www.primeradirectacanal.xyz Open in urlscan Pro
2606:4700:3037::6815:372d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.primeradirectacanal.xyz/lvyes/pq05/
Submission: On May 05 via manual (May 5th 2021, 2:09:52 am UTC) from CA

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 35 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3037::6815:372d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.primeradirectacanal.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2021. Valid for: a year.

This is the only time www.primeradirectacanal.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:372d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:176d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:3a09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
2 2	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.42.128 104.21.42.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:461	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5 5	2606:4700:303... 2606:4700:3035::6815:3588	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:8f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.89.225.89 159.89.225.89	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	174.137.133.17 174.137.133.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	172.255.6.149 172.255.6.149	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:303... 2606:4700:3032::6815:26ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	33

1 2606:4700:3037::6815:372d (United States)

ASN13335 (CLOUDFLARENET, US)

www.primeradirectacanal.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:176d (United States)

ASN13335 (CLOUDFLARENET, US)

www.freewebs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3a09 (United States)

ASN13335 (CLOUDFLARENET, US)

v4.sportzonline.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.114.214 (United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnondemand.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.42.128 (United States)

ASN13335 (CLOUDFLARENET, US)

m966rp4vcpmxqq.goooogle.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:461 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vdosupreme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:e93 (United States)

ASN13335 (CLOUDFLARENET, US)

asacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:3588 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

zap.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:8f0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xml.revrtb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.225.89 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.toromclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.blueparrot.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.popmonetizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.adxnexus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.zeusadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.16 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.acertb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.149 (Netherlands)

ASN7979 (SERVERS-COM, US)

khandragthresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:26ed (United States)

ASN13335 (CLOUDFLARENET, US)

nsparket.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	154 KB
5	zap.buzz 5 redirects zap.buzz	4 KB
5	doubleclick.net googleads.g.doubleclick.net	5 KB
4	amung.us 2 redirects whos.amung.us widgets.amung.us	4 KB
3	goooogle.cloud m966rp4vcpmxqq.goooogle.cloud	36 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	onclickgenius.com onclickgenius.com	3 KB
2	asacdn.com asacdn.com	20 KB
2	vdosupreme.com cdn.vdosupreme.com	180 KB
2	ufpcdn.com ufpcdn.com	3 KB
2	google-analytics.com www.google-analytics.com	38 KB
2	cdnondemand.org cdnondemand.org	20 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	imgur.com i.imgur.com	237 KB
1	nsparket.top nsparket.top
1	khandragthresh.com khandragthresh.com	1 KB
1	zeusadx.com xml.zeusadx.com	165 B
1	acertb.com xml.acertb.com	165 B
1	adxnexus.com xml.adxnexus.com	165 B
1	popmonetizer.net xml.popmonetizer.net	165 B
1	blueparrot.media xml.blueparrot.media	165 B
1	toromclick.com 1 redirects www.toromclick.com	372 B
1	revrtb.net 1 redirects xml.revrtb.net	1 KB
1	googleapis.com fonts.googleapis.com	504 B
1	jsdelivr.net cdn.jsdelivr.net	138 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	650 B
1	sportzonline.to v4.sportzonline.to	4 KB
1	freewebs.com www.freewebs.com	681 B
1	primeradirectacanal.xyz www.primeradirectacanal.xyz	2 KB
0	xmlking.com Failed xml.xmlking.com Failed
0	poprtb.com Failed xml.poprtb.com Failed
56	35

	Domain	Requested by
5	zap.buzz	5 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	www.primeradirectacanal.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
3	m966rp4vcpmxqq.goooogle.cloud	v4.sportzonline.to m966rp4vcpmxqq.goooogle.cloud
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	onclickgenius.com	www.primeradirectacanal.xyz
2	asacdn.com	m966rp4vcpmxqq.goooogle.cloud www.primeradirectacanal.xyz
2	cdn.vdosupreme.com	m966rp4vcpmxqq.goooogle.cloud
2	ufpcdn.com	www.primeradirectacanal.xyz
2	www.google-analytics.com	www.googletagmanager.com
2	cdnondemand.org	www.primeradirectacanal.xyz
2	www.googletagmanager.com	v4.sportzonline.to m966rp4vcpmxqq.goooogle.cloud
2	widgets.amung.us	v4.sportzonline.to m966rp4vcpmxqq.goooogle.cloud
2	whos.amung.us	2 redirects
2	i.imgur.com	www.primeradirectacanal.xyz v4.sportzonline.to
1	nsparket.top	m966rp4vcpmxqq.goooogle.cloud
1	khandragthresh.com	m966rp4vcpmxqq.goooogle.cloud
1	xml.zeusadx.com	m966rp4vcpmxqq.goooogle.cloud
1	xml.acertb.com	m966rp4vcpmxqq.goooogle.cloud
1	xml.adxnexus.com	m966rp4vcpmxqq.goooogle.cloud
1	xml.popmonetizer.net	m966rp4vcpmxqq.goooogle.cloud
1	xml.blueparrot.media	m966rp4vcpmxqq.goooogle.cloud
1	www.toromclick.com	1 redirects
1	xml.revrtb.net	1 redirects
1	fonts.googleapis.com	m966rp4vcpmxqq.goooogle.cloud
1	cdn.jsdelivr.net	m966rp4vcpmxqq.goooogle.cloud
1	s4.histats.com	s10.histats.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s10.histats.com	www.primeradirectacanal.xyz
1	v4.sportzonline.to	www.primeradirectacanal.xyz
1	www.freewebs.com	www.primeradirectacanal.xyz
1	www.primeradirectacanal.xyz
0	xml.xmlking.com Failed	m966rp4vcpmxqq.goooogle.cloud
0	xml.poprtb.com Failed	m966rp4vcpmxqq.goooogle.cloud
56	38

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-22` - `2022-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
www.freewebs.com Cloudflare Inc ECC CA-3	`2021-01-09` - `2022-01-08`	a year	crt.sh
histats.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.vdosupreme.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-17` - `2021-12-17`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.blueparrot.media AlphaSSL CA - SHA256 - G2	`2020-09-07` - `2021-10-09`	a year	crt.sh
*.popmonetizer.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-14` - `2021-12-14`	a year	crt.sh
*.adxnexus.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.acertb.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
*.zeusadx.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2021-11-01`	a year	crt.sh
khandragthresh.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.primeradirectacanal.xyz/lvyes/pq05/
Frame ID: 5972103308C076168BD6D5E311C847EC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 1D2A7F57B1DCE87FB106A0A970D31AB9
Requests: 1 HTTP requests in this frame

Frame: https://v4.sportzonline.to/channels/hd/hd5.php
Frame ID: 87FC2AA6AECC5D57708B22CEE12F0A75
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=250&slotname=8979666549&adk=2564748172&adf=1592129689&pi=t.ma~as.8979666549&w=300&lmt=1620180575&psa=0&format=300x250&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575186&bpp=20&bdt=50&idt=63&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3765274177400&frm=20&pv=2&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=517&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FUtlhNrn5V&p=https%3A//www.primeradirectacanal.xyz&dtd=84
Frame ID: BECF8220E6962884BABF5515509C47E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=324905464&adf=292866077&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575206&bpp=3&bdt=70&idt=71&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=4&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vd47Nm5oMi&p=https%3A//www.primeradirectacanal.xyz&dtd=75
Frame ID: 7B737E0EC875882F2D44D9A5857CA448
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=3128263920&adf=820612371&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575209&bpp=1&bdt=73&idt=75&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MA0YUSO9Ut&p=https%3A//www.primeradirectacanal.xyz&dtd=77
Frame ID: D8AB8EDF892F198A3165962BB9027569
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&adk=1812271804&adf=3025194257&lmt=1620180575&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575228&bpp=1&bdt=92&idt=60&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600%2C160x600&nras=1&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=65
Frame ID: A104C1DBB9C99635AABD4D1F80B2AA38
Requests: 1 HTTP requests in this frame

Frame: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Frame ID: 740DC7C6D4FC20957B47979A0647BA99
Requests: 16 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 2F2A3BDF4E29E929C546BE56089D15B0
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 0AB21E966424D161AAF3184BC6839CA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1BBAB3BD3F583D078FDCEA37B27BA9AA
Requests: 2 HTTP requests in this frame

Frame: https://xml.blueparrot.media/click?i=T4nfzQ28hvo_0
Frame ID: ED59AD6CD424BFD29B4C267B511DF3B5
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Frame ID: 956597A86CA8986ED20613DE477F16E3
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Frame ID: 1A8F33DBBBA3FDEE285FA01F8F4E671B
Requests: 1 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Frame ID: 77A610C1A4B554C136E1D1ED53B75C18
Requests: 1 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Frame ID: 04EBC5BA9DE0204665798CA97B2B6A6A
Requests: 1 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249
Frame ID: 2FD4CDF1D53C3A12B3E164F97E7E7EDF
Requests: 1 HTTP requests in this frame

Frame: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248
Frame ID: A53F527BF161305A48B129F20991BF89
Requests: 1 HTTP requests in this frame

Frame: https://khandragthresh.com/iBsoG511Gsf7/28749
Frame ID: 9D0BFD355C271F9EAAF4A4DF7B93983A
Requests: 1 HTTP requests in this frame

Frame: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Frame ID: D932F3120CD5DEA41BD67E9C4960B2D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

56
Requests

95 %
HTTPS

67 %
IPv6

35
Domains

38
Subdomains

33
IPs

5
Countries

996 kB
Transfer

2424 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://whos.amung.us/cwidget/sportsonpw/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=10500&c=000000ffffff&p=

Request Chain 29

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=47300&c=000000ffffff&p=

Request Chain 46

https://zap.buzz/4kN HTTP 302
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074 HTTP 302
https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=149394&id=7d7fe83a1a98dbc6f021197bbda8ae7c:72a66d859ad1ab524e24728ab30798c1e14961dd86254ead9ab6221e94323b7908230499f8a678704509fe5dfd0892f84c35590a37b3ffa71ad4ea202d2a8a39aa29e09668772b293307df88abfee1b3101e3cef3c8e79145b1e595912dccdfc04ea73d9492486a3d6ec3b651ebdd71277175a4e32c69aac9e751d6eeb5a63a5fac0ae07ee300ed3aed08f6362eccb413c5d9bdc99811ad7ac845881c3c20632cd0a76567e619014d20e264933bde8fbec5f1c1e738cedb443886bf2008e7d98fd5caec4ed317bf359e8ac65b1062524d48a8d878d495195769ae89d917809390fea2e64e4e702b01ec4188dfcb54383af10277ab0b611249e3c14c058f4404abd4db2112b1e76e90cb6f0d47bc7d9b128c7c5c9551a2868ca80f8c75a548c98f00010831ef1328f9431896870ead17b1a33da87b36d7969f6588647f2796f11d16b5b3c55e61bfdba36caff639df8f210461c4128ec638f7d82f8001084582e HTTP 302
https://xml.blueparrot.media/click?i=T4nfzQ28hvo_0

Request Chain 47

https://zap.buzz/QYn HTTP 302
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

Request Chain 48

https://zap.buzz/ll4 HTTP 302
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

Request Chain 49

https://zap.buzz/Y7MvP0W HTTP 302
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

Request Chain 50

https://zap.buzz/BVwkdEK HTTP 302
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

Request Chain 51

https://popxyz.com/KdORxkr HTTP 302
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Request Chain 52

https://yuppyads.com/aaKkk4M HTTP 302
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.primeradirectacanal.xyz/lvyes/pq05/ 5 KB
2 KB 1370ms
1345ms Document
text/html 2606:4700:3037::6815:372d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:372d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4387be18775af3a9c0954772f3003c9686c261c899ec716c3cef360f10904f4

Request headers

:method: GET
:authority: www.primeradirectacanal.xyz
:scheme: https
:path: /lvyes/pq05/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d508367c48a3ace1e2c6e15471739b4d11620180573; expires=Fri, 04-Jun-21 02:09:33 GMT; path=/; domain=.primeradirectacanal.xyz; HttpOnly; SameSite=Lax; Secure
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2b65e00004e1f04ab9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xwSfd3r4cjvKe9x9xVZ7cTT%2BP20V%2FFDVepCOzn5lDYMgQThiyIO%2BpBbQtnkBAsWjKTAvUG%2Bo7RnQfkI5RJJ5U8nlCCHbvdv2JwuylTuJRQccjIPwd%2BVughHMBpwgSNu%2FYI8YkSs2UMk%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d6a2adb4e1f-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H2 200 C16Uh7L.jpg
i.imgur.com/ 372 B
698 B 72ms
22ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/C16Uh7L.jpg

Requested by

Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

99ebc61552fb4d7d88ec9d316d8cdd611688a2964d5ffc72c58876795dd7f0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
x-content-type-options: nosniff
age: 1492298
x-cache: HIT, HIT
content-length: 372
x-served-by: cache-bwi5163-BWI, cache-fra19148-FRA
last-modified: Sun, 02 Aug 2015 09:30:53 GMT
server: cat factory 1.0
x-timer: S1620180575.198231,VS0,VE1
etag: "fd22d37ef2a4d6097a850dcf6f0454ba"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 p.js Show response
www.freewebs.com/ 259 B
681 B 53ms
24ms Script
text/javascript 2606:4700::6811:176d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freewebs.com/p.js
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:176d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bda430f5609d47198e611998b8d9d86084e85bd8f6122aafb35e58eb1e299ab5

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 11570
cf-polished: origSize=795
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dbe2bbc300002c2a020f5000000001
last-modified: Tue, 04 May 2021 17:34:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 64a66d72cd192c2a-FRA
expires: Wed, 05 May 2021 22:56:44 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3145061557951544&plah=www.primeradirectacanal.xyz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 1D2A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 22:09:39 GMT
expires: Tue, 18 May 2021 22:09:39 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 14396
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hd5.php Show response
v4.sportzonline.to/channels/hd/ Frame 87FC 7 KB
4 KB 100ms
75ms Document
text/html 2606:4700:3034::6815:3a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.sportzonline.to/channels/hd/hd5.php
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3a09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: ab99d098b9c2abc3ca612b6996b3f2ddc804b20a6b77fb3326d8e324b78d0880

Request headers

:method: GET
:authority: v4.sportzonline.to
:scheme: https
:path: /channels/hd/hd5.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-type: text/html
set-cookie: __cfduid=daaa757e87a8209aff343d9c86058e5ff1620180575; expires=Fri, 04-Jun-21 02:09:35 GMT; path=/; domain=.sportzonline.to; HttpOnly; SameSite=Lax
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2bc1600003244688d5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8%2Fn34IUcDjDj1Be2GIwBg27dRbElsmJ%2BnSbtK72zTjXsx%2BjYSkhETYXva8ZM%2Bmc8pxiZ4%2BOnONs%2Bm1zg57g4s%2BbQKoN7EQO0DKNtXrRUWqufosgiYPH4QA0HUMobEM%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d735a1e3244-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 92ms
29ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:02:10 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 8159582

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
650 B 80ms
30ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.primeradirectacanal.xyz&callback=_gfp_s_&client=ca-pub-3145061557951544

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3145061557951544&plah=www.primeradirectacanal.xyz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

a3b0db8d53c2384fbe5bbc31593b5c0792f1fcff01ce7ad58184a8e763b9349d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.primeradirectacanal.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.primeradirectacanal.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BECF 399 B
222 B 193ms
193ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=250&slotname=8979666549&adk=2564748172&adf=1592129689&pi=t.ma~as.8979666549&w=300&lmt=1620180575&psa=0&format=300x250&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575186&bpp=20&bdt=50&idt=63&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3765274177400&frm=20&pv=2&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=517&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FUtlhNrn5V&p=https%3A//www.primeradirectacanal.xyz&dtd=84

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

940012449a9a5b5d7c36ca1127fc341f5d4685c2cf8ef78777d798f78b921784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3145061557951544&output=html&h=250&slotname=8979666549&adk=2564748172&adf=1592129689&pi=t.ma~as.8979666549&w=300&lmt=1620180575&psa=0&format=300x250&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575186&bpp=20&bdt=50&idt=63&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3765274177400&frm=20&pv=2&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=517&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FUtlhNrn5V&p=https%3A//www.primeradirectacanal.xyz&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:09:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 02:24:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:09:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B73 399 B
222 B 198ms
198ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=324905464&adf=292866077&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575206&bpp=3&bdt=70&idt=71&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=4&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vd47Nm5oMi&p=https%3A//www.primeradirectacanal.xyz&dtd=75

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa77da1fec6731f011d28cc4e69b2b155e61bd30ce2e948ed0770ab473a0c079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=324905464&adf=292866077&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575206&bpp=3&bdt=70&idt=71&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=4&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vd47Nm5oMi&p=https%3A//www.primeradirectacanal.xyz&dtd=75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:09:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 02:24:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:09:35 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8AB 399 B
222 B 159ms
159ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=3128263920&adf=820612371&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575209&bpp=1&bdt=73&idt=75&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MA0YUSO9Ut&p=https%3A//www.primeradirectacanal.xyz&dtd=77

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0888f82d8f0a1b0765f0c33c74a0a1eea1fbb37188358c7b786f31a3dd63c7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3145061557951544&output=html&h=600&slotname=9566824059&adk=3128263920&adf=820612371&pi=t.ma~as.9566824059&w=160&lmt=1620180575&psa=0&format=160x600&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575209&bpp=1&bdt=73&idt=75&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MA0YUSO9Ut&p=https%3A//www.primeradirectacanal.xyz&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:09:35 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 02:24:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:09:35 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A104 54 B
56 B 67ms
66ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3145061557951544&output=html&adk=1812271804&adf=3025194257&lmt=1620180575&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575228&bpp=1&bdt=92&idt=60&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600%2C160x600&nras=1&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=65

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3145061557951544&output=html&adk=1812271804&adf=3025194257&lmt=1620180575&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620180575228&bpp=1&bdt=92&idt=60&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600%2C160x600&nras=1&correlator=3765274177400&frm=20&pv=1&ga_vid=493662992.1620180575&ga_sid=1620180575&ga_hid=1101325979&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2521646810382665&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=65
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 May 2021 02:09:35 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-May-2021 02:24:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 May 2021 02:09:35 GMT
cache-control: private

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 333ms
111ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4190337&@f16&@g1&@h1&@i1&@j1620180575350&@k0&@l1&@mPrimera%20Directa%20is%20LIVE&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:164446556&@b3:1620180575&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.primeradirectacanal.xyz%2Flvyes%2Fpq05%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: 1fd14b0a56ecf70c446886da98fe4bdc8d08436d109e9baac9297d42bbf5a7f5

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 05 May 2021 02:09:35 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 NZy1Qoi.png
i.imgur.com/ Frame 87FC 236 KB
236 KB 24ms
22ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NZy1Qoi.png

Requested by

Host: v4.sportzonline.to
URL: https://v4.sportzonline.to/channels/hd/hd5.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f2356de4206d31787867005c288937cfb451de205ae7e3663565b7017481c0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
x-content-type-options: nosniff
age: 2231518
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 241600
x-served-by: cache-bwi5181-BWI, cache-fra19148-FRA
last-modified: Wed, 26 Sep 2018 12:55:07 GMT
server: cat factory 1.0
x-timer: S1620180575.366758,VS0,VE1
etag: "deb4de2a26230c601c279d8c50995bb8"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2

200

/
widgets.amung.us/draw/ Frame 87FC
Redirect Chain

https://whos.amung.us/cwidget/sportsonpw/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=10500&c=000000ffffff&p=

1 KB
2 KB

36ms
18ms

Image
image/png

2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=10500&c=000000ffffff&p=
Requested by: Host: v4.sportzonline.to
URL: https://v4.sportzonline.to/channels/hd/hd5.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f1c855dc6c628d1ea08d9b7b40242d6cee322559e7d7dfddca6b67393999b

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
cf-cache-status: HIT
server: cloudflare
age: 120628
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 64a66d76bc663244-FRA
cf-request-id: 09dbe2be3300003244d484d000000001
expires: Tue, 04 May 2021 16:39:07 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=10500&c=000000ffffff&p=
date: Wed, 05 May 2021 02:09:35 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 87FC 88 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119404274-1

Requested by

Host: v4.sportzonline.to
URL: https://v4.sportzonline.to/channels/hd/hd5.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9e83e487f6cfe4f06965b76728c7f9f9fcf4e3f7fd08981316246cdd1338e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35872
x-xss-protection: 0
last-modified: Wed, 05 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H2 200 compatibility.js Show response
cdnondemand.org/script/ Frame 87FC 20 KB
8 KB 37ms
12ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/compatibility.js
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2306
x-guploader-uploadid: ABg5-Uycmm2LK1-3HMYT6UwQ0O099yFYXIZ96jheD3-NF3hgWYM4yngmQ6SprV0tQzvxnf-f4Ap3VPnTeLDv4z4JATw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09dbe2bc9a00002c0d3e302000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation: 1600171832181211
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 64a66d742c6a2c0d-FRA
expires: Wed, 05 May 2021 06:09:35 GMT

GET
H2 200 rmfhl85k Show response
m966rp4vcpmxqq.goooogle.cloud/embed/ Frame 740D 14 KB
6 KB 154ms
107ms Document
text/html 104.21.42.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Requested by: Host: v4.sportzonline.to
URL: https://v4.sportzonline.to/channels/hd/hd5.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d60d1131f2585aebec30d5744a3d3b121977a39a8c189ea0d9659739599c00b

Request headers

:method: GET
:authority: m966rp4vcpmxqq.goooogle.cloud
:scheme: https
:path: /embed/rmfhl85k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://v4.sportzonline.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://v4.sportzonline.to/

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d178cf3e04e3cbd3a40d3b3c79130aba51620180575; expires=Fri, 04-Jun-21 02:09:35 GMT; path=/; domain=.goooogle.cloud; HttpOnly; SameSite=Lax hf1=1; expires=Thu, 06-May-2021 02:09:35 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2bcb9000000d19f1df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FNL9KLluOkeJsDxTWQb0NCu6NUrjCjb6IFtkSlZZ4TLsfawFtAwgfA03T8MZ3KfMO5o4rvGsgkgC%2Bs64AvrX3V9SAPXCIg%2FjhhLhjKr0Mg%2Bg93KjFUnFjIXde%2BYPmA%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d74590800d1-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 87FC 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119404274-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6624
date: Wed, 05 May 2021 00:19:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 02:19:11 GMT

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 2F2A 2 KB
2 KB 198ms
180ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://v4.sportzonline.to/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://v4.sportzonline.to/

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-type: text/html
set-cookie: __cfduid=d1b79e254cbf2241641862c2aeaac7ac31620180575; expires=Fri, 04-Jun-21 02:09:35 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=2f5f3ab26d2fe594d6b5f2e8cda64fdec8430a23-1620180575-1800-AWBpYxoTEELJo7n0Z0rgjHJH1YXactC71unC4aXcsUK/1HDAkxppc5Lh3MCa1HqpW6e3NJ/Ygjc+h0ADDWx9LSg=; path=/; expires=Wed, 05-May-21 02:39:35 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2bcda0000dfd7bf8f3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b7OFsKsRuDwsQrM1xBo4nbl60D1oqU4RRzdW6LmE6K76V4aN%2FqP1foEIAuesfsH4cywqc9hAZJxaoKyruoTyUGoZ2EAzHpBvEWkq4fW%2BYCRNoc0iyFRx"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d74883cdfd7-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 embed.min.css
m966rp4vcpmxqq.goooogle.cloud/css/ Frame 740D 1 KB
1 KB 51ms
25ms Stylesheet
text/css 104.21.42.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m966rp4vcpmxqq.goooogle.cloud/css/embed.min.css?v=0.3
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.42.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 237
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dbe2bd430000fa7c30868000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tKT3DgbYQRxXxiefk4Thhzd6M8mjTKtXvqzWDZYj5jIGRnulaIsrR8HPNfiiicEM%2F63BOtsDrjcHqobyu6Y0Mc5XFsRx8vubjHNmSgPXcsLDD2Jeb9V18aAfoeNJ7A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 64a66d753bb5fa7c-AMS

GET
H3-29 200 jquery.min.js Show response
m966rp4vcpmxqq.goooogle.cloud/js/ Frame 740D 85 KB
29 KB 54ms
29ms Script
application/javascript 104.21.42.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.42.128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 236
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dbe2bd450000fa7c1eae9000000001
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
server: cloudflare
etag: W/"5fa984ce-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I3JwP3cIK15O7u5V0dF6urmGaU271ttNlRZMPG2HQjeIztlhtQHhy5IwnR82cCjZBCA%2F61vIupKPEfRykFbr4A4po2Y7%2BlzWtV3D9R2%2F1g%2FEvLjhSahB9QFJyqQxzw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 64a66d753bb2fa7c-AMS

GET
H2 200 vdo.js Show response
cdn.vdosupreme.com/ Frame 740D 574 KB
170 KB 55ms
13ms Script
application/javascript 2606:4700::6812:461
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vdosupreme.com/vdo.js?id=6gzf9nfdh3gafs8bfzm1
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e246ccef1da5cd8f925f53b944e70395e938bb88862bf229a447118e1d59be9

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 41366
x-powered-by: Express
x-cache-status: HIT
cf-request-id: 09dbe2bd4b00004e5c89088000000001
server: cloudflare
etag: W/"8f664-1YYnWTqW8FIEMXKYn8VrUsoBwVY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 64a66d7548fd4e5c-FRA
expires: Wed, 05 May 2021 02:39:35 GMT

GET
H2 200 vdo.clappr.plugin.js Show response
cdn.vdosupreme.com/ Frame 740D 36 KB
10 KB 61ms
19ms Script
application/javascript 2606:4700::6812:461
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vdosupreme.com/vdo.clappr.plugin.js
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:461 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd93fb56772df67888dba6ab8be7698107888d7eb03195d2ad7e22c084daecdb

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 14:28:12 GMT
server: cloudflare
age: 41366
etag: W/"609159fc-9032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 64a66d7549034e5c-FRA
cf-request-id: 09dbe2bd4b00004e5c278eb000000001
expires: Wed, 05 May 2021 02:39:35 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 740D 513 KB
138 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16877
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19122-FRA, cache-hhn4080-HHN
date: Wed, 05 May 2021 02:09:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 740D 88 KB
35 KB 22ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Requested by

Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91ee84a6d97727b0482ac6eb5ba5e90b6ef28e41cc115b829f5b038797748f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35873
x-xss-protection: 0
last-modified: Wed, 05 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H2

200

/
widgets.amung.us/draw/ Frame 740D
Redirect Chain

https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=47300&c=000000ffffff&p=

1 KB
2 KB

36ms
19ms

Image
image/png

2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=47300&c=000000ffffff&p=
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20890598c1c9f52656d94949d34733b0a3fd0b08a4446f2f1a24e4ce7f4042a7

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
cf-cache-status: HIT
server: cloudflare
age: 92196
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 64a66d76bc683244-FRA
cf-request-id: 09dbe2be3300003244b0a15000000001
expires: Wed, 05 May 2021 00:32:59 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=47300&c=000000ffffff&p=
date: Wed, 05 May 2021 02:09:35 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ Frame 740D 1 KB
504 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/css/embed.min.css?v=0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 May 2021 01:54:12 GMT
server: ESF
date: Wed, 05 May 2021 02:09:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 May 2021 02:09:35 GMT

GET
H2 200 compatibility.js Show response
asacdn.com/script/ Frame 740D 20 KB
8 KB 30ms
12ms Script
application/javascript 2606:4700:3033::6815:e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/compatibility.js
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2134
x-guploader-uploadid: ABg5-Uzy1wNDdDHDHJ9qxn8FO-IYxsbVa48z4IrXM0ccJ8cdub-HmhKeA_Jq4l7XjDoq9hgk48wb4MAHcNIb5FxXFuDsyEm6nQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dbe2be2b00005364001be000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2gOfr5mF66QyOPRxNVziT4aiuv9ZJzb5lRvvT83FWfoaZ3NYublBWkTGtdQ%2FACPQ7%2FiZVNeUCFq7lurt%2BUv9GuGRJ4O7iXOd5E0fy7SpsKoVA%2BoiEgzz"}]}
x-goog-generation: 1600171832181211
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 64a66d76ae455364-FRA
expires: Wed, 05 May 2021 01:35:53 GMT

GET
BLOB 200
OK 6ddb2ecb-c5db-454f-b93a-ec302d417b00
https://m966rp4vcpmxqq.goooogle.cloud/ Frame 740D 168 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://m966rp4vcpmxqq.goooogle.cloud/6ddb2ecb-c5db-454f-b93a-ec302d417b00
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/embed/rmfhl85k
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf20a6df38f29dc6dac6119e2bab5678f6d4cc7c7d417e23e4ab5f5d66284935

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 168
Content-Type: text/javascript

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ Frame 87FC 4 KB
1 KB 273ms
230ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=2384231&cbrandom=0.5957149741113341&cbiframe=1&cbWidth=640&cbHeight=450&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0263f268a387ae2b75e5721d049f292e7621160de87430a3e63f0735c599fb18

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 chrome.js Show response
cdnondemand.org/script/ Frame 87FC 36 KB
11 KB 14ms
13ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/chrome.js
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://v4.sportzonline.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 754
x-guploader-uploadid: ABg5-UxBeloBffUdKHjCQs_z1JzZcheUz4VKZVz604enW076hVyx-TlF9H1-vh7MYzQZT52CN-51WvcJWkI-z6ReuyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09dbe2be2800002c0d4083e000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation: 1600074929755781
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 64a66d76aec42c0d-FRA
expires: Wed, 05 May 2021 06:09:35 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 740D 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m966rp4vcpmxqq.goooogle.cloud
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 88652
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 04 May 2022 01:32:03 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 740D 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://m966rp4vcpmxqq.goooogle.cloud
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 469528
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:44:07 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 740D 48 KB
19 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2380
date: Wed, 05 May 2021 01:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 05 May 2021 03:29:55 GMT

GET
H3-29 200 identify.html Show response
ufpcdn.com/script/ Frame 0AB2 2 KB
2 KB 350ms
339ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m966rp4vcpmxqq.goooogle.cloud/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=2f5f3ab26d2fe594d6b5f2e8cda64fdec8430a23-1620180575-1800-AWBpYxoTEELJo7n0Z0rgjHJH1YXactC71unC4aXcsUK/1HDAkxppc5Lh3MCa1HqpW6e3NJ/Ygjc+h0ADDWx9LSg=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

date: Wed, 05 May 2021 02:09:36 GMT
content-type: text/html
set-cookie: __cfduid=d480fa8a16fa403bbedb82da1c5ba05e91620180575; expires=Fri, 04-Jun-21 02:09:35 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2be9c000064dfe193d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jwx0dqHxGXvrerAo76Lm%2BC153%2FIFbiUZnNHCD%2FHo5s1oBvDaLrq%2BJr8FNGSt%2BxVnfcY97QgfZ2BmxE0And4SSYxPkn%2F%2BOIsR6RnQlYGR46t1w9mj5qVN"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d775e3264df-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ Frame 740D 4 KB
1 KB 171ms
171ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=3939411&cbrandom=0.6408254002861786&cbiframe=1&cbWidth=640&cbHeight=450&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: cb3044771ef19b17d34c0bc174c8c96b50417fec634f85e0561fb3060cd18c90

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 May 2021 02:09:36 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 chrome.js Show response
asacdn.com/script/ Frame 740D 36 KB
11 KB 13ms
13ms Script
application/javascript 2606:4700:3033::6815:e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/chrome.js
Requested by: Host: www.primeradirectacanal.xyz
URL: https://www.primeradirectacanal.xyz/lvyes/pq05/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://m966rp4vcpmxqq.goooogle.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date: Wed, 05 May 2021 02:09:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3356
x-guploader-uploadid: ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09dbe2bf5900005364d5904000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lCd6CUMWI%2BT0gxDukSrcJJlK4QHsHRzDu5xZ0h%2FDnAe6mqb0rL5Y8ZZvIdqWzRvhfAS%2BbLQqeLiScNRGYWFq%2Bq3FfH%2FzNc6McaGcGe0pyZGJ4oSzu8AU"}]}
x-goog-generation: 1600074929755781
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 64a66d78883f5364-FRA
expires: Wed, 05 May 2021 01:29:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 36ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

901e6619b1fc566f5b8ce2e71e1668ce009ab0233a6026a32fc8cba38da6f5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 May 2021 02:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7655
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 02:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 05 May 2021 02:09:36 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1BBA 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.primeradirectacanal.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.primeradirectacanal.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 23:42:12 GMT
expires: Wed, 04 May 2022 23:42:12 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8844
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BBA 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 15030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 21:59:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=2521646810382665&bg=!Z2SlZCDNAAYXzPaOF8w7ACkAdvg8Wp5j9HKX_BJutyb25Zz2O9FeX546mVxTlgHuwN11PRsVLH2EvwIAAABoUgAAAA5oAQcKAPcySdhhsmHxgbb1pDVZMQdfpptGIPfL3OMwC2949wqjVt6gIqCexGxI4KRViK2Jif4QxGYls3QSO0LEDEtG-24lzYUqaKeDaeYhSana6VXCitXEipH860KzuSh5AOI91eobfTQgTiFC249-5V2nXnLuvbrJb71xmKL-0RLfFwOcsNTsCy-d0so26CexihgN-FTjcyDqkRoFDRc6oi_QFHGDp-HcQDeu5XR4O7920rKkde999oQMgYoBAng5ud9NnGZqflIR5NERxyt1mMSS_lCwLopTbRB81ekGnXy8XIUkL_lRq8Gq6T1X1Og8xPAaADvXnJpij9NOmQJaPbdDqrtXTrUQJzGnl34R6spHyfZ_g_D1i910_8PPJW6B8cqW6lkjSUb1E-rkkC8OiTxUYsfYuJdhawnfhzMF802V5YHuE0b8XLxdn3KGO2yvY0orAuap-j3j1qGbmRWdvaE5kKmPq5aKpAqJM0BosSIgJm7rxhkbHhTLxBM2PEOMIFOlRR2RWG_OshRyzeVmrfPIJOvSuZ0aiCqsFM6-yvZS-revnu3-wl39szI6uMWak2EnrKJAVU0uEhqcqfmDnDwMtxoEr-EVo4pc-aF_bXtkg1YtKhjXC6Eos0Z8gyW5mxvgisvdZkqks3jlcef9sSVsikYS-m2CpopB9pwhrMbsXTEYrdOQy-ssBSo3kMYL4k2zdtGFiHprhtyeR_ONE4SXSPvGLG3Nh6fVaLWBc58FnXUrcqwvwjuj1bKM7JE28g9J5xBIVJ6EFAkah5Bukq_CTAS5Haut79CfLTPA1kZDvj9arB8rSfrlCoMQtXx5M9oAStLBqY-UxXzy31pavrCbn2RglRt9EYmhArj-QAL9NW0NXEdmLn7Knm1lNDd9ScE3pouPJsMUEEOzJeqq75J9LwLLRMhAd0RyqGLQiE8Sc8QBY0OQvPmiXeYTEO1ImkCmngVXBOL9xlZRd9KkJwvE1yZib0uHUHOIk9jVFtFhb2DwvPJ0l-AaBFD6hxQDPko8hi9SYR41U29Uk_0nYfEP-lkbm5Jmw6J1Qt4mvTqeeWgQgKMllJ-1N6ax8eO9of2ZTUxYrpfVxyek04jJ-ee-98mLti7F-ASq8xAZM97PSBNUYdrE_JE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.primeradirectacanal.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 May 2021 02:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

click Show response
xml.blueparrot.media/ Frame ED59
Redirect Chain

https://zap.buzz/4kN
https://xml.revrtb.net/redirect?feed=149394&auth=erf3fn&pubid=86074
https://www.toromclick.com/feed/click/?t1=128&tid=265&uid=90&subid=149394&id=7d7fe83a1a98dbc6f021197bbda8ae7c:72a66d859ad1ab524e24728ab30798c1e14961dd86254ead9ab6221e94323b7908230499f8a678704509fe5...
https://xml.blueparrot.media/click?i=T4nfzQ28hvo_0

0
165 B

352ms
166ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.blueparrot.media/click?i=T4nfzQ28hvo_0
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.blueparrot.media
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://xml.blueparrot.media/click?i=T4nfzQ28hvo_0
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 144
Date: Wed, 05 May 2021 02:09:42 GMT
Connection: keep-alive

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 9565
Redirect Chain

https://zap.buzz/QYn
https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075

0
165 B

309ms
106ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.popmonetizer.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:42 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Wed, 05 May 2021 02:09:41 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9791301238f572efc5d0fda5a9dc07941620180581; expires=Fri, 04-Jun-21 02:09:41 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJH-ZQ.5xQsf0ffHXvPkYNsUYHVyKVHrhY; Expires=Wed, 05-May-2021 02:39:41 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=e30de099c519eea3d96b5962f2cb7082; path=/; HttpOnly __cf_bm=3d10fe38a67bb7fb336843ff485bc7a6c1c5e4a2-1620180581-1800-AcCQX/g9rhZ6uZpQY5z0dAbVl5+Y8sjvd+S9kkHRNotdeGkD/QGfD222we0Nm2jaY/Hn/eOfqHcDFU8RpeA4MKk=; path=/; expires=Wed, 05-May-21 02:39:41 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location: https://xml.popmonetizer.net/redirect?feed=149396&auth=sV0R29&pubid=86075
vary: Cookie
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2d42500004a922901e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s5bPl5Dfn3iHI7a4XFiXJZRgmsndwM1GJLJ%2BBrDkN4kh7Kq5o%2FndqQQO1oIv5l6ShvS2%2FIvyi7EeMf0HhAOTMgJcCGkeisvElyKXZOFXWRpaW9TfqQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d99dd014a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.adxnexus.com/ Frame 1A8F
Redirect Chain

https://zap.buzz/ll4
https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381

0
165 B

300ms
98ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.adxnexus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Wed, 05 May 2021 02:09:41 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9791301238f572efc5d0fda5a9dc07941620180581; expires=Fri, 04-Jun-21 02:09:41 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJH-ZQ.5xQsf0ffHXvPkYNsUYHVyKVHrhY; Expires=Wed, 05-May-2021 02:39:41 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=bb2f745ae09bacc8e5e9eff1bfebfca1; path=/; HttpOnly __cf_bm=f864ecc453aeca13b15cdc0088380b17d07cb85e-1620180581-1800-ATM9Cc+SQftRrqyPBMLn6a2Ik+kKlEqpVlCl1474T6EFhz+0vSho+BXYOwyhAL6iQqk/AwkUPUbB8T6BkJp3GUM=; path=/; expires=Wed, 05-May-21 02:39:41 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location: https://xml.adxnexus.com/redirect?feed=182728&auth=xcpA16&pubid=94381
vary: Cookie
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2d42600004a922e9ee000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rIEQ1o04DJquLApEOa6I6QemwpGxTp933J5iuOjhC6EBdyocmsBMnFSbg4qLoRdoY6kt7xjAgjmheplu9Lexkf1b1cd0xgXfnsmWOTUMmZLpD00yzg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d99dd024a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.acertb.com/ Frame 77A6
Redirect Chain

https://zap.buzz/Y7MvP0W
https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759

0
165 B

315ms
108ms

Document
text/plain

174.137.133.16
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.16 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.acertb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Wed, 05 May 2021 02:09:41 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9791301238f572efc5d0fda5a9dc07941620180581; expires=Fri, 04-Jun-21 02:09:41 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJH-ZQ.5xQsf0ffHXvPkYNsUYHVyKVHrhY; Expires=Wed, 05-May-2021 02:39:41 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=d585d200b2c131263e83e0fb3a909002; path=/; HttpOnly __cf_bm=42015304f0a7797d49df2556918fca872e544865-1620180581-1800-AS8arIl+Ae0sATQkr3NNqEoNxPWorweRhEuSlV9zQz5fzUk/Djp7zMdCo9O1+BuZC73EMiLSh9CxSJE3iNumqJM=; path=/; expires=Wed, 05-May-21 02:39:41 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location: https://xml.acertb.com/redirect?feed=237467&auth=9pBSqH&pubid=112759
vary: Cookie
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2d42600004a926e8ef000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gFLdSg4Q817sFemgG%2FjPGS3YDi9VS%2B0GILLk83%2BlWX89ect2SVL8Q6J6Cjg6AReCdrjzLSuTXO4zf%2BkG6Gx%2BNpIdPKTqeMGW2VfYMwLALCLvWBBm9A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d99dd044a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

redirect Show response
xml.zeusadx.com/ Frame 04EB
Redirect Chain

https://zap.buzz/BVwkdEK
https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610

0
165 B

330ms
119ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: xml.zeusadx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:42 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache

Redirect headers

date: Wed, 05 May 2021 02:09:41 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9791301238f572efc5d0fda5a9dc07941620180581; expires=Fri, 04-Jun-21 02:09:41 GMT; path=/; domain=.zap.buzz; HttpOnly; SameSite=Lax session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YJH-ZQ.5xQsf0ffHXvPkYNsUYHVyKVHrhY; Expires=Wed, 05-May-2021 02:39:41 GMT; HttpOnly; Path=/ 6b312b37f1873b736b8e9860a18314f1=6fbe361d347f4b3079feac7ebc39e67f; path=/; HttpOnly __cf_bm=67e8f985c60a0b51bea2f03bc4ff6bb01eba7ac0-1620180581-1800-AXRdqufpXkp3ClGFnDdm8fSOvEcE7x1rtoI295hp/mZz5vNv3X8ucVXWrMmcVs0aoOAi+szRj+uOtR+Q3lLGPdo=; path=/; expires=Wed, 05-May-21 02:39:41 GMT; domain=.zap.buzz; HttpOnly; Secure; SameSite=None
location: https://xml.zeusadx.com/redirect?feed=251289&auth=GCSqI1&pubid=105610
vary: Cookie
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2d42600004a922aaf6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pDuSzHYQohMLU%2BOwa%2FFCuyV%2ByINj94VTdtpaLPa8j73KxEtCQ8y1KGi3%2BCMBQ3G3eAv9ktst0L1I%2BO81p%2FwQxhZVx2JR6Oy%2FUGWljBnexKNnfCPFyg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a66d99dd054a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET

redirect
xml.poprtb.com/ Frame 2FD4
Redirect Chain

https://popxyz.com/KdORxkr
https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

0
0

GET

redirect
xml.xmlking.com/ Frame A53F
Redirect Chain

https://yuppyads.com/aaKkk4M
https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

0
0

GET
H/1.1 200
OK Cookie set 28749 Show response
khandragthresh.com/iBsoG511Gsf7/ Frame 9D0B 0
1 KB 76ms
22ms Document
text/html 172.255.6.149
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://khandragthresh.com/iBsoG511Gsf7/28749

Requested by

Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.149 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: khandragthresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://m966rp4vcpmxqq.goooogle.cloud/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

Server: nginx
Date: Wed, 05 May 2021 02:09:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jVtOhDAYhbnjZIR4EhYwSwARMzwaF%2BEj6eUvUwfaSalD3L2NiT6dL%2BeSE0VR0tSI70WC9IsNOKn%2BhcbXcRykVL1SA%2FGOK0ldfxaKnkeBg94mz%2FhCPsPjTIacFpOwkio8hejPuRq7mww5d8zICvkaGkuFkju7b%2BSaFJlhK6F4vzgbNF%2FZp3VIzmNAbQLGLRK7NWl9QPmhjQy7%2Boika%2BuqiHC8Lcwr69ZJyyJGPjsmCfEbHgTzNFv3jVLSdvX2BthFTv%2F939t071oUku5ahG%2FrL%2BR%2BAFOVS6g%3D; expires=Thu, 06-May-2021 02:09:41 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjNFKw0AURNONLg2tkYF%2BQH%2FAQIIaX8WXPsT8whKS23ah2bvsXsX49aYtqG%2FDmTmTJIna5FDWIy9fnoqqrIqyLovnGumBGKptsO75w0mYjOtGwqolOVI4dW6I0IEOlt0822F1zabngXDbNg%2F%2F2MW8aznIcbvj01nGTW9lQvY6RqEwdCOyM7jq61n%2FK1IbPZbv1WO9bWRA5khM9ERzfOPgOXRCyH%2Fp5UKnWNpofOCvSS9wL3akb3ZkeL%2BPJFph8anVD07sTEU%3D; expires=Thu, 06-May-2021 02:09:41 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 204 redirect
nsparket.top/ Frame D932 0
0 134ms
110ms Document
text/plain 2606:4700:3032::6815:26ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsparket.top/redirect?tid=756113&file=Watch_Live
Requested by: Host: m966rp4vcpmxqq.goooogle.cloud
URL: https://m966rp4vcpmxqq.goooogle.cloud/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:26ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: nsparket.top
:scheme: https
:path: /redirect?tid=756113&file=Watch_Live
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m966rp4vcpmxqq.goooogle.cloud/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m966rp4vcpmxqq.goooogle.cloud/

Response headers

date: Wed, 05 May 2021 02:09:41 GMT
set-cookie: __cfduid=d4bd267c23ef44a6430e5258bdb71018b1620180581; expires=Fri, 04-Jun-21 02:09:41 GMT; path=/; domain=.nsparket.top; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
x-cache: Miss from cloudfront
via: 1.1 12ab600b22d5c2eb1f2192b1156c2fd1.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: Fc8u9_gpGfj_mBmvtEHwZ1RJxcBpsjOs_PMBnHt3ZSO9SEr99EEuyQ==
cf-cache-status: DYNAMIC
cf-request-id: 09dbe2d42b00004dc414165000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1jw0D171PTGoHtLS7tY0WZrdc%2Ftm%2FABg%2BwaNA8GqCE9gUgbh5CubDlnGLQG3aG8bS%2BW%2B3A%2FoKnV5Gl%2FTTbmVbjp3GP04PqKOueR%2Fa2%2FRj%2FZv%2BD5h80AHmGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64a66d99db504dc4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.poprtb.com
URL: https://xml.poprtb.com/redirect?feed=279981&auth=hBqsQm&pubid=125249

Domain: xml.xmlking.com
URL: https://xml.xmlking.com/redirect?feed=279986&auth=FqDuBC&pubid=125248

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
asacdn.com
cdn.jsdelivr.net
cdn.vdosupreme.com
cdnondemand.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
khandragthresh.com
m966rp4vcpmxqq.goooogle.cloud
nsparket.top
onclickgenius.com
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
ufpcdn.com
v4.sportzonline.to
whos.amung.us
widgets.amung.us
www.freewebs.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.primeradirectacanal.xyz
www.toromclick.com
xml.acertb.com
xml.adxnexus.com
xml.blueparrot.media
xml.popmonetizer.net
xml.poprtb.com
xml.revrtb.net
xml.xmlking.com
xml.zeusadx.com
zap.buzz
xml.poprtb.com
xml.xmlking.com
104.21.42.128
151.101.12.193
159.89.225.89
172.255.6.149
174.137.133.16
174.137.133.17
174.137.133.18
198.27.80.143
216.58.212.130
2606:4700:10::6816:4aab
2606:4700:3032::6815:26ed
2606:4700:3033::6815:e93
2606:4700:3034::6815:3a09
2606:4700:3034::6815:8f0
2606:4700:3035::6815:3588
2606:4700:3037::6815:372d
2606:4700:3037::ac43:8e31
2606:4700::6810:a710
2606:4700::6811:176d
2606:4700::6812:461
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a04:4e42:1b::621
35.190.71.96
46.105.201.240
67.202.114.214
0263f268a387ae2b75e5721d049f292e7621160de87430a3e63f0735c599fb18
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
0888f82d8f0a1b0765f0c33c74a0a1eea1fbb37188358c7b786f31a3dd63c7ce
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0d60d1131f2585aebec30d5744a3d3b121977a39a8c189ea0d9659739599c00b
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
1fd14b0a56ecf70c446886da98fe4bdc8d08436d109e9baac9297d42bbf5a7f5
20890598c1c9f52656d94949d34733b0a3fd0b08a4446f2f1a24e4ce7f4042a7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5e246ccef1da5cd8f925f53b944e70395e938bb88862bf229a447118e1d59be9
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
901e6619b1fc566f5b8ce2e71e1668ce009ab0233a6026a32fc8cba38da6f5ae
91ee84a6d97727b0482ac6eb5ba5e90b6ef28e41cc115b829f5b038797748f16
940012449a9a5b5d7c36ca1127fc341f5d4685c2cf8ef78777d798f78b921784
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
99ebc61552fb4d7d88ec9d316d8cdd611688a2964d5ffc72c58876795dd7f0ed
a3b0db8d53c2384fbe5bbc31593b5c0792f1fcff01ce7ad58184a8e763b9349d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a9e83e487f6cfe4f06965b76728c7f9f9fcf4e3f7fd08981316246cdd1338e9f
aa77da1fec6731f011d28cc4e69b2b155e61bd30ce2e948ed0770ab473a0c079
ab99d098b9c2abc3ca612b6996b3f2ddc804b20a6b77fb3326d8e324b78d0880
bda430f5609d47198e611998b8d9d86084e85bd8f6122aafb35e58eb1e299ab5
bf20a6df38f29dc6dac6119e2bab5678f6d4cc7c7d417e23e4ab5f5d66284935
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c43f1c855dc6c628d1ea08d9b7b40242d6cee322559e7d7dfddca6b67393999b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
cb3044771ef19b17d34c0bc174c8c96b50417fec634f85e0561fb3060cd18c90
d4387be18775af3a9c0954772f3003c9686c261c899ec716c3cef360f10904f4
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2356de4206d31787867005c288937cfb451de205ae7e3663565b7017481c0d7
fd93fb56772df67888dba6ab8be7698107888d7eb03195d2ad7e22c084daecdb
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

www.primeradirectacanal.xyz Open in urlscan Pro 2606:4700:3037::6815:372d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

67 %IPv6

35 Domains

38 Subdomains

33 IPs

5 Countries

996 kBTransfer

2424 kBSize

0 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.primeradirectacanal.xyz Open in urlscan Pro
2606:4700:3037::6815:372d Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

67 %
IPv6

35
Domains

38
Subdomains

33
IPs

5
Countries

996 kB
Transfer

2424 kB
Size

0
Cookies

56 HTTP transactions
0 data transactions