urlscan.io logo urlscan.io
SecurityTrails logo

xsportshd.com Open in urlscan Pro
2606:4700:3035::ac43:a47b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb...
Effective URL: https://xsportshd.com/bundesliga-sports-stream.html
Submission: On October 16 via api from TW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 30 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3035::ac43:a47b, located in United States and belongs to CLOUDFLARENET, US. The main domain is xsportshd.com. The Cisco Umbrella rank of the primary domain is 960711.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2022. Valid for: a year.
This is the only time xsportshd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 44.195.137.121 14618 (AMAZON-AES)
1 18.155.145.6 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 108.138.7.15 16509 (AMAZON-02)
1 1 2a02:b48:207:... 39572 (ADVANCEDH...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 151.101.1.176 54113 (FASTLY)
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 9 13.226.153.105 16509 (AMAZON-02)
3 3 137.74.247.34 16276 (OVH)
3 144.217.67.42 ()
6 52.222.236.85 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 143.204.215.17 ()
87 22
3    44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com
zysqp.wasverym.buzz
1    18.155.145.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-6.ham50.r.cloudfront.net
ehadmethe.xyz
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    108.138.7.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-15.fra56.r.cloudfront.net
hasnoconve.one
1    2a02:b48:207:1::6 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
fymlwv.com
21    2606:4700:3035::ac43:a47b (United States)

ASN13335 (CLOUDFLARENET, US)
xsportshd.com
www.xsportshd.com
4    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
3    2606:4700:3036::6815:27b7 (United States)

ASN13335 (CLOUDFLARENET, US)
live.batstream.tv
3    2606:4700:3030::ac43:a208 (United States)

ASN13335 (CLOUDFLARENET, US)
live.batstream.live
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
live.batstream.cc
sportsmix.net
2    151.101.1.176 (United States)

ASN54113 (FASTLY, US)
free.timeanddate.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
elevisions.xyz
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3034::6815:4811 (United States)

ASN13335 (CLOUDFLARENET, US)
lshunter.me
1    2606:4700:3035::6815:4445 (United States)

ASN13335 (CLOUDFLARENET, US)
socceronline.xyz
1    2606:4700:3036::ac43:a4e8 (United States)

ASN13335 (CLOUDFLARENET, US)
livestotal.net
9    13.226.153.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-105.dus51.r.cloudfront.net
publicatedlit.com
3    137.74.247.34 (Villepinte, France)

ASN16276 (OVH, FR)
PTR: ip34.ip-137-74-247.eu
tm-offers.gamingadult.com
3    144.217.67.42 (None, )

ASN- ()
landing.hentaiheroes.com
6    52.222.236.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-85.fra56.r.cloudfront.net
attentioniau.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    143.204.215.17 (None, )

ASN- ()
witalfieldt.com
Apex Domain
Subdomains		 Transfer
21 xsportshd.com
xsportshd.com — Cisco Umbrella Rank: 960711
www.xsportshd.com
178 KB
9 publicatedlit.com
publicatedlit.com
2 KB
8 witalfieldt.com
witalfieldt.com
6 attentioniau.com
attentioniau.com
6 elevisions.xyz
elevisions.xyz
25 KB
5 batstream.cc
live.batstream.cc — Cisco Umbrella Rank: 673174
48 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 15127
widgets.amung.us — Cisco Umbrella Rank: 19551
3 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 83
2 KB
3 hentaiheroes.com
landing.hentaiheroes.com
3 gamingadult.com
tm-offers.gamingadult.com — Cisco Umbrella Rank: 175204
788 B
3 batstream.live
live.batstream.live — Cisco Umbrella Rank: 688219
2 KB
3 batstream.tv
live.batstream.tv — Cisco Umbrella Rank: 992449
2 KB
3 wasverym.buzz
zysqp.wasverym.buzz
124 KB
2 sportsmix.net
sportsmix.net
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
56 KB
2 timeanddate.com
free.timeanddate.com — Cisco Umbrella Rank: 51769
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
939 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
20 KB
1 livestotal.net
livestotal.net
945 B
1 socceronline.xyz
socceronline.xyz
930 B
1 lshunter.me
lshunter.me
931 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
42 KB
1 fymlwv.com
fymlwv.com
120 B
1 hasnoconve.one
hasnoconve.one — Cisco Umbrella Rank: 32806
489 B
1 gstatic.com
fonts.gstatic.com
12 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 ehadmethe.xyz
ehadmethe.xyz
496 B
0 yandex.ru Failed
mc.yandex.ru Failed
0 yahoo.com Failed
consent.yahoo.com Failed
0 okamata.site Failed
cdn.okamata.site Failed
87 30
Domain Requested by
20 xsportshd.com zysqp.wasverym.buzz
xsportshd.com
elevisions.xyz
9 publicatedlit.com 3 redirects xsportshd.com
8 witalfieldt.com livestotal.net
socceronline.xyz
sportsmix.net
6 attentioniau.com xsportshd.com
lshunter.me
6 elevisions.xyz 1 redirects xsportshd.com
elevisions.xyz
zysqp.wasverym.buzz
5 live.batstream.cc xsportshd.com
live.batstream.cc
4 accounts.google.com 2 redirects zysqp.wasverym.buzz
3 landing.hentaiheroes.com xsportshd.com
3 tm-offers.gamingadult.com 3 redirects
3 live.batstream.live 3 redirects
3 live.batstream.tv 3 redirects
3 zysqp.wasverym.buzz zysqp.wasverym.buzz
2 sportsmix.net elevisions.xyz
sportsmix.net
2 cdnjs.cloudflare.com xsportshd.com
elevisions.xyz
2 free.timeanddate.com xsportshd.com
free.timeanddate.com
2 widgets.amung.us xsportshd.com
elevisions.xyz
2 whos.amung.us 2 redirects
1 fonts.googleapis.com live.batstream.cc
1 maxcdn.bootstrapcdn.com live.batstream.cc
1 livestotal.net elevisions.xyz
1 socceronline.xyz elevisions.xyz
1 lshunter.me elevisions.xyz
1 www.googletagmanager.com xsportshd.com
live.batstream.cc
1 www.xsportshd.com xsportshd.com
1 fymlwv.com 1 redirects
1 hasnoconve.one 1 redirects
1 fonts.gstatic.com zysqp.wasverym.buzz
1 www.facebook.com zysqp.wasverym.buzz
1 ehadmethe.xyz zysqp.wasverym.buzz
0 mc.yandex.ru Failed live.batstream.cc
0 consent.yahoo.com Failed cdnjs.cloudflare.com
xsportshd.com
0 cdn.okamata.site Failed xsportshd.com
87 32

This site contains links to these domains. Also see Links.

Domain
www.xsportshd.com
Subject Issuer Validity Valid
wasverym.buzz
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
ehadmethe.xyz
Amazon RSA 2048 M02		 2022-10-12 -
2023-11-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
*.batstream.cc
E1		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.timeanddate.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-27 -
2023-02-28		 a year crt.sh
*.elevisions.xyz
E1		 2022-10-15 -
2023-01-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.sportsmix.net
E1		 2022-08-27 -
2022-11-25		 3 months crt.sh
landing.hentaiheroes.com
R3		 2022-09-17 -
2022-12-16		 3 months crt.sh
attentioniau.com
Amazon		 2021-12-13 -
2023-01-11		 a year crt.sh
publicatedlit.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
witalfieldt.com
Amazon		 2022-06-09 -
2023-07-08		 a year crt.sh

This page contains 43 frames:

Primary Page: https://xsportshd.com/bundesliga-sports-stream.html
Frame ID: 825A194862F2E115593F57146CEAC0E6
Requests: 29 HTTP requests in this frame

Frame: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Frame ID: 8DBBA547824537AF5CE7525ABCDD0099
Requests: 11 HTTP requests in this frame

Frame: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Frame ID: 336FA16E0B502E32C040DDA73553F84D
Requests: 2 HTTP requests in this frame

Frame: https://elevisions.xyz/tid=215664.html
Frame ID: CC17A605DB174FA058D296533BB18881
Requests: 5 HTTP requests in this frame

Frame: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Frame ID: 2F041DA65C969A80B0BFC39D9D13365C
Requests: 3 HTTP requests in this frame

Frame: https://xsportshd.com/football-streaming-live.html
Frame ID: B0D1A0693A80EF1164509F5BFC2EDF9A
Requests: 2 HTTP requests in this frame

Frame: https://xsportshd.com/football-streaming.html
Frame ID: 4A35730E95C17CBD6560E36B99D37CCB
Requests: 2 HTTP requests in this frame

Frame: https://xsportshd.com/football-hd-streaming.html
Frame ID: 9ED379F0D2E2CCAC73903B1D1A33808E
Requests: 2 HTTP requests in this frame

Frame: https://lshunter.me/hd-streaming.html
Frame ID: 9D4DA640656DA00A544049F1210E3B85
Requests: 1 HTTP requests in this frame

Frame: https://socceronline.xyz/football.html
Frame ID: DC860BB98CF435816F94BD248F315C3A
Requests: 1 HTTP requests in this frame

Frame: https://livestotal.net/football-streaming.html
Frame ID: 52B0EADDCDDA320639D5C0B4140BB371
Requests: 1 HTTP requests in this frame

Frame: https://sportsmix.net/hd-streams.html
Frame ID: 6563820DD1D68340E0435A64BD2F9A57
Requests: 2 HTTP requests in this frame

Frame: https://elevisions.xyz/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Frame ID: E290837B87C5184D3682BC16EFCE2A0D
Requests: 3 HTTP requests in this frame

Frame: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_74dae98e-77b4-4ef6-8f1d-98674cced636
Frame ID: FE69499DC619ED1253D454E6CB06C67C
Requests: 1 HTTP requests in this frame

Frame: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ed0eca2a-36c3-41e3-be4d-270003d12917
Frame ID: A04E1BA98CD5D77290C12D8215174C29
Requests: 1 HTTP requests in this frame

Frame: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH7dd968642cf4cc64f881e9a5c6770839&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Frame ID: 826AE525CC7CB508A626F5894125E73C
Requests: 1 HTTP requests in this frame

Frame: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH0d5b0f6c616a4953e42c92e8de9a68cd&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Frame ID: 024701616876F3A658E2788037CAF3EF
Requests: 1 HTTP requests in this frame

Frame: https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHd25b1ddbbb872c0dc1580397eef28e0a&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Frame ID: 19D3108DB9C9DAD14D6E993A142E85A8
Requests: 1 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=841123&tested=2&if=0
Frame ID: 4A229ECD834BD88C61471E7294EF22ED
Requests: 1 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=841123&tested=2&if=0
Frame ID: A237BB09E084CC107DB5D16B124AC0AC
Requests: 1 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=841123&if=0
Frame ID: 53931803EED6ECE1F5F7522371585B83
Requests: 1 HTTP requests in this frame

Frame: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_f8f71761-024c-44ca-aa51-5aa795f44dbf
Frame ID: 6BCA2E04564D646B6093B7387A30AFBC
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=963757&tested=2&if=0
Frame ID: 873DA99D8218CFA57BF50553E7BC3DD2
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=963757&tested=2&if=0
Frame ID: 5EEBB7BA921FE84510B8E88CC7B57476
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=963757&tested=2
Frame ID: 842E3E69740D86053053460E90403394
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Frame ID: CE9E25B7B3E4179AC97804F72CC0C839
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Frame ID: C01CBC97B77FA6481723D5BCDFF72D89
Requests: 1 HTTP requests in this frame

Frame: https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Frame ID: CEB33876055A2776762A01E750DA1F94
Requests: 1 HTTP requests in this frame

Frame: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4d6d8504-e0eb-4316-adec-c8aeb856c86b
Frame ID: 31CC9B969B7F9EFCD21F07E89094842B
Requests: 1 HTTP requests in this frame

Frame: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Frame ID: 3CFDC12AAB0BA514B9F8B3799A2AADD2
Requests: 3 HTTP requests in this frame

Frame: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Frame ID: AB0EE6DDE5AE0A8F3BD1914595EA56FD
Requests: 3 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=962276&tested=2&if=0
Frame ID: ADD78A2174CDA115C13EF0EC7E686AE0
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=962276
Frame ID: A6644F1E7FC764B9DDADB5F0A287E652
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=962276
Frame ID: E8D0C695462107DCF559452F15C774D7
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=919870&tested=2&if=0
Frame ID: 6DEB2DFF0567789254BFF10A2E5C060E
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=919870&tested=2&if=0
Frame ID: 75CCD3861DF892692D8D9F8727548ADC
Requests: 1 HTTP requests in this frame

Frame: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Frame ID: 3DD111DC4A100237B0B3D2C617577ED0
Requests: 2 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=962708&tested=2&if=0
Frame ID: C73241D5ECBA6142C5AA4F9CEF1114A7
Requests: 1 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=962708&tested=2&if=0
Frame ID: 166190682A0AE27323F57B11840708FD
Requests: 1 HTTP requests in this frame

Frame: https://attentioniau.com/redirect?tid=962708&if=0
Frame ID: E8CC3AC9612EE0276DD86EE8E93470F6
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=937674&tested=2&if=0
Frame ID: DFC48BEB8C64FF1831C6BE76145E7515
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=937674&tested=2&if=0
Frame ID: F1556286DDEC418BF4A59678B2659C6A
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=937674
Frame ID: 2F141D67577E3AC04F7C43701CD1D23E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Live Football Stream Online | XsportsHD Soccer Stream

Page URL History Show full URLs

  1. https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=112698143... Page URL
  2. https://hasnoconve.one/?tid=908057&noocp=1 HTTP 302
    https://fymlwv.com/dsp/cu/clc?aid=571372872948927368&t=1665933813&s=786893&sid=1421 HTTP 302
    https://xsportshd.com/bundesliga-sports-stream.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

80 %
HTTPS

65 %
IPv6

30
Domains

32
Subdomains

22
IPs

4
Countries

517 kB
Transfer

1546 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP Page URL
  2. https://hasnoconve.one/?tid=908057&noocp=1 HTTP 302
    https://fymlwv.com/dsp/cu/clc?aid=571372872948927368&t=1665933813&s=786893&sid=1421 HTTP 302
    https://xsportshd.com/bundesliga-sports-stream.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S990314945%3A1665933812986341&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoJHdlwENbOPM3gnJoEOivE2jNN4aUm09BOZyAjZ15lOS9RgagBmyBUaknhocc63tVV6L0YVQ
Request Chain 12
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1861347361%3A1665933813003086&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_AHj4RF8OB7QXkURR22xR9OB2lybPcsHXDOsEYUrD0-Ym_yYs4GZbGcWyaCa7pQuJemlj
Request Chain 22
  • https://whos.amung.us/cwidget/2i67odvjt3uu/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=515&c=000000ffffff&p=left
Request Chain 25
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333 HTTP 301
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333 HTTP 301
  • https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Request Chain 27
  • https://elevisions.xyz/redirect?tid=936840 HTTP 301
  • https://elevisions.xyz/tid=215664.html
Request Chain 37
  • https://whos.amung.us/cwidget/8qxnu1d28l/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=2050&c=000000ffffff&p=left
Request Chain 46
  • https://cdn.elevisions.xyz/ HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4815628&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/ HTTP 307
  • https://de.yahoo.com/?p=us HTTP 307
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=YjR-7vE&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus HTTP 302
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_74dae98e-77b4-4ef6-8f1d-98674cced636
Request Chain 48
  • https://elevisions.xyz/redirect?tid=918505&tested=2&if=0 HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4815628&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/ HTTP 307
  • https://de.yahoo.com/?p=us HTTP 307
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=ZUGVMu0&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus HTTP 302
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ed0eca2a-36c3-41e3-be4d-270003d12917
Request Chain 49
  • https://publicatedlit.com/redirect?tid=957887&tested=2&if=0 HTTP 302
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5345961059071921514&subid2=957887 HTTP 302
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH7dd968642cf4cc64f881e9a5c6770839&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Request Chain 50
  • https://publicatedlit.com/redirect?tid=957887&tested=2&if=0 HTTP 302
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=6071649117693485904&subid2=957887 HTTP 302
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH0d5b0f6c616a4953e42c92e8de9a68cd&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Request Chain 51
  • https://publicatedlit.com/redirect?tid=957887 HTTP 302
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=8859339626881494042&subid2=957887 HTTP 302
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHd25b1ddbbb872c0dc1580397eef28e0a&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Request Chain 58
  • https://witalfialdt.com/redirect?tid=841125&ref=xsportshd.com HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4785728&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/ HTTP 307
  • https://de.yahoo.com/?p=us HTTP 307
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=GB4dTvU&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus HTTP 302
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_f8f71761-024c-44ca-aa51-5aa795f44dbf
Request Chain 65
  • https://witalfialdt.com/redirect?tid=936840&ref=xsportshd.com HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4785730&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/ HTTP 307
  • https://de.yahoo.com/?p=us HTTP 307
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=KkevbaQ&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus HTTP 302
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4d6d8504-e0eb-4316-adec-c8aeb856c86b
Request Chain 74
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css HTTP 301
  • https://live.batstream.live/css/jquery.scrolling-tabs.css HTTP 301
  • https://live.batstream.cc/css/jquery.scrolling-tabs.css
Request Chain 75
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js HTTP 301
  • https://live.batstream.live/js/jquery.scrolling-tabs.js HTTP 301
  • https://live.batstream.cc/js/jquery.scrolling-tabs.js

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
HMXUM
zysqp.wasverym.buzz/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8ef4172efd86c4a0b91b14287117cf2a44583c87197b98d1449e7e21a494c5ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"3197-nZmknuAMsReiG4/G7wEEKrPMMAU"
vary
Accept-Encoding
x-powered-by
Express
dlp
zysqp.wasverym.buzz/ 		230 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zysqp.wasverym.buzz/dlp?st=1&lp=oct_11&geo=JP
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4a6fa058056f0a2941ccb33bc9a36325195dd48c252a13923cbcaba1ee52ff3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"3987e-4lSJEiJMQC7J/vnXmhj+ga2mG3w"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
utx
ehadmethe.xyz/ 		0
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ehadmethe.xyz/utx?tid=908057&top=zysqp.wasverym.buzz&cb=AM4b1eWBPrBp
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-6.ham50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zysqp.wasverym.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 15:23:33 GMT
via
1.1 1599881f4fb8a11206232254d6f4ccb6.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
HAM50-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://zysqp.wasverym.buzz
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
YROOm64mxu9tKL_Pgyse6zHqCy3r-_zq4EOaTwXxHMwvY43DLa3R4g==
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4504fa43557994444822bbc430a5b9842bf408808e2c0e0a833b15d0deb2f1e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b5f0766369ad2ddd66ceea502abc80ffd069c309deec0714a53a5f043cb31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		319 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaf999deede21a0246ba9fb4f58899857775ab1cf885012792838ad2444f1892

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24935999366f9bb6b613a6f6b2d21f838cd082a1ae2b331c0bdfeeab559994db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5978dd203bc016df022fcc70de991b0b3868e05a2b9b2d415fd9fceea2ba7ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fe76cfeab77b5b7f2886f25ee8fb9a4e6138d47d936856bcf8653cfa84f1a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e787b130cc1c01765393806647ba41712b29071f7c30464eedd9e84e96158d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zysqp.wasverym.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S990314945%3A1665933812986341&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S990314945%3A1665933812986341&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoJHdlwENbOPM3gnJoEOivE2jNN4aUm09BOZyAjZ15lOS9RgagBmyBUaknhocc63tVV6L0YVQ
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Server
2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zysqp.wasverym.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Sun, 16 Oct 2022 15:23:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-qaVjxbXXUH8olino7y8gKw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
390
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S990314945%3A1665933812986341&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoJHdlwENbOPM3gnJoEOivE2jNN4aUm09BOZyAjZ15lOS9RgagBmyBUaknhocc63tVV6L0YVQ
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1861347361%3A1665933813003086&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-1861347361%3A1665933813003086&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_AHj4RF8OB7QXkURR22xR9OB2lybPcsHXDOsEYUrD0-Ym_yYs4GZbGcWyaCa7pQuJemlj
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Server
2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zysqp.wasverym.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Sun, 16 Oct 2022 15:23:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-k1ZJQKHHghKDEypkwgEA2Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
399
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-1861347361%3A1665933813003086&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_AHj4RF8OB7QXkURR22xR9OB2lybPcsHXDOsEYUrD0-Ym_yYs4GZbGcWyaCa7pQuJemlj
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		55 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
305480a633db2482c730ff0564db989b53fad541e65bacf08409c15797121160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3272f093836c594a91f0070d2b79bb61bdcceb6444c19c6d83d377d0440f6cb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f54363eda78fc468e0f9ba50402e754002de5ca1810c1ee887a2e8813d37be18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		101 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ccf0b8abb83d2e8ae4c8748030e9968f7efa3888600c82b51739b854b6b50e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97e3c55772aaf7e759c4b746a15fabbf759043795eaa9ce80ac8a01f7b48dcc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
fonts.gstatic.com/s/oswald/v16/ 		19 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8753bf6f2b315d0802662b179b2df96c5d3795389c4f7782f1bb0aea170b1e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zysqp.wasverym.buzz/
Origin
https://zysqp.wasverym.buzz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12148
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:18:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:04:21 GMT
/
zysqp.wasverym.buzz/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zysqp.wasverym.buzz/
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
Primary Request bundesliga-sports-stream.html
xsportshd.com/
Redirect Chain
  • https://hasnoconve.one/?tid=908057&noocp=1
  • https://fymlwv.com/dsp/cu/clc?aid=571372872948927368&t=1665933813&s=786893&sid=1421
  • https://xsportshd.com/bundesliga-sports-stream.html
37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/bundesliga-sports-stream.html
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ccea18217f38229da4b5d1f232abdd31d81ea3becef598c2921534c094e2e4

Request headers

Referer
https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe4480a9be9-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
last-modified
Thu, 13 Oct 2022 18:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8SZFQM5s3U3YId7JUE9EHfGudPlY%2BO3KzQvr1VJjb4nrS4OsfUWtMDIYc1KLCs2j2JlKXFjAn7Zf0%2FfxLQxDlV09Nhu0RovO4mZSrSEtqKIhiXMKIX4LqD7z8chl%2FTbvdsGyvMncDvRzWpT"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

content-length
173
content-type
text/html; charset=utf-8
date
Sun, 16 Oct 2022 15:23:34 GMT
location
https://xsportshd.com/bundesliga-sports-stream.html
server
nginx/1.18.0
superhero.css
xsportshd.com/data/ 		178 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/data/superhero.css
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7063
cf-polished
origSize=184373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 20 Jan 2021 19:16:10 GMT
server
cloudflare
etag
W/"6008817a-2d035"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FI74xHGPlEHHFifcz24xK%2FqqgSFOhLm9ircz0H%2BCYNR9qkmH9Fja1C9deff2R4WjRRt4HdHMKy0swxjOGw%2F0bbu08X%2FDykLwsMdRZQq1b%2BJE%2F2wm59GMApjyA0sIKISHBHMO0XWdhuX1e84"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75b1cbe51d12cb11-DUS
logo.png
www.xsportshd.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xsportshd.com/logo.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Sep 2017 14:44:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6915
etag
"59c7c4ce-4a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cumVFZ%2BmB0FlGQcZFCwVuLs3Dt2ozerFDVkt7axB4sTwxOjXYBqSWWpEIvfbN3zMf1JJIFTaMKxwnPuhqp2F6hPrLzMy6e7SLFFLmyKUE8eUOpci%2BKbCN%2BodI%2Bugs9ZVoeHMGYo5YmKjnzFC2a1Nxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b1cbe4e99c9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18954
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/2i67odvjt3uu/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=515&c=000000ffffff&p=left
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=515&c=000000ffffff&p=left
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb1d3f3f59c3874ae7c6b2c3dc75465fdd22dd69ab24fb8241cce0e62cd94ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Sep 2022 02:46:27 GMT
server
cloudflare
age
2551027
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
75b1cbe69f8d9bd0-FRA
expires
Sun, 18 Sep 2022 02:46:27 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=515&c=000000ffffff&p=left
date
Sun, 16 Oct 2022 15:23:34 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b1cbe57d1f9bd0-FRA
content-type
text/html; charset=UTF-8
skip.png
xsportshd.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsportshd.com/skip.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8985c3e714a1924fad28fed3b93fb6c1b3db88f89a6022a5e8c632d29f32cbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
cf-cache-status
HIT
last-modified
Sun, 23 Feb 2020 15:33:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7063
etag
"5e529b5e-576"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWsmaxXQxO5HUyAjZzGBjK8y6%2FYgDjlQQKzTorV%2FEAdb%2BXbqCE%2BRn0tpRSsh%2FyiPiJuCu3x3HzLmV9fieoHWYuPCjsXw7fqhCDgdGiT4KoRrb9x%2B9vU758EMeHliVmVThuhTXPwa6rmH5qBP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b1cbe52d15cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1398
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BERhcEFxZet7MOQ7njvFdAjTV7fyP4eXYc0%2FCEp45z4upqHNx8WeA2L%2BSMqb1vIrJcwdvwYWCd0vxfHctonkyaEAlvDTBLGOyVKc3zLdrsJOL0sBLkYQXvbaadCNTOlf0juM4KjpKA4JG6eT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75b1cbe52d18cb11-DUS
expires
Tue, 18 Oct 2022 15:23:34 GMT
/
live.batstream.cc/ Frame 8DBB
Redirect Chain
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EB...
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=...
  • https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EB...
36 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25df91844918dff2e86acef55a4574ed481d4ac3a4940f60871515506e5c6d6

Request headers

Referer
https://xsportshd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe8aef4177c-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 15:23:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDWPR2kdCU1EaMS8QngNJBBrfYPIxKX6ymXzTvtEb5oKk%2BszWqz%2BrJQ4DyC0R%2FMu%2B1vqRdaF3uWfunhu%2BCPsnrYvKSbdJwc7T8R%2F1QCE%2FbGrGvKD2f6nMEI9jrb5MdEoH5oPKrlnjnU0JLXkiv6ZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe66ba7bb8c-FRA
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
location
https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Bc%2Flv%2FkWtPHEmezvmp59L2aonYADpr%2FZS89BoqLqwfePROT7Cu%2Bh%2FWosi2HGAdSECvIiOOLg94M02k9CSzLP0f%2FK5oV0BKk6OhKPo8UZMzAZFfruSZBBBNtSZpMzc39IpRPnVXGdzuzofbynn1GotxW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tb1
free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/ Frame 336F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5d6017b6cf836ed358595b432b2353eeeaf4a8c2c26c37ebcd0417a53ee8aae

Request headers

Referer
https://xsportshd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
1800
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 15:23:34 GMT
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4043-HHN
x-timer
S1665933815.655489,VS0,VE15
tid=215664.html
elevisions.xyz/ Frame CC17
Redirect Chain
  • https://elevisions.xyz/redirect?tid=936840
  • https://elevisions.xyz/tid=215664.html
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elevisions.xyz/tid=215664.html
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea6c33899ff179090f30ff385f4080aaab3cf95ecc9452c8bb6d5c1c9098035

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe648959b64-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
last-modified
Tue, 23 Aug 2022 20:22:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rz26F2bAPJkVcMAlOGbCnRH1Bxy%2FGgvqpIlt0Y%2B9h3H%2B8ZU3dfHwMWpz3%2Bv%2BAZ6BRwIXQOhQ67YUuy01jvhOR2W8i5wVi33vBxHKNRMSVetzMR7D9LBAVCICqqOhQX%2FGi3O77HRQsy2oGkRKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
75b1cbe58f019237-FRA
date
Sun, 16 Oct 2022 15:23:34 GMT
expires
Sun, 16 Oct 2022 16:23:34 GMT
location
https://elevisions.xyz/tid=215664.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0bphjjGv3yN%2Bg4aOSr2CFVF8X9Unxtl1s12Qib2ZdgQlKacN%2BIjvTGoEaO8Bq0CUk7a9SZopopTc%2FlLjYbL%2Fqo1MmvzSkz7UPgOewefAaHqehazEtws%2B%2BSV5cUqHVGy%2Fy07MH01moyNU570Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sprits.png
cdn.okamata.site/site/lm/img/ 		0
0
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
963550c7913dc4802f4989e3d794de30515ce4cdbcd60fcf11e3ce0595ef1175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42483
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Oct 2022 15:23:34 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6379032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtFPhLgMXcVHK3UkFftRNKAya0kFsRiGrGXLRrVHkOSgoI0pa6DgN7p7MMGRqVESQqWF66yZ%2B4n8MG7t53j36cSt7Ms1c38Mt8McCwvafWu%2BabQ8E2PSfuuDHcEmGUQFLnoboCpaWv96pmszLdqU2%2BJs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75b1cbe6a913911f-FRA
expires
Fri, 06 Oct 2023 15:23:34 GMT
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2F04 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabc1f0e0e12103bc424993c9b65330cc16ec7eb3f9acab939add6709c9e9a5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE9W1l1JGvQQg%2Bd1COEAoP34eIoYYmIc58cDP8ihSfFN2eN5JPGawrS3%2BM3GY1TzZwonYHvkPNri1dsJMrUIflirDMz0Lcpymyq1hseb0aNUuNWeLWYQahjdJ31wGzA8idJyhgvY%2BuxDph0F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbe62fe6cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ts.php
free.timeanddate.com/ Frame 336F 		20 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/ts.php?t=1665933814728
Requested by
Host: free.timeanddate.com
URL: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c7a67c408976c72b4c0b1ac9d43b4e735fb873ca4367e0feff4f210065ee287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-hhn4043-HHN
pragma
no-cache
date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1665933815.745891,VS0,VE11
vary
Accept-Encoding
x-cache
MISS
content-type
text/plain;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
40
x-cache-hits
0
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2F04 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a317f9188e0493cb5743905feb957c7d26a4aba78f3cd57085b17ab878ff151

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stXqocTKJ4NVa7GuK9E80c3RWGmhqKJOAjE%2FO7ozKab4NFpk43oJQg8wvExj8J7iG3G8oA8nnPQfIkx4T7%2B546nyYGSm%2BvjodUcnVWz6VpboM1MJCUMXHl5iD3z1pKzNklNqXZ3bW%2FsEmTJm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbe6a977cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame CC17 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elevisions.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6379032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXaQ1GD%2Fh41VnTBiMb%2BuYvuUS7zbzsIgwDC%2Brfwt5phb%2BGMQzPRjgEwS9s0ckJ8SeZpuPA3v4sKOmUS8yrQWpBX1ZBydQbrlq9gH%2B8tuWGFr0bX%2FMCGB0Q22hGntun3VKrMUBcah4xNI1x7wiyzktQLb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75b1cbe6d994911f-FRA
expires
Fri, 06 Oct 2023 15:23:34 GMT
eo_logo.svg
elevisions.xyz/ Frame CC17 		152 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elevisions.xyz/eo_logo.svg
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b4790fa6fc089a2d989178ca605831ff881675b1f63a15a3bcf05dd4732c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elevisions.xyz/tid=215664.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6slPsBg39guDhmIr7X1xDbHAJ2BtZtAjPZ8lByCvli0ww7w5ZlQj%2FzLEWFZn8mZDSYp0DEKgw5sDmcD4pZP7BIj2orCBpz9SZ3IDWajRQ0n33WSNk5%2FpKLQDVsumS49lTQAVjM4GPwu9BgzvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
75b1cbe6d9db9b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
monero.svg
elevisions.xyz/ Frame CC17 		152 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elevisions.xyz/monero.svg
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b4790fa6fc089a2d989178ca605831ff881675b1f63a15a3bcf05dd4732c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elevisions.xyz/tid=215664.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
92
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zfyG%2FhFnaeHexG027BA%2FNt%2BuBSJ6p94%2B614zGjTyeSXkL1cyKl%2B51q2Bw1OZrBOHx73cge5c%2FbdxHTsr6bU4RshqsA6zJw2m7BnnvmTlw2mzhRvAwtn6f41yjZXf1sNilhxWzGxvf%2F0U%2FNPGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
75b1cbe73b1b9b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
widgets.amung.us/draw/ Frame CC17
Redirect Chain
  • https://whos.amung.us/cwidget/8qxnu1d28l/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=2050&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=2050&c=000000ffffff&p=left
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3785a22132227c6bb0ebeb00f3add5936a56a6f69900dc116e080f7a069b9eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elevisions.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Oct 2022 14:47:55 GMT
server
cloudflare
age
2140
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
75b1cbebde619bd0-FRA
expires
Mon, 17 Oct 2022 14:47:55 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=2050&c=000000ffffff&p=left
date
Sun, 16 Oct 2022 15:23:35 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b1cbe749569bd0-FRA
content-type
text/html; charset=UTF-8
football-streaming-live.html
xsportshd.com/ Frame B0D1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/football-streaming-live.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a9f35a8137dd7577d20ef70dd5d9e0723bc801351c98ab64fa2b87def657cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe77c5fcb11-DUS
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
last-modified
Thu, 29 Sep 2022 12:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Mr2ldC%2BhEEkBcL98%2BqT%2BweorH7Ett9wofmIwEqfBv165RSOgdh6q4Z%2FD0EH2xGOUcV%2FBFqBDkV5ehr776%2BkZoY1em75VPijZ3clZWtH1zwG2m%2FYmfD%2FP2YoDHHI6HSzytN2BXeHjpgGS1D4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
football-streaming.html
xsportshd.com/ Frame 4A35 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/football-streaming.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f8618d7b3a4786be3bcb57e823c2162c8689d114c0b49181b65d1783d40e12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe77c76cb11-DUS
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
last-modified
Mon, 18 Jul 2022 11:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecicGWLV%2FXDXUM1iwhyHP5%2BCA1W5awCI95fHzOcfPOm1uRCzXl3%2F97pLGvuBRju0FSavKJQ2dKHUZOBHyU6IUGERdMEBWQpbtG5A6hKQaef%2B%2FR46WBINeKj3OcpCJgiZMIMUWrXFWe0EC%2Bi2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
football-hd-streaming.html
xsportshd.com/ Frame 9ED3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/football-hd-streaming.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc8e17ce7edc55a44643097a12ca91bb268d3a24338a1b274270c8600a62cf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe77c7bcb11-DUS
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:34 GMT
last-modified
Thu, 29 Sep 2022 12:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46%2BuvfN7LG7J%2Bk9z%2Fq2Jr%2B6NJsRx27gx0ExWM3nHIIRkkcpXod0CQg0t05poWqkD9gwT3FyuxCZY0QYAfnBN44cd8pn0N7KFjxVJNL5gvrt3hpPnsrvXa08qA7EH8z1pL4CqcUzgYHtn%2ByDw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hd-streaming.html
lshunter.me/ Frame 9D4D 		2 KB
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lshunter.me/hd-streaming.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4811 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10273b4de6c37763dfb6ea07da47252287b397bdf07215ca5e9bf01583328932

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe81c269226-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:35 GMT
last-modified
Thu, 21 Jul 2022 11:58:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E85WvJFHG9kruhckK%2Bv6rBRL9ozFV8mGCwJcoTPYOOAYQkmCKtMX4xZ89vq8uLbOkTnPR4zH1wYsFxiufMLYfaRirPrxgsdtV8H1sfiNQ%2F%2BYPFtCbLiP3Nz%2BJoxXUPjuIEBajV1nZk%2FCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
football.html
socceronline.xyz/ Frame DC86 		1 KB
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://socceronline.xyz/football.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5888f888e950df2fed5f34dab19e688b3baac64b2011be5ff7af04a03338e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe81bba9bbc-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:35 GMT
last-modified
Fri, 22 Apr 2022 19:58:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbgRYG7KsguDLaX6bca3lzbL2j%2FTNpZCmqRoblrOWztJAv1hnDhIJ3hCp3HMjMDUzU1rgeE5I%2BbKZTErGwQKLVmVnPEgED0U8Cioa%2B4WFl1Mj6xqbLG0PdUB6DAHdhUz5EAhsugbS5GFIXNKsV2P"}],"group":"cf-nel","max_age":604800}
server
cloudflare
football-streaming.html
livestotal.net/ Frame 52B0 		2 KB
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://livestotal.net/football-streaming.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a4e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8bdf7f9539f9302f029f20bfdb58632c83391a19fea5af43d4d4ea548a9e1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe81f8e9019-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:35 GMT
last-modified
Sun, 17 Jul 2022 08:53:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgLYr91A2wMAGxiLWHjuq6p9tDwFx1Cz4qX3K5ZpOvRUtsrBE1ltcL6yV0qac%2BRmhOz0oKHZ30UqprBFzu9345dooHiIPyU4W2HFrbw6rTmyPkdyhzpNt9EljHV7E%2BDcavMFRoLWzNwTW6L%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hd-streams.html
sportsmix.net/ Frame 6563 		2 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sportsmix.net/hd-streams.html
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6706c6f5585824f28566ed3a065195880a0b28f9baf754d62814c299f90a6808

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b1cbe81f689a03-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 15:23:35 GMT
last-modified
Fri, 05 Aug 2022 11:09:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czSJfsmjSTCHECh402fqX6I8VH4UHbPBRy35XUQRBmXuhqnZjVWmOqM%2F5DaKXl%2FYJCVlGPR%2Fi%2FNHulkx8ze9l3KZFqQ%2B0aTGBz0HgMAHDQlBgEbVko8K6rp9aXlnRtQ1NvZ7UUFXUQIbP2ba"}],"group":"cf-nel","max_age":604800}
server
cloudflare
invisible.js
elevisions.xyz/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E290 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elevisions.xyz/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b4b0357576899cd2dfc7bd4fcf730ceb957c446a8fe735407c9e0c00973ba68

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lDVlp8R3J9IDlTyM5cRo8Q5SXR%2F5jIu%2BJ9NfhMHD5ZjVLaZ%2F2H2%2FlWMQqZoRR3p%2BLlObtZeW6nDdfHBDe9plgPpnB0GIbh7OD5kno5ijm%2Bh7EQkuOVkSqQG9UBINYtg6AdYs2I4sBo9kwDH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbe78c769b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collectConsent
consent.yahoo.com/v2/ Frame FE69
Redirect Chain
  • https://cdn.elevisions.xyz/
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4815628&p=https://xsportshd.com&tested=2/
  • https://yahoo.com/
  • https://www.yahoo.com/
  • https://de.yahoo.com/?p=us
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=YjR-7vE&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_74dae98e-77b4-4ef6-8f1d-98674cced636
0
0
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B0D1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/football-streaming-live.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eygw5RAlYqDG3vwQ9w88C5H0LTqd5fDaEAvHLXKrItRMTcVsbCZdX%2B6FOVL1VzMoGw3jBxGhY3BE%2FjPvq6%2FBW9Tuuy8VYj5S9YHOJuaJPG8SuqVG9uARfNZ7XiF7JS620ire9f%2Fv4VkYnjG6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75b1cbe7edeecb11-DUS
expires
Tue, 18 Oct 2022 15:23:35 GMT
collectConsent
consent.yahoo.com/v2/ Frame A04E
Redirect Chain
  • https://elevisions.xyz/redirect?tid=918505&tested=2&if=0
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4815628&p=https://xsportshd.com&tested=2/
  • https://yahoo.com/
  • https://www.yahoo.com/
  • https://de.yahoo.com/?p=us
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=ZUGVMu0&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ed0eca2a-36c3-41e3-be4d-270003d12917
0
0
/
landing.hentaiheroes.com/en/lp07sfw-aff/ Frame 826A
Redirect Chain
  • https://publicatedlit.com/redirect?tid=957887&tested=2&if=0
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=5345961059071921514&subid2=957887
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH7dd968642cf4cc64f881e9a5c6770839&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH7dd968642cf4cc64f881e9a5c6770839&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming-live.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
8966
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 15:23:36 GMT
Link
<https://landing.hentaiheroes.com/wp-json/>; rel="https://api.w.org/", <https://landing.hentaiheroes.com/wp-json/wp/v2/pages/59359>; rel="alternate"; type="application/json", <https://landing.hentaiheroes.com/en/?p=59359>; rel=shortlink
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 15:23:35 GMT
location
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH7dd968642cf4cc64f881e9a5c6770839&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
server
nginx
/
landing.hentaiheroes.com/en/lp07sfw-aff/ Frame 0247
Redirect Chain
  • https://publicatedlit.com/redirect?tid=957887&tested=2&if=0
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=6071649117693485904&subid2=957887
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH0d5b0f6c616a4953e42c92e8de9a68cd&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH0d5b0f6c616a4953e42c92e8de9a68cd&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming-live.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
8966
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 15:23:36 GMT
Link
<https://landing.hentaiheroes.com/wp-json/>; rel="https://api.w.org/", <https://landing.hentaiheroes.com/wp-json/wp/v2/pages/59359>; rel="alternate"; type="application/json", <https://landing.hentaiheroes.com/en/?p=59359>; rel=shortlink
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 15:23:35 GMT
location
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HH0d5b0f6c616a4953e42c92e8de9a68cd&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
server
nginx
/
landing.hentaiheroes.com/en/lp07sfw-aff/ Frame 19D3
Redirect Chain
  • https://publicatedlit.com/redirect?tid=957887
  • https://tm-offers.gamingadult.com/?offer=470&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=8859339626881494042&subid2=957887
  • https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHd25b1ddbbb872c0dc1580397eef28e0a&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHd25b1ddbbb872c0dc1580397eef28e0a&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming-live.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
8966
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 15:23:36 GMT
Link
<https://landing.hentaiheroes.com/wp-json/>; rel="https://api.w.org/", <https://landing.hentaiheroes.com/wp-json/wp/v2/pages/59359>; rel="alternate"; type="application/json", <https://landing.hentaiheroes.com/en/?p=59359>; rel=shortlink
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 15:23:35 GMT
location
https://landing.hentaiheroes.com/en/lp07sfw-aff/?ref_id=135846&noagev=1&tc1=HHd25b1ddbbb872c0dc1580397eef28e0a&tc2=18220&tc3=470&tc4=SOI&tc5=&tc6=&tc7=&tc8=
server
nginx
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 4A35 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/football-streaming.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NIVWsqF4OqZNnXnUzuj4gMUDJh7BzDnp8L%2B5oyke2v7z4z0HBUeov2P6%2FrgzgtTXBcRiTv%2BNRa4zTtlLm0sf7wgmGIVDLChcVhePqtBVDvV1juQWFwBVLtSXZFDRxtppCGRJqudN8oEMCRn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75b1cbe81e71cb11-DUS
expires
Tue, 18 Oct 2022 15:23:35 GMT
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 9ED3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xsportshd.com/football-hd-streaming.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhp5OiCdzobiefgmFgCWsh6yRAHcNYPK7wu6tiZsG3XpFWH%2FsA10hWB738Q5nnxF0FPVDZwx5bhOTioiM5hUJOuYniBvgEHopafwJm25g7tpW93QHiQqCD%2FBjfWT%2FymzfYRLcP%2BglbZ7bxZh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75b1cbe82e86cb11-DUS
expires
Tue, 18 Oct 2022 15:23:35 GMT
redirect
attentioniau.com/ Frame 4A22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=841123&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
Eoy8ROM3HP9wBIK-IWQg8scSkK45c3v2b-MIsFfiU7GHWXLWvq13tA==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
redirect
attentioniau.com/ Frame A237 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=841123&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
YsiYXxIiy2iSEKVTCTpLZlWtiSPfnj3PdFN-caFZEW5ZBLg6Zmtj3g==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
redirect
attentioniau.com/ Frame 5393 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=841123&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
RazSV7oOlGxeDYF557pNb0wlILbyagafkEGGjKaSs8B3E8D5UEgfdg==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
75b1cbe4480a9be9
xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2F04 		2 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/result/75b1cbe4480a9be9
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaACMmYKwlkMJh8n5Cioe8FkW3YWHG%2B%2BgJna9He8dzy441Abx1kMpivX8uhlAx77GXsFe6ZWttuvPmiiCvsAHmYdBySmPnK9eL3%2FdG9H1pUyUReR1lbOZBRagh4Xu227EQsV5NS%2FYtLuXiaO"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
75b1cbebaaedcb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collectConsent
consent.yahoo.com/v2/ Frame 6BCA
Redirect Chain
  • https://witalfialdt.com/redirect?tid=841125&ref=xsportshd.com
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4785728&p=https://xsportshd.com&tested=2/
  • https://yahoo.com/
  • https://www.yahoo.com/
  • https://de.yahoo.com/?p=us
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=GB4dTvU&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_f8f71761-024c-44ca-aa51-5aa795f44dbf
0
0
redirect
publicatedlit.com/ Frame 873D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=963757&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
IQkl6IyCbivSqUIHYEcEOs_WSZtywVn2kbpYmz914yGO0bDDQ_1-jQ==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
redirect
publicatedlit.com/ Frame 5EEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=963757&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
rscXKDXYUTwgVCwN5aRtjX1MRuKLXt6KcMe-BFTqfsiHCKlzYGb9sA==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
redirect
publicatedlit.com/ Frame 842E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=963757&tested=2
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
bWfk3gjKRAaY7p7rPoygOPAxxfvA8dvevBCL5zZ0ho91-BWiDJfkLA==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
redirect
publicatedlit.com/ Frame CE9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
BsqpV_ReLOd3Xv4kURf1pto_Re-XQcAeWf_Zlye5ygp4JdLDDSg1fQ==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
redirect
publicatedlit.com/ Frame C01C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
nLi4J8bfz4AYk4FoCQUgy-xU7-cjdxxKJvvmuYmRps0aTjDTMmYTJQ==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
redirect
publicatedlit.com/ Frame CEB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://publicatedlit.com/redirect?tid=962277&tested=2&if=0
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-105.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://xsportshd.com/football-hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-id
JPj-eNI2SicgDqsnF6NwnQtqCELIhUb17tZ0ePxHqa97YpIXfeuUIg==
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
collectConsent
consent.yahoo.com/v2/ Frame 31CC
Redirect Chain
  • https://witalfialdt.com/redirect?tid=936840&ref=xsportshd.com
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4785730&p=https://xsportshd.com&tested=2/
  • https://yahoo.com/
  • https://www.yahoo.com/
  • https://de.yahoo.com/?p=us
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=KkevbaQ&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus
  • https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4d6d8504-e0eb-4316-adec-c8aeb856c86b
0
0
fuYqKeshy7sXwBO0ofXB9ZKxlDE.js
sportsmix.net/cdn-cgi/apps/head/ Frame 6563 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sportsmix.net/cdn-cgi/apps/head/fuYqKeshy7sXwBO0ofXB9ZKxlDE.js
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426289618bc63a0a31e95d746710caa5945ca800844ba7374abdf7260c3745d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sportsmix.net/hd-streams.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
x-amz-version-id
fnNV8M6bqJb3xGv9XU1F5E4g5pwjEsZV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
C9BSK0E5M91AC3JG
age
6235857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zo4PNnQyvxL58ZCy/djB+tyY2sTWuxkXg8btccwLPQEHRCt9+6WIAXUe6WVmdHQwdI/6cA5OsdQ=
last-modified
Sat, 11 Dec 2021 19:45:58 GMT
server
cloudflare
etag
W/"3838d84f2113c01d90ea66faa2520e32"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWA0UaHwZPPZJLPsJEkPLbOw3dMuhabFF6C7Yk1v6IuxOsRUGLDWyt3KUkvWNVoOaoAJLPfCgGf5%2BY55mo46%2BmboouSGNdfOxTS0wAZ319OlficISvU1HUOkALBh4fG4lVL9xBEfRnz30Bqj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75b1cbec4e9b926b-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 8DBB 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://live.batstream.cc/
Origin
https://live.batstream.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
17090841
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fc95b7dc10c8e8b56f754d70777bcbae
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75b1cbecacd8bba9-FRA
cdn-requestpullsuccess
True
widget.css
live.batstream.cc/css/ Frame 8DBB 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.cc/css/widget.css
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd30fd463fdff24c7b077705c8bdff34e3c151cfe24acfa9b8e6b72c0157e7a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1538809
cf-polished
origSize=14530
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-38c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW8uAFbo%2Fw%2BcIV%2BqcU0p95C0o4EHpaD%2BX04GsEVtN4F7XNoWYcCsMEyRhqNpJd5KSdboa265a2dYWJ%2B8%2BG9bX7e%2BZWTZOXzJhgc6LjJQMwzCOpfHGjUcc7qF%2BIFwLK47hL9h5k9W1iT5XhOyKPWffA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75b1cbecad699b95-FRA
expires
Fri, 28 Oct 2022 19:56:46 GMT
css
fonts.googleapis.com/ Frame 8DBB 		2 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae5ef045a45012948d0723771bbc119f3b08158244cb4fbc030d47247048f917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.batstream.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 14:08:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 15:23:35 GMT
jquery.min.js
live.batstream.cc/js/ Frame 8DBB 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.cc/js/jquery.min.js
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1538809
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-17b8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj2er4wSjRtGxhV3P6hhL4RhoAYHXuMPsn4f8QtO5lr0sA7RExR3oNv%2BA%2FGu9zLZh4%2F%2FeBaxo3zX%2FNJntXlr9KmZTdFRRiNbkgk7KzvqHz4xkIWF5YZhNruY9XgFXZw22n8y3%2FGZiLg3ajG3HZ9xwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75b1cbecad6e9b95-FRA
expires
Fri, 28 Oct 2022 19:56:46 GMT
bootstrap.min.js
live.batstream.cc/js/ Frame 8DBB 		0
0
jquery-ui.min.js
live.batstream.cc/jquery-ui-1.12.1.custom/ Frame 8DBB 		0
0
js
www.googletagmanager.com/gtag/ Frame 8DBB 		0
0
jquery.scrolling-tabs.css
live.batstream.cc/css/ Frame 8DBB
Redirect Chain
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
  • https://live.batstream.cc/css/jquery.scrolling-tabs.css
694 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.cc/css/jquery.scrolling-tabs.css
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.batstream.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484144
cf-polished
origSize=1447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-5a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSABGBbOvsGEzC50D4FPzerfY2W7SVz1NMujWgaDziQ2dvdcAOchC6eSwRKOupAfgo1DhoRdr76ier%2BSpIYfXELjX5pfkk3ZQkyP%2BsdutEQj25ufpTt%2B8kc9uqO8ym18OMluR%2BF3IbLK2JdVIBu1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75b1cbedafcc9b95-FRA
expires
Sat, 29 Oct 2022 11:07:51 GMT

Redirect headers

date
Sun, 16 Oct 2022 15:23:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
402
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4Up7KhwQWdytHBdR4eIh2Qsuxr19t2rFq7%2BraImUBXiOkuHP96fZKxTyKAWaOB0An%2B6Y%2BiQO2985y9Q4mP4jEHxeCKqxEr%2BdtYCSFqREwO1qoKEBBrnrLF3chAshYfOxxqRhqWvooH4%2Fs4yBv0B0uxN"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://live.batstream.cc/css/jquery.scrolling-tabs.css
cache-control
max-age=14400
cf-ray
75b1cbed1dedd301-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.scrolling-tabs.js
live.batstream.cc/js/ Frame 8DBB
Redirect Chain
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
  • https://live.batstream.cc/js/jquery.scrolling-tabs.js
30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.cc/js/jquery.scrolling-tabs.js
Requested by
Host: live.batstream.cc
URL: https://live.batstream.cc/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://live.batstream.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462068
cf-polished
origSize=60424
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-ec08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STtfZgaoPMV6OVQsk2ZYnQDiv5O1%2FxzBmu9T%2B2UU%2F4OF%2FdqONbvZmBsUo7FU1WkRILDEukX7TvPE%2Fk6llnV6Jtx2fOXntwNnj0yzIffcrg7117I0QWH7nQtbKwgF1fXtGohquW%2BlqF%2Bmq%2BfWRSQBdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75b1cbedafd29b95-FRA
expires
Thu, 10 Nov 2022 07:02:27 GMT

Redirect headers

date
Sun, 16 Oct 2022 15:23:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
337
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCG1dUL%2BQ2864cajOO2ldggYOpxXoU99g2kHAbZj79YwPLChMG%2BMzFS3bwzRx%2BtHu4%2BSnfMwNHllJcyt92FvRBgv3ORZXLhEY8MyaO3DOsnQRxPWQjvay0Beo5dsXWPt6j2n9aiOh%2BO2wJd1oJAXmdWk"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://live.batstream.cc/js/jquery.scrolling-tabs.js
cache-control
max-age=14400
cf-ray
75b1cbed1defd301-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3CFD 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543b840c577e4c6cd7abe5c5165293ea3d22e45278ecf99a2c81f79b0940fb4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B21Yx05NkTtgWPJImp2EQNEszGmKGvrAs7gyU1ZlUYodF%2FT937YPxA27LBR%2FjY3D1Np9Qzx3M1kH5DHBRFE0nwNSiYBIXFNtW1Sf2EJe8ixvraiuzU987yv9qA4TzxTCFIaykNdTSAzkAERb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbec1c1ecb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame AB0E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d4c40f62f4f7286647636e2157f426cacaefb7360f76fac204d0c50b2bf7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfkjqebh3h2gxd4lOA4mNtHFK0VrP4nqDCI3BiEa8YzbkrKv%2F%2Bu1g7zU5enP%2Bno0aWnpk1PS8jsJP7xh5mg5hXfVlkS38cY38bp5Un1L3S4Wcd%2BWRLJTLJvZ9KYUogpyzqNVZazDb6Kj3pyt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbec1c2dcb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
witalfieldt.com/ Frame ADD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=962276&tested=2&if=0
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://livestotal.net/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
koKRoC2Jxeqw2Sa-4e0vQc96wRbFmzIPGU3Th37m6vcy0_9tpwyHUw==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame A664 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=962276
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://livestotal.net/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
3ykk5nxQTuWFRELO0RCK9djD79cq65HZd-wp2Es-1PQ1R0TCrXG3kQ==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame E8D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=962276
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://livestotal.net/football-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
ChRFbZXzVADRqudzufR2D6VRGEuhw-S2o2uFgilwFLGQyi6dtOJsAw==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame 6DEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=919870&tested=2&if=0
Requested by
Host: socceronline.xyz
URL: https://socceronline.xyz/football.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://socceronline.xyz/football.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
2rzeTZPPXODLtD8ZvM_x4ZihY5zK28a1o6aK_QLT8NSU6Kv39NAXJA==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame 75CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=919870&tested=2&if=0
Requested by
Host: socceronline.xyz
URL: https://socceronline.xyz/football.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://socceronline.xyz/football.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
FIJReBMAuRc3O9rduWtEzLDk1tz-FibCwpjY3t53ZuKs5WELVgb03w==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3DD1 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665921600
Requested by
Host: zysqp.wasverym.buzz
URL: https://zysqp.wasverym.buzz/HMXUM?tag_id=908057&sub_id1=&sub_id2=4073781822710861562&cookie_id=1126981436433543&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fhasnoconve.one%2F%3Ftid%3D908057%26noocp%3D1&geo=JP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2aaf8de3da76541115a7a171ba010341664f47ddce8306c10421e36c173dbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9MDcbc8BKrO2DGnfFC5OqDgrLDmoxxlg2fGxafUwBF0SxW2moShIXXL75CvQpbdSRZ56VUniQ6z26zYL3VTehHemc7RedtLaxjZzpY8YXcwZNSHLzXF4Ym4I8mrKy3Zdmp15iqbieXv%2FK3a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbec2c55cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
attentioniau.com/ Frame C732 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=962708&tested=2&if=0
Requested by
Host: lshunter.me
URL: https://lshunter.me/hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://lshunter.me/hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
3HYCwC9xjKTgcTWWjhBprfaxSxX_036Rua3zga0uVnGU5Irg-ITKjw==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
redirect
attentioniau.com/ Frame 1661 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=962708&tested=2&if=0
Requested by
Host: lshunter.me
URL: https://lshunter.me/hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://lshunter.me/hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
QzsAOVzL9zNv1LKrjnl0-4xkPiPWXTwTtIsHGl0DjYLBohAsdB96fA==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
redirect
attentioniau.com/ Frame E8CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://attentioniau.com/redirect?tid=962708&if=0
Requested by
Host: lshunter.me
URL: https://lshunter.me/hd-streaming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-85.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://lshunter.me/hd-streaming.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:35 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id
V5SFuOOn40QNPccMBT1jBe1GPm1JFat7QJ-fqAEHNT5eG5wcl69Yow==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
pica.js
elevisions.xyz/cdn-cgi/challenge-platform/h/g/scripts/ Frame E290 		18 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://elevisions.xyz/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238698d1446cce24b39de2078a360b58abb78c1fb4912d63d8a6cde2036a96ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCr4CorRUk%2BCKvOCT7Wwt0B2heq4332FKulycDc9%2FfFPo4%2F6GFsl1tXthbkOAHwnmICGgBuokXN9V0kiScrhnbSN3SFgUg12Y3wrIgMGoNr42o48EtyRzGfv0cJ7OqJVp1V8oRyym5jnY55uXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbec49319b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3CFD 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264af5172ba4af9f65332b2e2f7c3b3ad45bb0cb947b5495e3c50202a03232cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82KVUU38ddYyVGejwkKUUH8rWYgPb%2F96eaytXHJWvmYmP89LPynzTg80UWLyFh%2BEznTNWJ3k5YhJmQ8ripK8s0uOpLYTlrl1bNIxHxIybKpXzyJfhKrVuvpEaB7jrDi3IHb8ESMIm1shHRpT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbec8d5dcb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect
witalfieldt.com/ Frame DFC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=937674&tested=2&if=0
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://sportsmix.net/hd-streams.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
MKONqWG7hAGrxUpOcuFTI0fxLiP4uZ_R5w7oyaXQPAWqRfXihMCRSA==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame F155 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=937674&tested=2&if=0
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://sportsmix.net/hd-streams.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
udEdsa_RpUy0dRCghRKLpuOGO0NFvNB1cXmJ8wwRscP_C3hzvBZIIw==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
redirect
witalfieldt.com/ Frame 2F14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=937674
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.17 -, , ASN (),
Reverse DNS
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://sportsmix.net/hd-streams.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
date
Sun, 16 Oct 2022 15:23:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-id
b4abgUft9Yjx5znQCGywmPwL1QH1ANP34NBMqb1xAcz4HitcqrXHPQ==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame AB0E 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d720b0116ad80ee8b6806f22eed6dcafa63b1522f117b719c006b8963253d294

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY3u9fVwRD5LZsBhGgsP79ZciqO6%2B5Dt9Vp80RpGXn7bBBnMSHRWMzwOw23wQBBjkze%2FaKuq6Lhvh2iS8Q8BqRbyo%2F4wSxHZThNT%2FlH39o%2FacZ7Hg2wKdqNTwDOn3t2b%2BUpBQ3BcuakvOyjW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbecce59cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame AB0E 		18 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: elevisions.xyz
URL: https://elevisions.xyz/tid=215664.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2eb057757026d118239800588494b64448062853db2cd1932a8ae739dc12f7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3M0Jb0VvOWwrZeobrBxEkkWWWkUrZoTF4IY%2B2k5ouqjocBv1QZiv2E8vpgdFsiBHiBZcjq8V6l4qAWkdV1OsSxiebNIUOoZNaHqlTOk2PIkm4JIsXsTa040OhndiZslSeRA%2BRlrimtelnWG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbecce5ccb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3DD1 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-hd-streaming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a47b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f57c93b9c9ded882b76372582139c71be4e14707e1a76fac396068f3246ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:23:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtasbB3Cdlo0aF56gVmQ4gwfZoS3NPPZ3hyIsEWfFdGfGNSQs7xO49vMx%2B5DXwHvP6C2p7AP7Y4Lq%2FNeLTP5MEPqD9evhn%2B7B4uvArAi2MOkRcL1iT1wtJif5Q9gtP7VEYb92qjKg6%2FA1HhV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75b1cbeceec7cb11-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
75b1cbe648959b64
elevisions.xyz/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E290 		0
0
tag.js
mc.yandex.ru/metrika/ Frame 8DBB 		0
0
75b1cbe77c5fcb11
xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3CFD 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.okamata.site
URL
https://cdn.okamata.site/site/lm/img/sprits.png
Domain
consent.yahoo.com
URL
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_74dae98e-77b4-4ef6-8f1d-98674cced636
Domain
consent.yahoo.com
URL
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_ed0eca2a-36c3-41e3-be4d-270003d12917
Domain
consent.yahoo.com
URL
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_f8f71761-024c-44ca-aa51-5aa795f44dbf
Domain
consent.yahoo.com
URL
https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_4d6d8504-e0eb-4316-adec-c8aeb856c86b
Domain
live.batstream.cc
URL
https://live.batstream.cc/js/bootstrap.min.js
Domain
live.batstream.cc
URL
https://live.batstream.cc/jquery-ui-1.12.1.custom/jquery-ui.min.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Domain
elevisions.xyz
URL
https://elevisions.xyz/cdn-cgi/challenge-platform/h/g/cv/result/75b1cbe648959b64
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/tag.js
Domain
xsportshd.com
URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/result/75b1cbe77c5fcb11

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR

6 Cookies

Domain/Path Name / Value
zysqp.wasverym.buzz/ Name: 5cdedc4d0ace64e1e66e6d360203299a
Value: 1
hasnoconve.one/ Name: csu
Value: 51258326-c7db-4f1c-8802-4ad6506b3464
.realsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c21f72583e6.077570062955017092%22%3B%7D
.xsportshd.com/ Name: __cf_bm
Value: HW0A00RtBpNiTVntnAL.lAX5MWttAVRP35QDTlz5BNk-1665933815-0-AXubssbfCBuD0W6J9QasLtGDUpriLdR+lPUDxw1dFSW1W9h/kjtjDOYrcSzQ+sGl2NURuDSd3yt1vDAzDtmRZfSdaoBgq6eA6yk12xT7ILiJZRfxThJ2mba1/5S0jrUzCA==
tm-offers.gamingadult.com/ Name: HH-offer470
Value: 1
.realsrv.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v3%7C%7CDEU%7C4785730%7C14810613%7C61248%7C%7C496%7C52%7C2%7C40%7C0%7C0%7C0%7C34211567%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C634c21f72583e6.077570062955017092%7C63aaa021a361a4769823bce8ef78977a%7C0%7Cxsportshd.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D

4 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S990314945%3A1665933812986341&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoJHdlwENbOPM3gnJoEOivE2jNN4aUm09BOZyAjZ15lOS9RgagBmyBUaknhocc63tVV6L0YVQ
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1861347361%3A1665933813003086&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_AHj4RF8OB7QXkURR22xR9OB2lybPcsHXDOsEYUrD0-Ym_yYs4GZbGcWyaCa7pQuJemlj
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://elevisions.xyz/eo_logo.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://elevisions.xyz/monero.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
attentioniau.com
cdn.okamata.site
cdnjs.cloudflare.com
consent.yahoo.com
ehadmethe.xyz
elevisions.xyz
fonts.googleapis.com
fonts.gstatic.com
free.timeanddate.com
fymlwv.com
hasnoconve.one
landing.hentaiheroes.com
live.batstream.cc
live.batstream.live
live.batstream.tv
livestotal.net
lshunter.me
maxcdn.bootstrapcdn.com
mc.yandex.ru
publicatedlit.com
socceronline.xyz
sportsmix.net
tm-offers.gamingadult.com
whos.amung.us
widgets.amung.us
witalfieldt.com
www.facebook.com
www.googletagmanager.com
www.xsportshd.com
xsportshd.com
zysqp.wasverym.buzz
cdn.okamata.site
consent.yahoo.com
elevisions.xyz
live.batstream.cc
mc.yandex.ru
www.googletagmanager.com
xsportshd.com
108.138.7.15
13.226.153.105
137.74.247.34
143.204.215.17
144.217.67.42
151.101.1.176
18.155.145.6
2606:4700:10::6816:4aab
2606:4700:3030::ac43:a208
2606:4700:3034::6815:4811
2606:4700:3035::6815:4445
2606:4700:3035::ac43:a47b
2606:4700:3036::6815:27b7
2606:4700:3036::ac43:a4e8
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:802::200d
2a00:1450:4001:809::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2003
2a02:b48:207:1::6
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
44.195.137.121
52.222.236.85
03d4c40f62f4f7286647636e2157f426cacaefb7360f76fac204d0c50b2bf7c2
07a9f35a8137dd7577d20ef70dd5d9e0723bc801351c98ab64fa2b87def657cd
10273b4de6c37763dfb6ea07da47252287b397bdf07215ca5e9bf01583328932
1cc8e17ce7edc55a44643097a12ca91bb268d3a24338a1b274270c8600a62cf3
238698d1446cce24b39de2078a360b58abb78c1fb4912d63d8a6cde2036a96ac
24935999366f9bb6b613a6f6b2d21f838cd082a1ae2b331c0bdfeeab559994db
264af5172ba4af9f65332b2e2f7c3b3ad45bb0cb947b5495e3c50202a03232cd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
305480a633db2482c730ff0564db989b53fad541e65bacf08409c15797121160
3272f093836c594a91f0070d2b79bb61bdcceb6444c19c6d83d377d0440f6cb0
3785a22132227c6bb0ebeb00f3add5936a56a6f69900dc116e080f7a069b9eb4
3b4b0357576899cd2dfc7bd4fcf730ceb957c446a8fe735407c9e0c00973ba68
426289618bc63a0a31e95d746710caa5945ca800844ba7374abdf7260c3745d6
4504fa43557994444822bbc430a5b9842bf408808e2c0e0a833b15d0deb2f1e3
45b5f0766369ad2ddd66ceea502abc80ffd069c309deec0714a53a5f043cb31d
4a6fa058056f0a2941ccb33bc9a36325195dd48c252a13923cbcaba1ee52ff3b
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830
543b840c577e4c6cd7abe5c5165293ea3d22e45278ecf99a2c81f79b0940fb4b
5978dd203bc016df022fcc70de991b0b3868e05a2b9b2d415fd9fceea2ba7ea9
5c7a67c408976c72b4c0b1ac9d43b4e735fb873ca4367e0feff4f210065ee287
6706c6f5585824f28566ed3a065195880a0b28f9baf754d62814c299f90a6808
6ccf0b8abb83d2e8ae4c8748030e9968f7efa3888600c82b51739b854b6b50e5
72b4790fa6fc089a2d989178ca605831ff881675b1f63a15a3bcf05dd4732c58
7fe76cfeab77b5b7f2886f25ee8fb9a4e6138d47d936856bcf8653cfa84f1a9e
8753bf6f2b315d0802662b179b2df96c5d3795389c4f7782f1bb0aea170b1e55
8985c3e714a1924fad28fed3b93fb6c1b3db88f89a6022a5e8c632d29f32cbf9
8a8bdf7f9539f9302f029f20bfdb58632c83391a19fea5af43d4d4ea548a9e1f
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8ea6c33899ff179090f30ff385f4080aaab3cf95ecc9452c8bb6d5c1c9098035
8ef4172efd86c4a0b91b14287117cf2a44583c87197b98d1449e7e21a494c5ae
963550c7913dc4802f4989e3d794de30515ce4cdbcd60fcf11e3ce0595ef1175
97e3c55772aaf7e759c4b746a15fabbf759043795eaa9ce80ac8a01f7b48dcc7
9a317f9188e0493cb5743905feb957c7d26a4aba78f3cd57085b17ab878ff151
aabc1f0e0e12103bc424993c9b65330cc16ec7eb3f9acab939add6709c9e9a5f
ae5ef045a45012948d0723771bbc119f3b08158244cb4fbc030d47247048f917
b5d6017b6cf836ed358595b432b2353eeeaf4a8c2c26c37ebcd0417a53ee8aae
b9f8618d7b3a4786be3bcb57e823c2162c8689d114c0b49181b65d1783d40e12
c2aaf8de3da76541115a7a171ba010341664f47ddce8306c10421e36c173dbcc
c5ccea18217f38229da4b5d1f232abdd31d81ea3becef598c2921534c094e2e4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd30fd463fdff24c7b077705c8bdff34e3c151cfe24acfa9b8e6b72c0157e7a1
d25df91844918dff2e86acef55a4574ed481d4ac3a4940f60871515506e5c6d6
d720b0116ad80ee8b6806f22eed6dcafa63b1522f117b719c006b8963253d294
dfb1d3f3f59c3874ae7c6b2c3dc75465fdd22dd69ab24fb8241cce0e62cd94ca
e2eb057757026d118239800588494b64448062853db2cd1932a8ae739dc12f7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e787b130cc1c01765393806647ba41712b29071f7c30464eedd9e84e96158d72
eaf999deede21a0246ba9fb4f58899857775ab1cf885012792838ad2444f1892
eda5888f888e950df2fed5f34dab19e688b3baac64b2011be5ff7af04a03338e
f54363eda78fc468e0f9ba50402e754002de5ca1810c1ee887a2e8813d37be18
f5f57c93b9c9ded882b76372582139c71be4e14707e1a76fac396068f3246ae3
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e