df64a88f9ba7715716320091512526171126dbe4a22957
7461e819865c78b19f5815d597fda2be68311768c4ed9190ae8a8c3f26076aef
781a60f1acd62d77ea3583dd0ad841b0eeded58aeb40eb53a7554ed1e0329ed2
7ae1712a19dc03dea1d8cd626e7757f2172cd788b5561fb706a3dcf7b0a48427
823b19bdfd38969d4800b9e876b4d11eba38e00bd576e5e11c60bb0d20aa168f
827d621a7ec6c588784bb98b03e2ad8469971761bde32a6b551615dd4febbf9d
85d3c2b48d1b2a8da9437a329ae39da1c39c77381bb152d52276f54ce84d39b8
86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88c4c30f3e5093e07196e3cbeab1f269304ad8a9ea106e17e5ba4b7f07572610
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9
8f007314fb6f682c0ee70d620b178c95f0a9efbaf355996c013cedccee4c5c8c
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
90062a4d70d3df2d56150dee6e79c3245a5f300bdbde9f3fadf284dd63e55dea
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
92d83b64e8246125206a18ed12a3dd6d1ec60377151786f9ce6449d3bc3fd015
92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea
9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2
98b77371ef0408c481830bfcdcc3a729550d9966d8c0d839bcb3ce11da4fdd44
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a14b9320954426385bad57a756c93f0b5c8a16ad429fc1e792ad2da69dd1a305
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a6a8442d6bde0d404ddbbe9658f4a5075aa3f18910057f01e91fb030aa88d132
af16a76f192bd7571fc53306adaec4736b59a7edc08fe5ba466f65ecd5ee569b
b0414cd9a63cee7af991c13817e46d30190ac41a8711cdae78718da6d380e572
b0802aa12255d2fee14aecb6b0e28a3c38fa1051691aeeea1f76852a587876f3
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f
bd2b4184f9da77f6e70691fbdfb60cc61ca34005bad9916758490b87c3835463
bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0
c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cd91af7aafe4cb87de04cf2cfa7e4d0e4f3019935c6dfd29152e333e12611987
d6c368f0258fe8a0e5c72892749c747c4e44d76aa11e41a1f185d876a337be47
d6ce08e9aa75691bf826585fa190004f5187fd1e55989a0aac7efeb6c329edf6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de179b376f13f57bbf77368070f74aeaf16fcab52479fcee885ced8a0c4e3da1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e568b78c19ce7d51b6f7d49c8c4966e9ee2d5bfe5be069575c89c52ce6ed1846
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d
eb2261167a008616c0620bf0bec8a9b6969ff99250864f3e8702b3c59c9ee175
ecfc8cfc090c6e54e5faf93aea9d729bd6376382e9fc0a492e25230b61a770a5
edec3b266f399077c27933aa77e749dcca3372d5feafa0229ab6d948d78028a1
ee11ed68f6f1ddee70ebf78a755f4f247a2ac90938d6474240400719dd7d5809
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef806aba43683fdfa44cd0f0b934a5e67942d3275abcbbec6989777821b1cb1c
efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782
f3072b0128ce0987315c4074f0e4e6c61d3f12219c497d4282a58e7a82387905
f74712e2008087c27b65bc52392c9e7ae3afaef694175506fe0ea28b203c9217

fantasy.mn Open in urlscan Pro 82.166.139.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

139 Requests

44 %HTTPS

89 %IPv6

17 Domains

27 Subdomains

28 IPs

3 Countries

2820 kBTransfer

5993 kBSize

8 Cookies

6 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fantasy.mn Open in urlscan Pro
82.166.139.113 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

44 %
HTTPS

89 %
IPv6

17
Domains

27
Subdomains

28
IPs

3
Countries

2820 kB
Transfer

5993 kB
Size

8
Cookies

139 HTTP transactions
5 data transactions