URL: http://fantasy.mn/
Submission: On June 16 via manual from AU

Summary

This website contacted 28 IPs in 3 countries across 17 domains to perform 139 HTTP transactions. The main IP is 82.166.139.113, located in Rishon LeZiyyon, Israel and belongs to NV-ASN CELLCOM ltd., IL. The main domain is fantasy.mn.
This is the only time fantasy.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
70 82.166.139.113 1680 (NV-ASN CE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2606:2800:234... 15133 (EDGECAST)
9 2a03:2880:f11... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:134... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
139 28
Domain Requested by
70 fantasy.mn fantasy.mn
9 www.youtube.com fantasy.mn
www.youtube.com
9 www.facebook.com fantasy.mn
www.facebook.com
7 platform.twitter.com fantasy.mn
platform.twitter.com
6 pagead2.googlesyndication.com fantasy.mn
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 www.gstatic.com fantasy.mn
translate.googleapis.com
www.youtube.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
3 pbs.twimg.com fantasy.mn
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 www.google-analytics.com fantasy.mn
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 ajax.googleapis.com fantasy.mn
1 cdn.syndication.twimg.com platform.twitter.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 scontent-frx5-2.xx.fbcdn.net www.facebook.com
1 scontent-frt3-2.xx.fbcdn.net www.facebook.com
1 translate.google.com fantasy.mn
1 fonts.googleapis.com fantasy.mn
139 27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
www.s-an-d.co.za
translate.google.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-17 -
2021-08-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-30 -
2021-11-29
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
edgestatic.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh

This page contains 12 frames:

Primary Page: http://fantasy.mn/
Frame ID: 36755E40ACCB971D8420F7AEBD6E68E5
Requests: 98 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Frame ID: 475C6014D7E1C3E508A7D38CDC190823
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_tm8X40tSCE
Frame ID: B0C77EC20C60377A983CFC661CC13AD1
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn
Frame ID: D87635D477C69941C53BC297995E969C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html
Frame ID: 2D8FE9FB8F403A794C3DB288FF65266C
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 8AF77E24E867E284F46B3A506C6AA84E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124
Frame ID: D3EEA3B27564BDC9D3F86D7850BF147A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150
Frame ID: 90A3B9816FE70590125D038038EE17DC
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1405031116038295554/sSfUYbFK?format=jpg&name=280x280
Frame ID: DA0F665DD46E77F0ECA1A54DAE43308F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 89947713CECCF0D85A05FD097BF2DEA6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F5E0BAA6C5D4C876C2067467B6A2495
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 63FE22B26AA2B72797A16E7F4060ECDB
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

139
Requests

44 %
HTTPS

89 %
IPv6

17
Domains

27
Subdomains

28
IPs

3
Countries

2820 kB
Transfer

5993 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Request Chain 46
  • http://www.youtube.com/embed/_tm8X40tSCE HTTP 307
  • https://www.youtube.com/embed/_tm8X40tSCE
Request Chain 49
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 135
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

139 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
fantasy.mn/
18 KB
6 KB
Document
General
Full URL
http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98b77371ef0408c481830bfcdcc3a729550d9966d8c0d839bcb3ce11da4fdd44

Request headers

Host
fantasy.mn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private,no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; path=/
X-Powered-By
ASP.NET
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Length
5894
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e965559c45dc9185c3715129c514f6f24570908614871884e8bdeeb0458e02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16 Jun 2021 03:29:04 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Wed, 16 Jun 2021 05:22:22 GMT
rubinstein.css
fantasy.mn/common/
2 KB
936 B
Stylesheet
General
Full URL
http://fantasy.mn/common/rubinstein.css
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27eddaa95b76ffd74cbc9009dc9ade86359777cc03879e40142cdc7c33b48524

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"0cc5616e4bd01:0"
Last-Modified
Wed, 18 Feb 2015 11:31:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
562
Expires
0
imagerollover.js
fantasy.mn/js/
4 KB
2 KB
Script
General
Full URL
http://fantasy.mn/js/imagerollover.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
263be2b0390f336d5ce3b0f40ea56a4b4165f5dd8e861d9bd1dd33f0f0da7010

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"096ed588f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1507
Expires
0
home_blocks.css
fantasy.mn/common/
1 KB
947 B
Stylesheet
General
Full URL
http://fantasy.mn/common/home_blocks.css
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b0a6f682bb162fe145ae5b59475e14ebc47effca5946bf9b3cc1556ac4a26b4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"0bfb0a98e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:26:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
572
Expires
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:02:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1208
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33333
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 16 Jun 2022 05:02:14 GMT
jquery.simplyscroll.js
fantasy.mn/js/
12 KB
4 KB
Script
General
Full URL
http://fantasy.mn/js/jquery.simplyscroll.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef806aba43683fdfa44cd0f0b934a5e67942d3275abcbbec6989777821b1cb1c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"093316d8f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
4132
Expires
0
jquery.simplyscroll.css
fantasy.mn/common/
2 KB
1 KB
Stylesheet
General
Full URL
http://fantasy.mn/common/jquery.simplyscroll.css
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
306e7ce929e761a54396a94dd9d743285551cf7f9ce4de268d39500c44d5cd31

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"0bfb0a98e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:26:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
963
Expires
0
allinone_bannerRotator.css
fantasy.mn/common/
6 KB
2 KB
Stylesheet
General
Full URL
http://fantasy.mn/common/allinone_bannerRotator.css
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30889d1f07bbc3d68d22e2a4581ba4b17ea5351acfcff8da059a35801dd161c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"0927fa88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:26:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1489
Expires
0
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/
196 KB
197 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0414cd9a63cee7af991c13817e46d30190ac41a8711cdae78718da6d380e572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 04:52:49 GMT
X-Content-Type-Options
nosniff
Age
1773
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
200748
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 16 Jun 2022 04:52:49 GMT
jquery.ui.touch-punch.min.js
fantasy.mn/js/
1 KB
1 KB
Script
General
Full URL
http://fantasy.mn/js/jquery.ui.touch-punch.min.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6c368f0258fe8a0e5c72892749c747c4e44d76aa11e41a1f185d876a337be47

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"0ed936f8f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
736
Expires
0
allinone_bannerRotator.js
fantasy.mn/js/
25 KB
8 KB
Script
General
Full URL
http://fantasy.mn/js/allinone_bannerRotator.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
781a60f1acd62d77ea3583dd0ad841b0eeded58aeb40eb53a7554ed1e0329ed2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"069bc578f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
7980
Expires
0
logo.png
fantasy.mn/images/common/
2 KB
3 KB
Image
General
Full URL
http://fantasy.mn/images/common/logo.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
64db6cafdbe3eb83f7044e3e90a94fb6ac4719b4445911ee6eedc05a6efa78ad

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"09772ec8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
2354
Expires
0
nav_home_over.png
fantasy.mn/images/common/
825 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_home_over.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"01e6f08e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
825
Expires
0
nav_about.png
fantasy.mn/images/common/
1 KB
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_about.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"09772ec8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1026
Expires
0
nav_products.png
fantasy.mn/images/common/
922 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_products.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"01e6f08e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
922
Expires
0
nav_clients.png
fantasy.mn/images/common/
899 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_clients.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0c4a3ed8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
899
Expires
0
nav_contact.png
fantasy.mn/images/common/
958 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_contact.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0f1d4ee8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
958
Expires
0
icon_FB.png
fantasy.mn/images/common/
731 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_FB.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0b67ce68e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:27:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
731
Expires
0
icon_twitter.png
fantasy.mn/images/common/
825 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_twitter.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"06a41eb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
825
Expires
0
icon_linkedin.png
fantasy.mn/images/common/
779 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_linkedin.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"06a41eb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
779
Expires
0
icon_google.png
fantasy.mn/images/common/
1 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_google.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"03d10ea8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1414
Expires
0
home_banner_01.jpg
fantasy.mn/images/content/
57 KB
58 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_01.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
58687
Expires
0
home_banner_02.jpg
fantasy.mn/images/content/
51 KB
51 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_02.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
52190
Expires
0
home_banner_03.jpg
fantasy.mn/images/content/
66 KB
67 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_03.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0e0f1fb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
68009
Expires
0
icon_news.png
fantasy.mn/images/content/
566 B
894 B
Image
General
Full URL
http://fantasy.mn/images/content/icon_news.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92d83b64e8246125206a18ed12a3dd6d1ec60377151786f9ce6449d3bc3fd015

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0c1e718f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
566
Expires
0
Harmony_samples.png
fantasy.mn/images/content/
286 KB
287 KB
Image
General
Full URL
http://fantasy.mn/images/content/Harmony_samples.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59ea71a57f1643405f78000304d400ffec53a9f05d4cdaa3e79feb02b9adc95b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0a5f099a59acf1:0"
Last-Modified
Tue, 08 Jul 2014 12:10:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
293341
Expires
0
arrow_readmore.png
fantasy.mn/images/common/
2 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/arrow_readmore.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"011da2c9f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 11:24:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
2010
Expires
0
jquery.capSlide.js
fantasy.mn/js/
2 KB
1 KB
Script
General
Full URL
http://fantasy.mn/js/jquery.capSlide.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6ce08e9aa75691bf826585fa190004f5187fd1e55989a0aac7efeb6c329edf6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
ETag
"058d9648f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
741
Expires
0
home_fantasy.jpg
fantasy.mn/images/content/
33 KB
33 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_fantasy.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f4d82003a9ccaea85da33302a956d5d0b25eba62de84a472a88559044f8cd8f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0b3c0fa8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:30 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
33664
Expires
0
home_harmony.jpg
fantasy.mn/images/content/
43 KB
44 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_harmony.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
63e64263f2644078147f97897a41a218ae5389b1e2b481c0d04fbe7ba4bfd3bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0d23fd8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:34 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
44265
Expires
0
home_meetTeam.jpg
fantasy.mn/images/content/
26 KB
26 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_meetTeam.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f4ee39bf62c358118df64a88f9ba7715716320091512526171126dbe4a22957

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"03a54fe8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:36 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
26480
Expires
0
icon_clients.png
fantasy.mn/images/content/
576 B
905 B
Image
General
Full URL
http://fantasy.mn/images/content/icon_clients.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cd91af7aafe4cb87de04cf2cfa7e4d0e4f3019935c6dfd29152e333e12611987

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"06785ff8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:38 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
576
Expires
0
logos_04.jpg
fantasy.mn/images/content/
15 KB
15 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_04.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
409ee755ad7c6aedd167c216500282f1cbf790700874a56b04765f320f93f2f3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"05aedfe4ea7d01:0"
Last-Modified
Mon, 15 Jun 2015 09:38:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
15000
Expires
0
logos_01.jpg
fantasy.mn/images/content/
21 KB
21 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_01.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
827d621a7ec6c588784bb98b03e2ad8469971761bde32a6b551615dd4febbf9d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"075ac68f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:50 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
21328
Expires
0
logos_02.jpg
fantasy.mn/images/content/
24 KB
24 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_02.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edec3b266f399077c27933aa77e749dcca3372d5feafa0229ab6d948d78028a1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"075ac68f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:50 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
24399
Expires
0
logos_03.jpg
fantasy.mn/images/content/
22 KB
22 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_03.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1d9bfe56d6f73224dd12c41db77ca25e354eb8c78dac7be47da19200ef3f6f80

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0a2dd78f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
22395
Expires
0
logos_05.jpg
fantasy.mn/images/content/
22 KB
22 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_05.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00fdf9f52c63f09dc4dd47c14149081a3540d4344257e822ca5b8d65d6a50a2f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0fc3fa8f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
22048
Expires
0
logos_06.jpg
fantasy.mn/images/content/
28 KB
28 KB
Image
General
Full URL
http://fantasy.mn/images/content/logos_06.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
558c4c9e5d7148cc4f2dd5e695bbf6d5f66b7a84a268fd95d17309abe38d372d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0b48910a143d01:0"
Last-Modified
Sun, 08 Feb 2015 13:13:44 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
28543
Expires
0
footer_twitter.png
fantasy.mn/images/common/
346 B
675 B
Image
General
Full URL
http://fantasy.mn/images/common/footer_twitter.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5db5a50cb3bbb884be3bc5d1ca0e590b02663d11d9d2a9345ef9fa0f9ae27a96

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"05c1ae48e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:27:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
346
Expires
0
footer_FB.png
fantasy.mn/images/common/
243 B
572 B
Image
General
Full URL
http://fantasy.mn/images/common/footer_FB.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
85d3c2b48d1b2a8da9437a329ae39da1c39c77381bb152d52276f54ce84d39b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"05c1ae48e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:27:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
243
Expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
3458964890517975314
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
48824
X-XSS-Protection
0
Expires
Wed, 16 Jun 2021 05:22:22 GMT
element.js
translate.google.com/translate_a/
10 KB
4 KB
Script
General
Full URL
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
de179b376f13f57bbf77368070f74aeaf16fcab52479fcee885ced8a0c4e3da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
HTTP server (unknown)
Content-Language
en
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
3771
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
bg_main.png
fantasy.mn/images/common/
1 KB
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/bg_main.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/rubinstein.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/rubinstein.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/rubinstein.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
1245
Expires
0
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
15 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://fantasy.mn
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 12 Jun 2021 12:56:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 May 2021 21:21:19 GMT
Server
sffe
Age
318376
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14440
X-XSS-Protection
0
Expires
Sun, 12 Jun 2022 12:56:06 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6712)
Age
701
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
likebox.php
www.facebook.com/plugins/ Frame 475C
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&st...
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&s...
47 KB
14 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45f788f5719338adf23aeb69b7a68c80293cb3f85e23606c1b96390894ecd699
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Ib17pdKKKUVj9FeWBinmoslVG0Cp1O2wH2TPcIbK9ynHGJJhOQGVs6TNcvvk3mZcqhkddOwuS/2PhJqsItHKuQ==
date
Wed, 16 Jun 2021 05:22:22 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Non-Authoritative-Reason
HSTS
_tm8X40tSCE
www.youtube.com/embed/ Frame B0C7
Redirect Chain
  • http://www.youtube.com/embed/_tm8X40tSCE
  • https://www.youtube.com/embed/_tm8X40tSCE
52 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/_tm8X40tSCE
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3072b0128ce0987315c4074f0e4e6c61d3f12219c497d4282a58e7a82387905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/_tm8X40tSCE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 16 Jun 2021 05:22:22 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=zEITVRoBmNg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=hzNiHJAA0Vk; Domain=.youtube.com; Expires=Mon, 13-Dec-2021 05:22:22 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+537; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://www.youtube.com/embed/_tm8X40tSCE
Non-Authoritative-Reason
HSTS
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 16 Jun 2021 06:15:05 GMT
main.js
translate.googleapis.com/translate_static/js/element/
6 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2154
x-xss-protection
0
last-modified
Mon, 24 May 2021 18:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 16 Jun 2021 06:18:53 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1425
date
Wed, 16 Jun 2021 04:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 16 Jun 2021 06:58:37 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
bottomNavBg.png
fantasy.mn/skins/classic/
115 B
444 B
Image
General
Full URL
http://fantasy.mn/skins/classic/bottomNavBg.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f0e6d59ac597b8bcbc6f85e0eea1b96710f1878f88de94834f6c0a0bbad1187

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"07427738f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
115
Expires
0
leftNavOFF.png
fantasy.mn/skins/classic/
598 B
927 B
Image
General
Full URL
http://fantasy.mn/skins/classic/leftNavOFF.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90062a4d70d3df2d56150dee6e79c3245a5f300bdbde9f3fadf284dd63e55dea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0fbba768f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
598
Expires
0
rightNavOFF.png
fantasy.mn/skins/classic/
602 B
931 B
Image
General
Full URL
http://fantasy.mn/skins/classic/rightNavOFF.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b0802aa12255d2fee14aecb6b0e28a3c38fa1051691aeeea1f76852a587876f3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"028ec778f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:32:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
602
Expires
0
bottomNavOFF.png
fantasy.mn/skins/classic/
122 B
451 B
Image
General
Full URL
http://fantasy.mn/skins/classic/bottomNavOFF.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
24b89546fe9f900228f3a5efc4c3b55650f7e75a0152e5164f4cd6e544124040

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0a158748f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:54 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
122
Expires
0
hand.cur
fantasy.mn/skins/
1 KB
1 KB
Image
General
Full URL
http://fantasy.mn/skins/hand.cur
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
1245
Expires
0
bottomNavON.png
fantasy.mn/skins/classic/
122 B
451 B
Image
General
Full URL
http://fantasy.mn/skins/classic/bottomNavON.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/common/allinone_bannerRotator.css
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a6a8442d6bde0d404ddbbe9658f4a5075aa3f18910057f01e91fb030aa88d132

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/common/allinone_bannerRotator.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
ETag
"0a158748f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:31:54 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
122
Expires
0
element_main.js
translate.googleapis.com/element/TE_20210503_00/e/js/element/
252 KB
90 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 21:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91906
x-xss-protection
0
last-modified
Mon, 03 May 2021 09:56:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 21:15:04 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame D876
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://fantasy.mn/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
655
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Jun 2021 05:22:22 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674C)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/
233 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87957
x-xss-protection
0
server
cafe
etag
17726926907594691985
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 05:22:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/ Frame 2D8F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210610/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210610/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 15 Jun 2021 10:43:54 GMT
expires
Tue, 29 Jun 2021 10:43:54 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
67108
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=804139499&t=pageview&_s=1&dl=http%3A%2F%2Ffantasy.mn%2F&ul=en-us&de=UTF-8&dt=Diamond%20Software%2C%20Diamond%20Inventory%2C%20Jewelry%20Stock.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1645369104&gjid=772832199&cid=298461400.1623820942&tid=UA-7390195-4&_gid=1268245140.1623820942&_r=1&_slc=1&z=949267887
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://fantasy.mn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 04:56:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1540
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Thu, 16 Jun 2022 04:56:42 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
997 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 04:33:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2952
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
expires
Thu, 16 Jun 2022 04:33:10 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:17:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
291
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Thu, 16 Jun 2022 05:17:31 GMT
ycAE5xxyu8a.css
www.facebook.com/rsrc.php/v3/yq/l/0,cross/ Frame 475C
17 KB
5 KB
Stylesheet
General
Full URL
https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c35d5a3c8c6b50ab5774ea6db20a7e5cc067240b625163ee53062a3738f26e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 19:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QTDaDFpAg11U7XRvkIvWtA==
cross-origin-resource-policy
cross-origin
content-length
4596
x-fb-rlafr
0
x-fb-debug
RfrOH7qPHZ7qx2SQccP7yzqvw0S3RxMsBZIU16kCDCOZJ437ZL4nGAZ9OUsoIUXcqJDdrwl1P2PjgBXfk8ocCw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 19:33:52 GMT
ggzcJLJkhSr.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame 475C
3 KB
1 KB
Stylesheet
General
Full URL
https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 23:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy
cross-origin
content-length
1102
x-fb-rlafr
0
x-fb-debug
3+4j1ykubwYFku1ScjEyNtMW5oB9SV82187DaaZSt7siJA5lxpO0gyicSR9S+82rJEd3f8ByNTrvIcIZFFnMiQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 Jun 2022 23:43:32 GMT
7xPhjVEY-GQ.js
www.facebook.com/rsrc.php/v3/yC/r/ Frame 475C
296 KB
80 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b6b5de27dfe738825048ac82fadc8a71ac90734bdbea1b5213377cc957d67c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 00:35:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
49Euh+HrGyj8vpTTtttm0Q==
cross-origin-resource-policy
cross-origin
content-length
82280
x-fb-rlafr
0
x-fb-debug
LciUGJiKIKRJ4bkNlQgOuW/UaCIs2UTzutHxNfNVFIxuyNovS4QFzTRofb+8JDkH4MzYS6xclM6qjaS7bniWVA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 00:35:04 GMT
GG1Y0sYc7My.js
www.facebook.com/rsrc.php/v3/yv/r/ Frame 475C
5 KB
2 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 00:03:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kw22OIA6eDgOltzbJdNVmQ==
cross-origin-resource-policy
cross-origin
content-length
1640
x-fb-rlafr
0
x-fb-debug
3ghk9q1GQL9uKSacB5859rGMBmuamdQ/YMVwg77QggmQf00iMTgkHWLsG6107SVQ/LsKJy9w+CZ4L/F2WAAjcQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 00:03:35 GMT
8hTzoNzz8sh.js
www.facebook.com/rsrc.php/v3/yN/r/ Frame 475C
65 KB
20 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/yN/r/8hTzoNzz8sh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08f03875899b086d58114180e1df68968e7bb589f451f4d1712c02450db519cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 05:46:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ee21FiLy8dQL+GohSRPyFA==
cross-origin-resource-policy
cross-origin
content-length
20319
x-fb-rlafr
0
x-fb-debug
0TTCJP6Dl1nvZCMXcL4FVw2LuP51vkLGBMDm5tWs4lald7H4xSxJAdJBO0kaL3a0753Q5HjQgDrZxKMIfNuOWw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 05:46:22 GMT
oKA9MKofxU-.js
www.facebook.com/rsrc.php/v3iAxA4/yc/l/de_DE/ Frame 475C
127 KB
35 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3iAxA4/yc/l/de_DE/oKA9MKofxU-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f74712e2008087c27b65bc52392c9e7ae3afaef694175506fe0ea28b203c9217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:29:45 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
VzVXhTvQ3X4ezMv28B6C6Q==
cross-origin-resource-policy
cross-origin
content-length
36064
x-fb-rlafr
0
x-fb-debug
Xtx7aZt1XCXderT8ANbkJRLyQgpJDJpTzvzkAU0UinlfKluhGlGZGLF0c6frvmieno/DvwREcbpKwNJg0d3QFA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 22:29:45 GMT
10333703_10150388985649943_742353635764173590_o.jpg
scontent-frt3-2.xx.fbcdn.net/v/t31.18172-0/p130x130/ Frame 475C
18 KB
18 KB
Image
General
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t31.18172-0/p130x130/10333703_10150388985649943_742353635764173590_o.jpg?_nc_cat=103&ccb=1-3&_nc_sid=dd9801&_nc_ohc=0ZVgxzTHYGgAX_dyB0O&_nc_ht=scontent-frt3-2.xx&tp=6&oh=a684d58e570f9a0772e68859fce5b0de&oe=60EE205D
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a5fe7fe11a5974b224d65ff9394bfa63d70230f95452f62c1e91fe6cd4a5889

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3285663512
date
Wed, 16 Jun 2021 05:22:22 GMT
x-fb-trip-id
686109401
last-modified
Thu, 29 May 2014 13:45:22 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
gr-7-lWyT6rozTGuc15-5HAPxOdsdsdCD-FVEzzeMSV1HfUEnTlAeDivHHol1fmqkVlY1Co19PASLQS5WwB17Q
cross-origin-resource-policy
cross-origin
x-needle-checksum
2863409852
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
18072
10390260_10150390064474943_8828354065596066817_n.png
scontent-frx5-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 475C
3 KB
3 KB
Image
General
Full URL
https://scontent-frx5-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/10390260_10150390064474943_8828354065596066817_n.png?_nc_cat=109&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=5tTcf-0Jp-cAX8yeSQa&_nc_ht=scontent-frx5-2.xx&tp=30&oh=796cd2295215b383fb2375cc54b93f7e&oe=60CE0287
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd2b4184f9da77f6e70691fbdfb60cc61ca34005bad9916758490b87c3835463

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
226827437
date
Wed, 16 Jun 2021 05:22:22 GMT
x-fb-trip-id
917726464
last-modified
Mon, 02 Jun 2014 06:57:27 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
373130571
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2923
www-player-webp.css
www.youtube.com/s/player/997fe684/ Frame B0C7
359 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/997fe684/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb2261167a008616c0620bf0bec8a9b6969ff99250864f3e8702b3c59c9ee175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
age
51702
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46281
x-xss-protection
0
expires
Wed, 15 Jun 2022 15:00:40 GMT
www-embed-player.js
www.youtube.com/s/player/997fe684/www-embed-player.vflset/ Frame B0C7
194 KB
64 KB
Script
General
Full URL
https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3648ff9c18270446e4106c1b332ea27992dc0ac33e1b1b2d35f4ed59598eee71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
age
51694
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65602
x-xss-protection
0
expires
Wed, 15 Jun 2022 15:00:48 GMT
base.js
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7
2 MB
483 KB
Script
General
Full URL
https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823b19bdfd38969d4800b9e876b4d11eba38e00bd576e5e11c60bb0d20aa168f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
age
51693
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494431
x-xss-protection
0
expires
Wed, 15 Jun 2022 15:00:49 GMT
fetch-polyfill.js
www.youtube.com/s/player/997fe684/fetch-polyfill.vflset/ Frame B0C7
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/997fe684/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
age
51694
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 15 Jun 2022 15:00:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B0C7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:48:34 GMT
x-content-type-options
nosniff
age
347628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:48:34 GMT
l
translate.googleapis.com/translate_a/ Frame 8AF7
3 KB
962 B
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5UyFcr+zn6yWRwGk8CP0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5UyFcr+zn6yWRwGk8CP0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
date
Wed, 16 Jun 2021 05:22:22 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
200 B
657 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fantasy.mn&callback=_gfp_s_&client=ca-pub-8146121578325900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8f007314fb6f682c0ee70d620b178c95f0a9efbaf355996c013cedccee4c5c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fantasy.mn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fantasy.mn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D3EE
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8146121578325900&output=html&h=90&slotname=7263625070&adk=4124446480&adf=2653041513&pi=t.ma~as.7263625070&w=728&lmt=1623820942&psa=0&format=728x90&url=http%3A%2F%2Ffantasy.mn%2F&flash=0&wgl=1&dt=1623820942385&bpp=4&bdt=330&idt=105&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3858225572871&frm=20&pv=2&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ttp3BFjEy5&p=http%3A//fantasy.mn&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Jun 2021 05:22:22 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Jun-2021 05:37:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410781212720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28237
x-xss-protection
0
expires
Wed, 16 Jun 2021 05:22:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
459 B
Image
General
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8146121578325900&c=10&n=0&t=0&w=61&x=2
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:22 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame D876
256 B
441 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=d5a5c343a5eb0aea0c4655f0182fbc63fdba3305
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffantasy.mn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 05:22:22 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
474cc36fc37500e8b7960538b7620ae952a56f69c9501ad70c03fd8cc9a069a5
content-length
176
ads
googleads.g.doubleclick.net/pagead/ Frame 90A3
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8146121578325900&output=html&adk=1812271804&adf=3025194257&lmt=1623820942&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffantasy.mn%2F&ea=0&flash=0&pra=7&wgl=1&dt=1623820942400&bpp=1&bdt=344&idt=143&shv=r20210610&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3858225572871&frm=20&pv=1&ga_vid=298461400.1623820942&ga_sid=1623820943&ga_hid=804139499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531226%2C31061048&oid=3&pvsid=1221609258163507&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Jun 2021 05:22:22 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlJT9JaKSeSzmdeLtFWS1QR1LMeGgkE_sVLl05NGFRleqPYPFFcTtIomTaC; expires=Mon, 11-Jul-2022 05:22:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Jun 2021 05:22:22 GMT
cache-control
private
ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 475C
573 B
623 B
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yq/l/0,cross/ycAE5xxyu8a.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
FsvwSwVMmXwkTE5MLho9t2f/fD32frMa/rt3jWLRpgUQXSNEAuP9E1Bf0zd7hPes+pynghlk1CaaE9fLb2c6WA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Y/eW3MWFNJnkcpEqoXzG3Q==
date
Fri, 11 Jun 2021 23:34:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
573
x-fb-rlafr
0
expires
Sat, 11 Jun 2022 23:34:55 GMT
SaK3b-CCIOe.js
www.facebook.com/rsrc.php/v3/ym/r/ Frame 475C
7 KB
2 KB
Script
General
Full URL
https://www.facebook.com/rsrc.php/v3/ym/r/SaK3b-CCIOe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af16a76f192bd7571fc53306adaec4736b59a7edc08fe5ba466f65ecd5ee569b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FSMBSRubinstein-Software%2F47287399942&width=250&height=258&colorscheme=dark&show_faces=true&header=false&stream=false&show_border=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 19:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ROUK85omt6I8l4YkGp5hjw==
cross-origin-resource-policy
cross-origin
content-length
2265
x-fb-rlafr
0
x-fb-debug
o766VOQHSuSxiJZQfw/nl81U1+siYdGHCvFC8CJUSAX9MYEaEJL1XAAYLgNcHn+c8gOf6REJsUhTZrGUpog+ZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 19:33:53 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B0C7
113 B
159 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
535453f10de9c4ab8470189db0af2d0f6e2cbb8016b28e54bf5151f7d003b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B0C7
29 B
424 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:16:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
325
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 16 Jun 2021 05:31:57 GMT
remote.js
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7
93 KB
29 KB
Script
General
Full URL
https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dee1ca0646a4d4b316fd25e6f4ffda67f3650ff369522b7d8aef3b70ac15ef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:01:56 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
age
51626
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29283
x-xss-protection
0
expires
Wed, 15 Jun 2022 15:01:56 GMT
Plk04VvIO51FvnH88uf5HfFM8FhHGRJP4cFq7FoB5yo.js
www.google.com/js/th/ Frame B0C7
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/Plk04VvIO51FvnH88uf5HfFM8FhHGRJP4cFq7FoB5yo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e5934e15bc83b9d45be71fcf2e7f91df14cf0584719124fe1c16aec5a01e72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 17:18:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
43446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13321
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 13:30:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 17:18:16 GMT
embed.js
www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/ Frame B0C7
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a14b9320954426385bad57a756c93f0b5c8a16ad429fc1e792ad2da69dd1a305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:00:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
51691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7448
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 01:01:25 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 15:00:51 GMT
truncated
/ Frame B0C7
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwni2tD3AI2BCykiXtdv1ZyDaKrE9LPwkwCQ1eng0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B0C7
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwni2tD3AI2BCykiXtdv1ZyDaKrE9LPwkwCQ1eng0=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ee11ed68f6f1ddee70ebf78a755f4f247a2ac90938d6474240400719dd7d5809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3016
x-xss-protection
0
server
fife
etag
"v17"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 15 Jun 2021 17:52:44 GMT
sddefault.jpg
i.ytimg.com/vi/_tm8X40tSCE/ Frame B0C7
27 KB
27 KB
Image
General
Full URL
https://i.ytimg.com/vi/_tm8X40tSCE/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64aa29f5701ddc2027356b3fed9f32e07f161813450f5161ca09d8c439f1eddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27481
x-xss-protection
0
expires
Wed, 16 Jun 2021 07:22:22 GMT
moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
platform.twitter.com/js/
25 KB
8 KB
Script
General
Full URL
https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/67BE)
Age
18735
Etag
"16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8011
timeline.28ecda9667eeb8e1b18898b99fee6c31.js
platform.twitter.com/js/
20 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/674C)
Age
18725
Etag
"c0840e4754c01a08685ae9833ec830c8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6363
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B0C7
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 16 Jun 2021 05:22:22 GMT
generate_204
www.youtube.com/ Frame B0C7
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?GJBT0w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_tm8X40tSCE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/_tm8X40tSCE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
profile
cdn.syndication.twimg.com/timeline/
15 KB
3 KB
Script
General
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_service_smbs_old&dnt=false&domain=fantasy.mn&lang=en&screen_name=service_smbs&suppress_response_codes=true&t=1804245&tweet_limit=2&tz=GMT%2B0200&with_replies=false
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
41b6463669fa6d15b1f6569ea941a21799c378fbe0e22c667bdc3947c21316fb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
access-control-allow-methods
GET
content-length
2991
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
last-modified
Wed, 16 Jun 2021 05:22:23 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
e2568453cd63e6e2adf116ac50bcc29cb43f4a10ab73a8d5a3d89aa2abd92c25
timing-allow-origin
*
x-transaction
304e1575f1e100fa
expires
Wed, 16 Jun 2021 05:27:23 GMT
sSfUYbFK
pbs.twimg.com/card_img/1405031116038295554/ Frame DA0F
10 KB
11 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1405031116038295554/sSfUYbFK?format=jpg&name=280x280
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
55d7a7286702f8568ee346606e1fc61720806c4c744257e230980e12fe941a09
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
10706
surrogate-key
card_img card_img/bucket/7 card_img/1405031116038295554
last-modified
Wed, 16 Jun 2021 05:12:56 GMT
server
ECS (frb/67C0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ac95250122d8f3b3ac39db819f0b19ad22f308417444c3cb331b3c12cc2f0edb
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
nav_home_over.png
fantasy.mn/images/common/
825 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_home_over.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"01e6f08e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
825
Expires
0
nav_about.png
fantasy.mn/images/common/
1 KB
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_about.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"09772ec8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1026
Expires
0
nav_products.png
fantasy.mn/images/common/
922 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_products.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"01e6f08e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
922
Expires
0
nav_clients.png
fantasy.mn/images/common/
899 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_clients.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0c4a3ed8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
899
Expires
0
nav_contact.png
fantasy.mn/images/common/
958 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_contact.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0f1d4ee8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
958
Expires
0
icon_FB.png
fantasy.mn/images/common/
731 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_FB.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0b67ce68e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:27:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
731
Expires
0
icon_twitter.png
fantasy.mn/images/common/
825 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_twitter.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"06a41eb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
825
Expires
0
icon_linkedin.png
fantasy.mn/images/common/
779 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_linkedin.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"06a41eb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
779
Expires
0
icon_google.png
fantasy.mn/images/common/
1 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_google.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"03d10ea8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1414
Expires
0
arrow_readmore.png
fantasy.mn/images/common/
2 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/arrow_readmore.png
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/js/imagerollover.js
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"011da2c9f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 11:24:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
2010
Expires
0
nav_about_over.png
fantasy.mn/images/common/
1 KB
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_about_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ae1712a19dc03dea1d8cd626e7757f2172cd788b5561fb706a3dcf7b0a48427

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0c4a3ed8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1026
Expires
0
nav_products_over.png
fantasy.mn/images/common/
925 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_products_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7461e819865c78b19f5815d597fda2be68311768c4ed9190ae8a8c3f26076aef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"01e6f08e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
925
Expires
0
nav_clients_over.png
fantasy.mn/images/common/
899 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_clients_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28c84ac512cd8d44289efa1bf2e1cf85037e40f437fa3d72fd7e360c0070f7fc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0f1d4ee8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
899
Expires
0
nav_contact_over.png
fantasy.mn/images/common/
958 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/nav_contact_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3acbb4df5d400485c97bab929566e9d6be4223420c7e9a0a1d96588689d7c2ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0f1d4ee8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
958
Expires
0
icon_FB_over.png
fantasy.mn/images/common/
732 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_FB_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33549ab5c147847d8caf14b4d061c88e1e3505f1ef558c653eda5b8b379d32c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"010dfe88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
732
Expires
0
icon_twitter_over.png
fantasy.mn/images/common/
825 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_twitter_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
239f4f8361e3cab60b3164de0ef064fda6bcb4bc6f07ec7f02cc4b8c16cc100b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"09772ec8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
825
Expires
0
icon_linkedin_over.png
fantasy.mn/images/common/
779 B
1 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_linkedin_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35c82533b012024689300b1e85befa3e042c7a662fe1c7833db545a4d7affc95

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"06a41eb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
779
Expires
0
icon_google_over.png
fantasy.mn/images/common/
1 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/icon_google_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b2fb7c9c72c784762cbf9d62cc35b613be568ebe0aa1c10ff17c4f3284dae7f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"03d10ea8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1394
Expires
0
arrow_readmore_over.png
fantasy.mn/images/common/
2 KB
2 KB
Image
General
Full URL
http://fantasy.mn/images/common/arrow_readmore_over.png
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88c4c30f3e5093e07196e3cbeab1f269304ad8a9ea106e17e5ba4b7f07572610

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:23 GMT
ETag
"0e1ec3f9f9acf1:0"
Last-Modified
Tue, 08 Jul 2014 11:24:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
1762
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210610&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecfc8cfc090c6e54e5faf93aea9d729bd6376382e9fc0a492e25230b61a770a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Jun 2021 05:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8406
x-xss-protection
0
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame DA0F
53 KB
12 KB
Stylesheet
General
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 20:42:54 GMT
Server
ECS (frb/673A)
Age
18736
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/
53 KB
53 KB
Image
General
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 05:22:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 20:42:54 GMT
Server
ECS (frb/673A)
Age
18736
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
UyjIkLT__normal.png
pbs.twimg.com/profile_images/473357983368237056/ Frame DA0F
3 KB
3 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/473357983368237056/UyjIkLT__normal.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
5aab40d50a055caec4c7b87833e046d61c10e4643fcc8eba3bd0fc46ef4e1ff4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options
nosniff
age
222013
x-cache
MISS
content-length
3251
surrogate-key
profile_images profile_images/bucket/9 profile_images/473357983368237056
last-modified
Mon, 02 Jun 2014 06:56:32 GMT
server
ECS (frb/6772)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3503d80ee6c86b5b7e788e1973c5878c06e613375bb93dc512b2347ab9a50926
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
JXNWY7iv_normal.jpg
pbs.twimg.com/profile_images/1398259947847233538/ Frame DA0F
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1398259947847233538/JXNWY7iv_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
34a32a1e9862c96edb41c42c4d8ea0bc14475f185709ac9161f74be011657848
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options
nosniff
age
405218
x-cache
HIT
content-length
1959
surrogate-key
profile_images profile_images/bucket/4 profile_images/1398259947847233538
last-modified
Fri, 28 May 2021 12:46:44 GMT
server
ECS (frb/6796)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
458daa16a49985ce40df6100594236a56bace8f82dbc831aa2ed79851376ad75
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
truncated
/ Frame DA0F
825 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame DA0F
572 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame DA0F
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame DA0F
607 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210610/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8146121578325900&plah=fantasy.mn&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 16 Jun 2021 05:22:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8994
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 15 Jun 2021 19:34:23 GMT
expires
Wed, 15 Jun 2022 19:34:23 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5F5E
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e568b78c19ce7d51b6f7d49c8c4966e9ee2d5bfe5be069575c89c52ce6ed1846
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-95/gJI6AFWAA8haYTXX3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://fantasy.mn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://fantasy.mn/

Response headers

expires
Wed, 16 Jun 2021 05:22:23 GMT
date
Wed, 16 Jun 2021 05:22:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-95/gJI6AFWAA8haYTXX3kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js
pagead2.googlesyndication.com/bg/ Frame 8994
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/77QJnXdfWOmXMWLESOrFmtDRQ32gQz50Isq2vYmDN4I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
324218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5734
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 11:18:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210610&jk=1221609258163507&bg=!jY6ljsrNAAY2kFOVNpA7ACkAdvg8WpBg1TvikiodQHcDnFNJOeFhvO07tCDif3Ny0ko7i71VCJpjtgIAAABFUgAAAAtoAQcKAEa7e1dNVPx3AxyFo_3NJWUoctBd8zSom5z6liwq80jSUeg-JBSsqW4G-dQZEa3qToX7WiO3xZp0ZPF2BSySQ1-uNOlbp0LrmQJv_HeqavZoAXpKM1D3siTHHcBYy3ENmpynbUeYe6trlwjXOiJfPiRf7r-C8tHfsTpL9DCHfCz0plyWVvQaCrj3OowR9IABn1NeOpN7gd14tfWzNx7msno1bGwdFCdh8srSYDjaKzDkAEL-qAjxWUVWUSg9VM6n15804geaJ6F9CGP8_RnJFvv9lb6U943wggDzAJ1m8M78uvZu3BRksTUWMMfrQRPaEBUz6eklsOktxG4R4UnDGxvKrvU6IzPATanX0_-Ls0QKZLxOx6bsYw_IFiqfFsAh9zOwy_JDv55dPsSCaLgd_vRp_BgZbjhZlVGr6jJ_wvTyhUYEOEidSWmV4dOIo7j1mVo0vbuYVnXpsyuyyQ8dv-6FosVHywiAkxyKRs4CMlKiQWBOltHlwnyjSHpWhIKAx41yWWgXic6dtP_vUQVc94irFEy1EOidH7tHcCbW7D67U5Y13Uumc16EdW3_4LfeYNwiHyukymMzfulDS5jYHuJs8Js1_SXoMI4r59OvOEOC5MASBxcpagc7XDHp69RJAIkZ-RlExgN1BD_YGM-JNZ7iEKKXGhnmlppMLsYmIcfS1HLqyU7awSjW2XNhFTRguRWN1l88Q6qMb2JEmNr7dsBWaXYmZh_nhDrebJ15W7jkZfA1jPMA_s12SfB4w62UzvznOR6nHj_zTQ_PGRKAG3vR9A-KEriM0xwZNV6-5PDyxqrTF4Hs5z7rZnawhhsltDy4vDdUAiatKrRJoa0uP54HqbqqSFHizNhIov244q5Qgytm993t7yONqlm6YCPdRd4pVdqzqklmcphZGDcxX_DLoq_Qfn1uGLA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Jun 2021 05:22:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jot.html
platform.twitter.com/ Frame 63FE
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
570 B
Document
General
Full URL
https://platform.twitter.com/jot.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://fantasy.mn
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
18731
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Jun 2021 05:22:23 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Wed, 16 Jun 2021 05:22:23 GMT
pragma
no-cache
server
tsa_f
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Wed, 16 Jun 2021 05:22:23 GMT
x-transaction
22f52ac3c18c1505
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-connection-hash
474cc36fc37500e8b7960538b7620ae952a56f69c9501ad70c03fd8cc9a069a5
log_event
www.youtube.com/youtubei/v1/ Frame B0C7
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/997fe684/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/_tm8X40tSCE
X-YouTube-Client-Version
1.20210614.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgtoek5pSEpBQTBWayiOlaaGBg%3D%3D
X-YouTube-Ad-Signals
dt=1623820942690&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C350%2C300&vis=1&wgl=true&ca_type=image&bid=ANyPxKpWvQBx-LLuMlnnCkE2Co7M4UccMcY0uhCtgf6iQZ8EV8Gob4-jfzBxC3cAYplbMT5oWHHPGquRLTvVHYm378dmdwRE9g

Response headers

date
Wed, 16 Jun 2021 05:22:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 16 Jun 2021 05:22:24 GMT
home_banner_02.jpg
fantasy.mn/images/content/
51 KB
51 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_02.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:26 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
52190
Expires
0
home_banner_02.jpg
fantasy.mn/images/content/
51 KB
51 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_02.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Cookie
ASPSESSIONIDSCQCBQTC=BCJDOPLAEJKFIKEOCJICOPKC; _ga=GA1.2.298461400.1623820942; _gid=GA1.2.1268245140.1623820942; _gat=1; __gads=ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:26 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
52190
Expires
0
home_banner_03.jpg
fantasy.mn/images/content/
66 KB
67 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_03.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:30 GMT
ETag
"0e0f1fb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
68009
Expires
0
home_banner_03.jpg
fantasy.mn/images/content/
66 KB
67 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_03.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:30 GMT
ETag
"0e0f1fb8e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
68009
Expires
0
home_banner_01.jpg
fantasy.mn/images/content/
57 KB
58 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_01.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:35 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
58687
Expires
0
home_banner_01.jpg
fantasy.mn/images/content/
57 KB
58 KB
Image
General
Full URL
http://fantasy.mn/images/content/home_banner_01.jpg
Requested by
Host: fantasy.mn
URL: http://fantasy.mn/
Protocol
HTTP/1.1
Server
82.166.139.113 Rishon LeZiyyon, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fantasy.mn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://fantasy.mn/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://fantasy.mn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 05:22:35 GMT
ETag
"0595ef88e9acf1:0"
Last-Modified
Tue, 08 Jul 2014 09:28:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
58687
Expires
0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| imageholderclass object| ih number| mouseisdown function| preloader function| mouseup function| mouseup2 function| mousedown function| mouseover function| mouseout function| storeimages function| preloadimgsrc function| $ function| jQuery function| DP_jQuery_1623820942248 function| googleTranslateElementInit function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| adsbygoogle string| GoogleAnalyticsObject function| ga number| responsiveWidth number| responsiveHeight object| currentText_arr object| jQuery1710010962254594500731 object| $this object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| closure_lm_258496 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlJT9JaKSeSzmdeLtFWS1QR1LMeGgkE_sVLl05NGFRleqPYPFFcTtIomTaC
.youtube.com/ Name: YSC
Value: zEITVRoBmNg
fantasy.mn/ Name: ASPSESSIONIDSCQCBQTC
Value: BCJDOPLAEJKFIKEOCJICOPKC
.fantasy.mn/ Name: __gads
Value: ID=d1c74e5288663ed6-220a607d02c900f9:T=1623820942:RT=1623820942:S=ALNI_MakVw4HmsouM2QonXlUQZAKgaq0Og
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: hzNiHJAA0Vk
.fantasy.mn/ Name: _gat
Value: 1
.fantasy.mn/ Name: _ga
Value: GA1.2.298461400.1623820942
.fantasy.mn/ Name: _gid
Value: GA1.2.1268245140.1623820942

2 Console Messages

Source Level URL
Text
console-api error URL: https://www.facebook.com/rsrc.php/v3/yC/r/7xPhjVEY-GQ.js?_nc_x=Ij3Wp8lg5Kz(Line 57)
Message:
ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api info URL: http://platform.twitter.com/widgets.js(Line 1)
Message:
You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.syndication.twimg.com
fantasy.mn
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-2.xx.fbcdn.net
static.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.136
142.250.185.130
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
82.166.139.113
00bdf197477b14eb5ee66a98aecb8b6539815149ffb9ea920de09e5fe1f3561a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fdf9f52c63f09dc4dd47c14149081a3540d4344257e822ca5b8d65d6a50a2f
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
08f03875899b086d58114180e1df68968e7bb589f451f4d1712c02450db519cd
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0a5fe7fe11a5974b224d65ff9394bfa63d70230f95452f62c1e91fe6cd4a5889
0b6b5de27dfe738825048ac82fadc8a71ac90734bdbea1b5213377cc957d67c5
0dd68a35bf301f264e1c3e0501d39f0debddf1092347b6a17b4e2b3428886a84
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b0a6f682bb162fe145ae5b59475e14ebc47effca5946bf9b3cc1556ac4a26b4
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d9bfe56d6f73224dd12c41db77ca25e354eb8c78dac7be47da19200ef3f6f80
1e965559c45dc9185c3715129c514f6f24570908614871884e8bdeeb0458e02b
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
239f4f8361e3cab60b3164de0ef064fda6bcb4bc6f07ec7f02cc4b8c16cc100b
24b89546fe9f900228f3a5efc4c3b55650f7e75a0152e5164f4cd6e544124040
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
263be2b0390f336d5ce3b0f40ea56a4b4165f5dd8e861d9bd1dd33f0f0da7010
27eddaa95b76ffd74cbc9009dc9ade86359777cc03879e40142cdc7c33b48524
28c84ac512cd8d44289efa1bf2e1cf85037e40f437fa3d72fd7e360c0070f7fc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f4d82003a9ccaea85da33302a956d5d0b25eba62de84a472a88559044f8cd8f
306e7ce929e761a54396a94dd9d743285551cf7f9ce4de268d39500c44d5cd31
30889d1f07bbc3d68d22e2a4581ba4b17ea5351acfcff8da059a35801dd161c8
33549ab5c147847d8caf14b4d061c88e1e3505f1ef558c653eda5b8b379d32c4
34a32a1e9862c96edb41c42c4d8ea0bc14475f185709ac9161f74be011657848
35c82533b012024689300b1e85befa3e042c7a662fe1c7833db545a4d7affc95
3648ff9c18270446e4106c1b332ea27992dc0ac33e1b1b2d35f4ed59598eee71
368efade718185a4a7c8db78295264cb1e6a64728b8c647ee75ed73252060c0a
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3aa307dc5d5b3c1907ed5910f640e6a656bf856d6f5afaa71fe97ecc24ad8928
3acbb4df5d400485c97bab929566e9d6be4223420c7e9a0a1d96588689d7c2ff
3b2fb7c9c72c784762cbf9d62cc35b613be568ebe0aa1c10ff17c4f3284dae7f
3ce8979036474bc19190e17a53609ee5c2ffb358e79e18887011d41924b92218
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5934e15bc83b9d45be71fcf2e7f91df14cf0584719124fe1c16aec5a01e72a
409ee755ad7c6aedd167c216500282f1cbf790700874a56b04765f320f93f2f3
41b6463669fa6d15b1f6569ea941a21799c378fbe0e22c667bdc3947c21316fb
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45f788f5719338adf23aeb69b7a68c80293cb3f85e23606c1b96390894ecd699
46c35d5a3c8c6b50ab5774ea6db20a7e5cc067240b625163ee53062a3738f26e
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
535453f10de9c4ab8470189db0af2d0f6e2cbb8016b28e54bf5151f7d003b8d9
558c4c9e5d7148cc4f2dd5e695bbf6d5f66b7a84a268fd95d17309abe38d372d
55d7a7286702f8568ee346606e1fc61720806c4c744257e230980e12fe941a09
59ea71a57f1643405f78000304d400ffec53a9f05d4cdaa3e79feb02b9adc95b
5aab40d50a055caec4c7b87833e046d61c10e4643fcc8eba3bd0fc46ef4e1ff4
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5db5a50cb3bbb884be3bc5d1ca0e590b02663d11d9d2a9345ef9fa0f9ae27a96
5dee1ca0646a4d4b316fd25e6f4ffda67f3650ff369522b7d8aef3b70ac15ef1
5f0e6d59ac597b8bcbc6f85e0eea1b96710f1878f88de94834f6c0a0bbad1187
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63e64263f2644078147f97897a41a218ae5389b1e2b481c0d04fbe7ba4bfd3bf
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64aa29f5701ddc2027356b3fed9f32e07f161813450f5161ca09d8c439f1eddd
64db6cafdbe3eb83f7044e3e90a94fb6ac4719b4445911ee6eedc05a6efa78ad
674a3b4ca976e447af06113d41367de9b41eb0baebb03dee0ff4286b32c078d2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d82f07329cb6ed7ebb397adc79f4e93f9d2531617770d7725f8817a51cf5487
6f4ee39bf62c358118df64a88f9ba7715716320091512526171126dbe4a22957
7461e819865c78b19f5815d597fda2be68311768c4ed9190ae8a8c3f26076aef
781a60f1acd62d77ea3583dd0ad841b0eeded58aeb40eb53a7554ed1e0329ed2
7ae1712a19dc03dea1d8cd626e7757f2172cd788b5561fb706a3dcf7b0a48427
823b19bdfd38969d4800b9e876b4d11eba38e00bd576e5e11c60bb0d20aa168f
827d621a7ec6c588784bb98b03e2ad8469971761bde32a6b551615dd4febbf9d
85d3c2b48d1b2a8da9437a329ae39da1c39c77381bb152d52276f54ce84d39b8
86d6eda306cb7a8ec61843d32a597bef4a680844987e12bbfabce3a8c66b3786
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88c4c30f3e5093e07196e3cbeab1f269304ad8a9ea106e17e5ba4b7f07572610
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a395c937291cfb6dd6aa863c8e028062fa7ae3215254b002f1e0bbccc5dffd9
8f007314fb6f682c0ee70d620b178c95f0a9efbaf355996c013cedccee4c5c8c
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
90062a4d70d3df2d56150dee6e79c3245a5f300bdbde9f3fadf284dd63e55dea
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
92d83b64e8246125206a18ed12a3dd6d1ec60377151786f9ce6449d3bc3fd015
92df889ddd5703f4fda390c62b9fef4fe94a142632ca8f2ab5ae0409136661ea
9378da454fee6c4a3b228b01b5fe5d2e5911c2f1f29cac35c3c79cae851724c2
98b77371ef0408c481830bfcdcc3a729550d9966d8c0d839bcb3ce11da4fdd44
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a14b9320954426385bad57a756c93f0b5c8a16ad429fc1e792ad2da69dd1a305
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a6a8442d6bde0d404ddbbe9658f4a5075aa3f18910057f01e91fb030aa88d132
af16a76f192bd7571fc53306adaec4736b59a7edc08fe5ba466f65ecd5ee569b
b0414cd9a63cee7af991c13817e46d30190ac41a8711cdae78718da6d380e572
b0802aa12255d2fee14aecb6b0e28a3c38fa1051691aeeea1f76852a587876f3
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b56bec93609c41df8d13ad6f5bab778732eec59a142445ae77c0190062f5245f
bd2b4184f9da77f6e70691fbdfb60cc61ca34005bad9916758490b87c3835463
bdd2b9202e914c09c2e4a235fa6f3ac2dad37fa7d9c075860cba48d51abc60e0
c568209aa7182dcdceeabe38c0f684eeab1008be5aac46ddacd4a77053dc508e
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cd91af7aafe4cb87de04cf2cfa7e4d0e4f3019935c6dfd29152e333e12611987
d6c368f0258fe8a0e5c72892749c747c4e44d76aa11e41a1f185d876a337be47
d6ce08e9aa75691bf826585fa190004f5187fd1e55989a0aac7efeb6c329edf6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de179b376f13f57bbf77368070f74aeaf16fcab52479fcee885ced8a0c4e3da1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e568b78c19ce7d51b6f7d49c8c4966e9ee2d5bfe5be069575c89c52ce6ed1846
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e921a5b342ffc2259bf47cd390286e118b5e11ab87b7989d53711adc8247e66d
eb2261167a008616c0620bf0bec8a9b6969ff99250864f3e8702b3c59c9ee175
ecfc8cfc090c6e54e5faf93aea9d729bd6376382e9fc0a492e25230b61a770a5
edec3b266f399077c27933aa77e749dcca3372d5feafa0229ab6d948d78028a1
ee11ed68f6f1ddee70ebf78a755f4f247a2ac90938d6474240400719dd7d5809
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef806aba43683fdfa44cd0f0b934a5e67942d3275abcbbec6989777821b1cb1c
efb4099d775f58e9973162c448eac59ad0d1437da0433e7422cab6bd89833782
f3072b0128ce0987315c4074f0e4e6c61d3f12219c497d4282a58e7a82387905
f74712e2008087c27b65bc52392c9e7ae3afaef694175506fe0ea28b203c9217