urlscan.io logo urlscan.io
SecurityTrails logo

to.xrivonet.info Open in urlscan Pro
2606:4700:3037::ac43:c04d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://to.xrivonet.info/universo.html#w
Effective URL: https://to.xrivonet.info/universo.html
Submission: On August 24 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 9 countries across 37 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3037::ac43:c04d, located in United States and belongs to CLOUDFLARENET, US. The main domain is to.xrivonet.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time to.xrivonet.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 65.9.58.150 16509 (AMAZON-02)
1 192.243.59.20 39572 (ADVANCEDH...)
1 23.109.248.131 7979 (SERVERS-COM)
4 208.93.230.22 29893 (CHATANGO)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 192.243.59.13 39572 (ADVANCEDH...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.66.97.112 16509 (AMAZON-02)
11 13.32.110.12 16509 (AMAZON-02)
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 91.149.224.101 48357 (K4X)
1 104.19.136.78 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
8 162.252.214.5 53334 (TUT-AS)
2 185.200.118.90 9009 (M247)
2 38.132.109.186 9009 (M247)
2 185.200.116.90 9009 (M247)
1 35.190.71.96 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 151.101.65.44 54113 (FASTLY)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 143.204.215.7 16509 (AMAZON-02)
2 35.190.41.116 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 138.199.37.226 60068 (CDN77 ^_^)
3 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 216.21.13.10 53334 (TUT-AS)
12 185.209.15.184 213371 (SQUITTER-...)
1 208.95.113.2 53334 (TUT-AS)
1 51.77.64.70 16276 (OVH)
1 193.112.233.92 45090 (TENCENT-N...)
1 52.218.128.129 16509 (AMAZON-02)
145 44
1    2606:4700:3037::ac43:c04d (United States)

ASN13335 (CLOUDFLARENET, US)
to.xrivonet.info
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:811::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
img1.blogblog.com
7    65.9.58.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-150.fra56.r.cloudfront.net
d141wsrw9m4as6.cloudfront.net
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl164625.pvclouds.com
1    23.109.248.131 (Netherlands)

ASN7979 (SERVERS-COM, US)
ligninenchant.com
4    208.93.230.22 (United States)

ASN29893 (CHATANGO, US)
st.chatango.com
ust.chatango.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.bcloudhost.com
8    2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
2    18.66.97.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-112.fra56.r.cloudfront.net
ihavelearnat.xyz
11    13.32.110.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-12.vie50.r.cloudfront.net
llassignament.one
12    2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)
yrecomemu.one
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2606:4700::6810:5b06 (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
6    91.149.224.101 (Norway)

ASN48357 (K4X, EE)
PTR: static.91.149.224.101.sibyl.li
www.tutele.nl
1    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
c1.popads.net
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
6    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
8    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
2    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
utfgb3ti6mif.l4.adsco.re
4qcrqctvqdi8.l4.adsco.re
2    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
utfgb3ti6mif.n4.adsco.re
4qcrqctvqdi8.n4.adsco.re
2    185.200.116.90 (Shah Alam, Malaysia)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
utfgb3ti6mif.s4.adsco.re
4qcrqctvqdi8.s4.adsco.re
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
2    2606:4700:3033::6815:35e1 (United States)

ASN13335 (CLOUDFLARENET, US)
acacdn.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
www.antiadblocksystems.com
2    143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net
sb.scorecardresearch.com
2    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com
cdn.swarmcloud.net
3    2600:9000:223c:3800:c:4a6d:9800:21 (United States)

ASN16509 (AMAZON-02, US)
dwr3zytn850g.cloudfront.net
2    2606:4700::6811:970c (United States)

ASN13335 (CLOUDFLARENET, US)
befirstcdn.com
1    216.21.13.10 (United States)

ASN53334 (TUT-AS, US)
serve.popads.net
12    185.209.15.184 (Belize)

ASN213371 (SQUITTER-NETWORKS, NL)
ed22.zorrohd2.nl
1    208.95.113.2 (United States)

ASN53334 (TUT-AS, US)
antiadblocksystems.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    193.112.233.92 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
cn.cdnbye.com
1    52.218.128.129 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
26 adsco.re
c.adsco.re — Cisco Umbrella Rank: 23755
6.adsco.re — Cisco Umbrella Rank: 25997
4.adsco.re — Cisco Umbrella Rank: 28994
utfgb3ti6mif.l4.adsco.re
utfgb3ti6mif.n4.adsco.re
utfgb3ti6mif.s4.adsco.re
adsco.re — Cisco Umbrella Rank: 20573
4qcrqctvqdi8.l4.adsco.re
4qcrqctvqdi8.n4.adsco.re
4qcrqctvqdi8.s4.adsco.re
121 KB
12 zorrohd2.nl
ed22.zorrohd2.nl
2 MB
12 yrecomemu.one
yrecomemu.one
5 KB
11 llassignament.one
llassignament.one
14 KB
10 cloudfront.net
d141wsrw9m4as6.cloudfront.net
dwr3zytn850g.cloudfront.net
232 KB
8 freychang.fun
freychang.fun — Cisco Umbrella Rank: 27142
404 KB
6 tutele.nl
www.tutele.nl — Cisco Umbrella Rank: 923571
21 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 134
accounts.google.com — Cisco Umbrella Rank: 99
71 KB
4 chatango.com
st.chatango.com — Cisco Umbrella Rank: 56024
ust.chatango.com — Cisco Umbrella Rank: 65371
244 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
40 KB
3 blogger.com
www.blogger.com — Cisco Umbrella Rank: 8744
47 KB
2 befirstcdn.com
befirstcdn.com
57 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
126 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 45356
2 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
2 KB
2 antiadblocksystems.com
www.antiadblocksystems.com — Cisco Umbrella Rank: 272219
antiadblocksystems.com — Cisco Umbrella Rank: 204298
10 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 997
161 KB
2 acacdn.com
acacdn.com — Cisco Umbrella Rank: 140655
60 KB
2 popads.net
c1.popads.net — Cisco Umbrella Rank: 299111
serve.popads.net — Cisco Umbrella Rank: 247146
10 KB
2 celeritascdn.com
celeritascdn.com — Cisco Umbrella Rank: 190990
14 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
2 ihavelearnat.xyz
ihavelearnat.xyz
2 KB
2 bcloudhost.com
www.bcloudhost.com
1 amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 104593 Failed
9 KB
1 cdnbye.com
cn.cdnbye.com — Cisco Umbrella Rank: 179911
358 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5826
322 B
1 swarmcloud.net
cdn.swarmcloud.net — Cisco Umbrella Rank: 943250
59 KB
1 onclickgenius.com
onclickgenius.com — Cisco Umbrella Rank: 135363
2 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 143914
2 KB
1 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7117
681 B
1 blogblog.com
img1.blogblog.com — Cisco Umbrella Rank: 76966
614 B
1 ligninenchant.com
ligninenchant.com
1 KB
1 pvclouds.com
pl164625.pvclouds.com
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
42 KB
1 xrivonet.info
to.xrivonet.info
15 KB
0 amung.us Failed
widgets.amung.us Failed
0 adnetworkperformance.com Failed
www.adnetworkperformance.com Failed
145 37
Domain Requested by
12 ed22.zorrohd2.nl cdn.jsdelivr.net
cdn.swarmcloud.net
12 yrecomemu.one to.xrivonet.info
d141wsrw9m4as6.cloudfront.net
www.tutele.nl
dwr3zytn850g.cloudfront.net
11 llassignament.one d141wsrw9m4as6.cloudfront.net
dwr3zytn850g.cloudfront.net
8 freychang.fun d141wsrw9m4as6.cloudfront.net
dwr3zytn850g.cloudfront.net
7 d141wsrw9m4as6.cloudfront.net to.xrivonet.info
ihavelearnat.xyz
llassignament.one
6 4.adsco.re to.xrivonet.info
c.adsco.re
www.tutele.nl
6 6.adsco.re to.xrivonet.info
c.adsco.re
www.tutele.nl
6 c.adsco.re c1.popads.net
c.adsco.re
www.antiadblocksystems.com
6 www.tutele.nl to.xrivonet.info
www.tutele.nl
cdn.jsdelivr.net
4 accounts.google.com to.xrivonet.info
www.tutele.nl
3 dwr3zytn850g.cloudfront.net www.tutele.nl
llassignament.one
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
st.chatango.com
3 st.chatango.com to.xrivonet.info
st.chatango.com
3 www.blogger.com to.xrivonet.info
2 adsco.re c.adsco.re
2 befirstcdn.com www.tutele.nl
befirstcdn.com
2 cdn.jsdelivr.net www.tutele.nl
2 youradexchange.com acacdn.com
befirstcdn.com
2 sb.scorecardresearch.com cdn.taboola.com
st.chatango.com
2 cdn.taboola.com st.chatango.com
cdn.taboola.com
2 acacdn.com www.tutele.nl
acacdn.com
2 celeritascdn.com to.xrivonet.info
celeritascdn.com
2 www.facebook.com to.xrivonet.info
www.tutele.nl
2 ihavelearnat.xyz d141wsrw9m4as6.cloudfront.net
2 www.bcloudhost.com to.xrivonet.info
2 apis.google.com to.xrivonet.info
apis.google.com
1 webpick-cdn.s3.us-west-2.amazonaws.com d141wsrw9m4as6.cloudfront.net
1 cn.cdnbye.com cdn.swarmcloud.net
1 pro.ip-api.com cdn.swarmcloud.net
1 antiadblocksystems.com www.antiadblocksystems.com
1 serve.popads.net c1.popads.net
1 4qcrqctvqdi8.s4.adsco.re c.adsco.re
1 4qcrqctvqdi8.n4.adsco.re c.adsco.re
1 4qcrqctvqdi8.l4.adsco.re c.adsco.re
1 ust.chatango.com st.chatango.com
1 cdn.swarmcloud.net www.tutele.nl
1 www.antiadblocksystems.com www.tutele.nl
1 onclickgenius.com celeritascdn.com
1 utfgb3ti6mif.s4.adsco.re c.adsco.re
1 utfgb3ti6mif.n4.adsco.re c.adsco.re
1 utfgb3ti6mif.l4.adsco.re c.adsco.re
1 ufpcdn.com celeritascdn.com
1 c1.popads.net to.xrivonet.info
1 jsc.mgid.com to.xrivonet.info
1 img1.blogblog.com to.xrivonet.info
1 ligninenchant.com to.xrivonet.info
1 pl164625.pvclouds.com to.xrivonet.info
1 www.googletagmanager.com to.xrivonet.info
1 to.xrivonet.info
0 widgets.amung.us Failed to.xrivonet.info
0 www.adnetworkperformance.com Failed to.xrivonet.info
145 51

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.blogger.com
wrivz1.blogspot.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
pvclouds.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
ligninenchant.com
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.chatango.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-09 -
2023-07-09		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
bcloudhost.com
R3		 2022-08-21 -
2022-11-19		 3 months crt.sh
ihavelearnat.xyz
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
llassignament.one
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.yrecomemu.one
E1		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-02 -
2022-08-31		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.tutele.nl
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
1355769017.rsc.cdn77.org
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.l4.adsco.re
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
*.n4.adsco.re
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
*.s4.adsco.re
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
onclickgenius.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-04 -
2023-01-04		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
1431218181.rsc.cdn77.org
R3		 2022-08-07 -
2022-11-05		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh
cdn.swarmcloud.net
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.popads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-10-23 -
2022-10-30		 a year crt.sh
ed22.zorrohd2.nl
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
antiadblocksystems.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-18 -
2023-08-18		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
*.cdnbye.com
TrustAsia RSA DV TLS CA G2		 2022-04-21 -
2023-04-21		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh

This page contains 17 frames:

Primary Page: https://to.xrivonet.info/universo.html
Frame ID: 2940E4B69DF065E28FABD9EBAAC8AED7
Requests: 57 HTTP requests in this frame

Frame: https://ihavelearnat.xyz/TUFwR0IsIxMqfSx8EmE3Py1NYnALZEIBJnx1QTAxPzZJKnYsMkZpISEuBSMkPy4eM2wjJARicAt4ESsUIgwlMAgCJiofITV1SAMDNXcnACYUAx5+Dx05BCILJTEfBhc5dCgWJh8CMiAAFBdAHw0PAAgREwswMi0TChceAQ8AACoUIRs1CgQUGDQmdQQCEyQwBB0tJiYMKiIHAC4AdjITdh0HCiwOLAAmIgwqDEUFBA8xJwUMKQlDPxIXcBcdDToMRwMEeXY3HwAsACMOJy4HHwUkGzFHEAAfZEIBCQUDEQYWPgU/dnYLICYsGhkQPn8HIA8TAAUhGCoWbyEDIAYbOglBFjcMFQckBAV1Ax4EPgYpKy4nFSEJehwrRAYQHgQ3JAQ9OBERKiEDNiAsCXIyJgMeMiAJJQMkKhJ7IxY2DikKBR8BFAotKQJzJgMVAhAhExcVexpzFAADBTkSJAQiAyAwMTcCJQouGXMTMgAFeBQicz4JES97IhYhYSg+Lh43fyQ7RXAQdHgkLHZ4
Frame ID: 1985651942A97BE4BD5DF01FAECEF3C4
Requests: 2 HTTP requests in this frame

Frame: https://llassignament.one/S0kyZG4qK1EJUSp0UEIbOSUPQVwNbAAiCnp9AxMdOT4LCVoqOgRKDScmRwAIOSZcEEAlLEZBXA0eZSIBMy1nC1kFHwowChg+SDI7I3FrI1oBGFwQS3kLfyEnKgNxDAAcMAoRKgo9WyEscwtzClcfGVstS3kLdiE4OAd2EAgOJ1ZBXAkZA1w5L3teXDsJDF0+OX8RcycaJwcDUD4CM2NWOw0LBiwDcy9gM1c6KFoPLQIza0FcCRFVLVstHlUmKTF8CwUvDQxXCjQ6D3c9Jy0eVSYvIgQABi8dGFc2Hm57dCVeHjBQCVoSHHoMAQR5dyIkIXlGMiwoIX83Wh4bRRwaKhgfPgwuHgdBXA0IAjIHBjN4IikIEwsFJgEYVyMJeR5wUBgtHlUmKyJxBSk4fipQVh46HFpUWgUzVjE7Ay5XBRkNC2gjBnsLdzZZKidjJTwTPQsFLw4OeR5afBhKHBgqIUUhPCV4AAU/Lx1iVjttI0ELADt0WD4KHxhhATsSEXw
Frame ID: C410A05588DAA5C0FBE051871B8A619A
Requests: 2 HTTP requests in this frame

Frame: https://llassignament.one/OVNpNG9YMQpZUFhuCxIaSz9UEV1/dltyCwhnWEMcSyRQWVtYIF8aDFU8HFAJSzwHQEFXNh0RXX89O2w2TgI9YQJ+BV1aLFMWD2InThAKcVdxNx5mBXEWJEE4QwUlYxZVAihMIQ4RL1NffgYNBSpDFiRiJ04VMEwfax9YfltsFTxCOVc7IXIGewEjBBx8CVl1BGpiWUE7QCQIbCx4Ag1OLn8xHmIIaxIrRD5QJDBiLAwQJ1giejA/RxdsJCNMLXEFMHUoaBQrBSJ6MDx9HH4SMwUqcQpZcjd0FTlhLnwyK3Zcaz8sTD1qOD1mFmsLJVxWfAkoVytoJER6XX5gM3UpYR4vVj0ICidiCEkGHn0sfBsNczd6Owx9KXQQCmImXhU/RxpxFCtxLnoZDXoXVTcjdi0KHihyF3gEHXMnVwIsUCpoNgp1OQkGHn4Xazo4ZTptHQptKmthDXU1QAQoelx8KSt4Lmh1A0cAVyNUXwdcFQx/KlQiBkNb
Frame ID: 52ACA207E1B68715EA34F066AFD32F38
Requests: 2 HTTP requests in this frame

Frame: https://llassignament.one/QkdWQ2EjJTUuXiN6NGUUMCtrZlMEYmQFBXNzZzQSMDBvLlUjNGBtAi4oIycHMCg4N08sIiJmUwQOAi0zcxE7KBUFPyU0NygoMgY2NiIwczsFHQABDgogD3YjOHIcCyYEHhIBDgQeAHpXCwUPEDkWd2AHKQMjGAEjCx09ewgEFSU7NwUgBAQbFBIwcigXCjE3GxMBGyomEQIwECVyEx87JAoJFHcJCj8cNCkBfhwEJSkTHDsGGAlmO1kPLBR3NhUzERE5diIcOw4QCAR3WBcSMi4jODcEEVMYHjAvEQQkZywsFxIyLikrJDcSUwgKMBc7Ex0QKFMTLHsFRHABAgsZBwEVGjsLLxMALDU0OgswBD0BNAkAFTsFKSQSHBI7BCs7CxlyLhQAKxAVLhUsJAIHGTE1DiQWNCYqEioSGg88LyAjdwwFLxMCbgQZJT0CCxY7FREZBRsCBCE4cy9zcScQKyItNhp+BBFTGyYaOygXDRcBExAtGCk2LCs3EQwAFxlzDQdhPDAOLDdrKlZzBTgzVnRzAiAldjQYOg
Frame ID: DD18182BF738ED98DD6767603DE4360B
Requests: 2 HTTP requests in this frame

Frame: https://llassignament.one/ZFc5b1oFNVoCZQVqW0kvFjsESmgicgspPlVjCBgpFiAAAm4FJA9BOQg4TAs8FjhXG3QKMk1KaCIAXV4cKwR+Kg80PngaAgMaDSQ0Mg1rOD5dNH8lCCstCQEeEzNKLDItD30FD1Iabz4eIz5VSmgmBU4iKC85bz0PMGdPJT0+HF0WKQkWUh89BRRSKRwzLw8NMjEfaQYMVRF7BGsvLg0mHTAGSA0yNQBbLBcKEEFbYy0+VSoINjMONTYiBGBcbwMRUVt/VhFyBjkzFXE9YgEWASs+LC8NOh8AcgspPAlmaiECNm9cLQMBBwoHYjYSaDs7VydrK2gAYWA6CCIOakJiUBJrHGorBAkrEiAwDw0MKS9jJ2tBZX87ajY5WFwqNg9DADc0Fk4NPiwgdT0fMj9wBh8vElc9YgEWYDwXDQJXPBwuPV8GKS4VbVswKAJrKRxXbg05DAg/YCdrNQVUIT0BAX8oPiwvDSoyPWR1FTUtAlQiEwIBcy48V2YcXRg2IHMcPBNxUxw1CicEKwASLl0bI1Ejcghs
Frame ID: BF4D78D322AE50E7E4C3C80E98AA904C
Requests: 2 HTTP requests in this frame

Frame: https://www.tutele.nl/online.php?a=4943
Frame ID: ADBC21C980CF2F09DDB695997D184C19
Requests: 15 HTTP requests in this frame

Frame: https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=1227240
Frame ID: CFEA756D3AB0A5D01FC9D717B23E1A65
Requests: 1 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0817221641/id.html
Frame ID: BBF002926424CBEF91DC6D5DA0DC2551
Requests: 7 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 7B51DA08560DD2840581DBDA63788577
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 25FCE9600BE5CC92672C7438FFFFA3A6
Requests: 6 HTTP requests in this frame

Frame: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Frame ID: 34B502F02524356F7485EB5A6F9AE611
Requests: 31 HTTP requests in this frame

Frame: data://truncated
Frame ID: 231215D283D77B7EB5D60F6F59B63B42
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 5DD4DF0ED97EBB41AC79AD462999634D
Requests: 6 HTTP requests in this frame

Frame: https://llassignament.one/bUp5em8MKBoXUAx3G1waHyZEX10rb0s8Cxo4SgAWGSRBT18KZBoWABguHwgAAz5XFAoZb0s8DiMnDRELOSIvOC4CHjtKJi4LPB0tLxw3Lj0sLSg7PQ4rLxE1OgYDFhcsIg4CPTgILDE5DiIsOC4LAhE/KS8hSTMpKxArLAQkGy8WOTocLzQ1OC0VID4/fzo9GB4vOywMPwkrIDU8GE0xJyt6KDIIOwMvLAQ/DisWOjt6TC0iGnogLV8rAjo4Ww4OKw4MOhgOIjosJT44PS8bOh01DBw/CSYoex4XOiwlPjIuXSg9HSUiHAMZCy8MChk+Gj0fLgNAED8tOjQoOjgtPR8OET8lDw4uOD4AODkYKwwvSiIJCD8OIiUmOzktCiIoOQE7BS8ROTgSDjstOAsWPSssDy4vXgEJKC8MJBwoNzgqJi8uOwETAzk+NywqETo6C0gKOT8yIDI4XBwoOQg0EzsoITcYODAtP3lNPjgrBBs5GC8EPC8IJ2wTCQADOkQxIyR+Di9fFSg7STsF
Frame ID: 84E15AB1405B04B8E63B6E014CC71714
Requests: 2 HTTP requests in this frame

Frame: https://llassignament.one/ZUx4d0UELhsaegRxGlEwFyBFUncjaUoxIRI+Sw08ESJAQnUCYhsbKhAoHgUqCzhWGSARaUoxMgZ+SEMLLQkpNik/HywQJiAUORsMNAotJwcwDi41dREuMAALNCo5MiMuNSpPITEOPCR1HQM+InABBBQQFC0dFzEADR0cMyIwCi4PDC8bHxsDMx4QLQY3OxsxdCMVMCUPLA8WPQA9GkgTBw4KGjApIy0+JTIEHwAxATQ7NjoAMAI8LwQCLSkhHwApEDEBNDQIJRIOKDAkBBF+LjIDAR05PQMyJx88BycNPD8TNx46Hxw1GUlHAzMgQVJ3Jw0tPQA0O1UEBjMJPhMAI3QiNTInGT0iCBIfORgALR4XMB03CjwmMhUoLg8qBh46RwI0HjkxFgk/GzEuAgcbHAchGyouAD18IhQGNBYeJilVBj0iCyEEFBsWIA09Mg00FUslKVEcPxwPIx9IRw80DV4dNgoiCEoBUCIgPgEkDUg
Frame ID: CF37944DEAE8138110DB17E327E230FF
Requests: 2 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Frame ID: 5DC30C432F5467F04AF88A976CF23B94
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RivoRD

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

145
Requests

94 %
HTTPS

44 %
IPv6

37
Domains

51
Subdomains

44
IPs

9
Countries

4066 kB
Transfer

7044 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

145 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request universo.html
to.xrivonet.info/ 		57 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c04d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e7af110eade94625013d4f28b2dc4a30b5c10d4a7802baf766b68f473c27af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73f7ebcbbdcc9119-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 00:20:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 15 Aug 2022 07:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GKrvGlQn6%2BM7VBEFBkB4m5wcLWZcDrEyE7EAdubJ5iZREPSIJJIIHqhTseNFlEgkSBvj4T%2FoE7UdAo0knPf5hBsvN8nq0VC7YvmqnVbNyAdSQ9CCVs%2BDmrHzyBXtXVenjt0KECIaF73PBQXvkql"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
js
www.googletagmanager.com/gtag/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153096092-1
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1ea9b31cb09c6817be1f977cbd0308676c4824268fa05fbb1fff5151fcae965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42033
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Aug 2022 00:20:15 GMT
16153472-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/16153472-css_bundle_v2.css
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8912
x-xss-protection
0
last-modified
Thu, 02 Jul 2015 01:50:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 18 Aug 2023 16:03:32 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3127189521511558727&zx=d740d3e9-2abb-42bf-b18d-41c9a8d4501c
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Aug 2022 00:20:15 GMT
server
GSE
date
Wed, 24 Aug 2022 00:20:15 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
d141wsrw9m4as6.cloudfront.net/ 		337 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
84873562689d2fc2a0c74180234ec825609747ce151ca8b2d6381405477f5069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:15 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
113365
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
vNv0nbYN7gTUZiqsbfFa5W_4lRxeLeWF4dMfPi1zs1cjfmC1SjQstg==
/
d141wsrw9m4as6.cloudfront.net/ 		163 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
07dde3a5822a5cc0a1fa868d443d17cc070cfcf86f0b6a897a5698b77af47eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:15 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
49658
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
SzSgXkh9srdbgENWvWePhecXJm89BtfDwWtivaylpdocaoyM4K-8oA==
61b9671524e2ca246e7898cf092e4832.js
pl164625.pvclouds.com/61/b9/67/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl164625.pvclouds.com/61/b9/67/61b9671524e2ca246e7898cf092e4832.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:16 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
6507
ligninenchant.com/rsEl6Kc2wxE8/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ligninenchant.com/rsEl6Kc2wxE8/6507
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.248.131 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:16 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://to.xrivonet.info
Access-Control-Max-Age
600
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
icon18_wrench_allbkg.png
img1.blogblog.com/img/ 		475 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 23:58:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Aug 2022 08:52:58 GMT
server
sffe
age
519678
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 24 Aug 2022 23:58:57 GMT
emb.js
st.chatango.com/js/gz/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/js/gz/emb.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
95db5e0f52d1d89a1c17733e005452f61c10c4b351a8737b7730fbf68dc3cd8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23804
Expires
Wed, 24 Aug 2022 00:20:16 GMT
3190386002-widgets.js
www.blogger.com/static/v1/widgets/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3190386002-widgets.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 03:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37848
x-xss-protection
0
last-modified
Thu, 02 Jul 2015 01:50:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 17 Aug 2023 03:34:33 GMT
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 24 Aug 2022 00:20:15 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"1eb2ff494a10244b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 00:20:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153096092-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4695
date
Tue, 23 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 24 Aug 2022 01:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1051917578&t=pageview&_s=1&dl=https%3A%2F%2Fto.xrivonet.info%2Funiverso.html&ul=en-us&de=UTF-8&dt=RivoRD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=84757112&gjid=96448380&cid=1047703820.1661300416&tid=UA-153096092-1&_gid=96742189.1661300416&_r=1&gtm=2ou8m0&z=685357075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
invoke.js
www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 24 Aug 2022 00:20:16 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
asd100.bin
freychang.fun/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
access-control-allow-methods
GET
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 21:37:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdlrAl3PCA2XybL5lkAKvY52YQnbLdNshL0%2BkuITRWYuG7S2vyT7LiPMvNEoCKZWDjvVCIrfVLyveRU%2Fnz9fzRqfS5F%2FV%2FNb%2F1U7wsubhFL%2F9THiJsJdTdtRHndmUKqd7F9c1PuPaY%2FzKGJW"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://to.xrivonet.info
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f7ebd39c119a17-FRA
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ 		27 B
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15116d7519b09dd81dc87a09b5f8ef5108ef98c0aba3a475991e78d45ca03aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://to.xrivonet.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0xVEdh7DM1%2BYomTIXJuLT3ActL01VT0MwBEUjtBJyo4m5zE0%2BC%2BNL%2FN9%2Fb7ap1cmkrRG4C%2Fe9GiKjCVIboTtXWTQIDUSjulpsPEnSckdtYp0zP9X%2BB65MHhi83GxdXbFCf6SU9IDHFCfint"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
73f7ebd39c129a17-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ihavelearnat.xyz/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ihavelearnat.xyz/utx?cb=FEtS9z616pGz&top=to.xrivonet.info&tid=622073
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-112.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:16 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
QBOBagqscpdL-6xi67BGMhgfCKW-a0Z7CJNM6tRaE2DJSs0FOTR1Tg==
dnYLICYsGhkQPn8HIA8TAAUhGCoWbyEDIAYbOglBFjcMFQckBAV1Ax4EPgYpKy4nFSEJehwrRAYQHgQ3JAQ9OBERKiEDNiAsCXIyJgMeMiAJJQMkKhJ7IxY2DikKBR8BFAotKQJzJgMVAhAhExcVexpzFAADBTkSJAQiAyAwMTcCJQouGXMTMgAFeBQicz4JES97I...
ihavelearnat.xyz/TUFwR0IsIxMqfSx8EmE3Py1NYnALZEIBJnx1QTAxPzZJKnYsMkZpISEuBSMkPy4eM2wjJARicAt4ESsUIgwlMAgCJiofITV1SAMDNXcnACYUAx5+Dx05BCILJTEfBhc5dCgWJh8CMiAAFBdAHw0PAAgREwswMi0TChceAQ8AACoUIRs1CgQU... Frame 1985 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ihavelearnat.xyz/TUFwR0IsIxMqfSx8EmE3Py1NYnALZEIBJnx1QTAxPzZJKnYsMkZpISEuBSMkPy4eM2wjJARicAt4ESsUIgwlMAgCJiofITV1SAMDNXcnACYUAx5+Dx05BCILJTEfBhc5dCgWJh8CMiAAFBdAHw0PAAgREwswMi0TChceAQ8AACoUIRs1CgQUGDQmdQQCEyQwBB0tJiYMKiIHAC4AdjITdh0HCiwOLAAmIgwqDEUFBA8xJwUMKQlDPxIXcBcdDToMRwMEeXY3HwAsACMOJy4HHwUkGzFHEAAfZEIBCQUDEQYWPgU/dnYLICYsGhkQPn8HIA8TAAUhGCoWbyEDIAYbOglBFjcMFQckBAV1Ax4EPgYpKy4nFSEJehwrRAYQHgQ3JAQ9OBERKiEDNiAsCXIyJgMeMiAJJQMkKhJ7IxY2DikKBR8BFAotKQJzJgMVAhAhExcVexpzFAADBTkSJAQiAyAwMTcCJQouGXMTMgAFeBQicz4JES97IhYhYSg+Lh43fyQ7RXAQdHgkLHZ4
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-112.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
54660548e27ae957e12348e09515b27205a3ad6ed66cc81ec2cda7d9f149d7dc

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Wed, 24 Aug 2022 00:20:16 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id
7b-DxxqwtPmWRVPgXilYSFYMhdRrJTkzDVRVbbeUeE6IQcl_-IjQhw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
Lx1iVjttI0ELADt0WD4KHxhhATsSEXw
llassignament.one/S0kyZG4qK1EJUSp0UEIbOSUPQVwNbAAiCnp9AxMdOT4LCVoqOgRKDScmRwAIOSZcEEAlLEZBXA0eZSIBMy1nC1kFHwowChg+SDI7I3FrI1oBGFwQS3kLfyEnKgNxDAAcMAoRKgo9WyEscwtzClcfGVstS3kLdiE4OAd2EAgOJ1ZBXAkZA1w... Frame C410 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/S0kyZG4qK1EJUSp0UEIbOSUPQVwNbAAiCnp9AxMdOT4LCVoqOgRKDScmRwAIOSZcEEAlLEZBXA0eZSIBMy1nC1kFHwowChg+SDI7I3FrI1oBGFwQS3kLfyEnKgNxDAAcMAoRKgo9WyEscwtzClcfGVstS3kLdiE4OAd2EAgOJ1ZBXAkZA1w5L3teXDsJDF0+OX8RcycaJwcDUD4CM2NWOw0LBiwDcy9gM1c6KFoPLQIza0FcCRFVLVstHlUmKTF8CwUvDQxXCjQ6D3c9Jy0eVSYvIgQABi8dGFc2Hm57dCVeHjBQCVoSHHoMAQR5dyIkIXlGMiwoIX83Wh4bRRwaKhgfPgwuHgdBXA0IAjIHBjN4IikIEwsFJgEYVyMJeR5wUBgtHlUmKyJxBSk4fipQVh46HFpUWgUzVjE7Ay5XBRkNC2gjBnsLdzZZKidjJTwTPQsFLw4OeR5afBhKHBgqIUUhPCV4AAU/Lx1iVjttI0ELADt0WD4KHxhhATsSEXw
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
8fbdf298344f4a01a3f7250d2e01fae9277d70e1ef073d5aa5f7eadd00bd6ed3

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1217
content-type
text/html
date
Wed, 24 Aug 2022 00:20:16 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
bOYu4T8FtggzbwFXa8qY643dAMbg-VHmbOtKIKJvtdK70r489v3Vnw==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
KlQiBkNb
llassignament.one/OVNpNG9YMQpZUFhuCxIaSz9UEV1/dltyCwhnWEMcSyRQWVtYIF8aDFU8HFAJSzwHQEFXNh0RXX89O2w2TgI9YQJ+BV1aLFMWD2InThAKcVdxNx5mBXEWJEE4QwUlYxZVAihMIQ4RL1NffgYNBSpDFiRiJ04VMEwfax9YfltsFTxCOVc7IXI... Frame 52AC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/OVNpNG9YMQpZUFhuCxIaSz9UEV1/dltyCwhnWEMcSyRQWVtYIF8aDFU8HFAJSzwHQEFXNh0RXX89O2w2TgI9YQJ+BV1aLFMWD2InThAKcVdxNx5mBXEWJEE4QwUlYxZVAihMIQ4RL1NffgYNBSpDFiRiJ04VMEwfax9YfltsFTxCOVc7IXIGewEjBBx8CVl1BGpiWUE7QCQIbCx4Ag1OLn8xHmIIaxIrRD5QJDBiLAwQJ1giejA/RxdsJCNMLXEFMHUoaBQrBSJ6MDx9HH4SMwUqcQpZcjd0FTlhLnwyK3Zcaz8sTD1qOD1mFmsLJVxWfAkoVytoJER6XX5gM3UpYR4vVj0ICidiCEkGHn0sfBsNczd6Owx9KXQQCmImXhU/RxpxFCtxLnoZDXoXVTcjdi0KHihyF3gEHXMnVwIsUCpoNgp1OQkGHn4Xazo4ZTptHQptKmthDXU1QAQoelx8KSt4Lmh1A0cAVyNUXwdcFQx/KlQiBkNb
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
ffcfc7fb265d4d6beac3c2bad5f4c09aa3fa2fb2d6fb85c3dda8bd3962dc5adf

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1216
content-type
text/html
date
Wed, 24 Aug 2022 00:20:16 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
TO-Kp4cMS-x3MVQMde0YJ-rrU7noYdSBGGjK2GWVr4rPJ49yDRZAPg==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
asd100.bin
freychang.fun/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
access-control-allow-methods
GET
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 21:37:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai0Pbukgf6r1w7XbIqCg5HoBtHtqBjpSfVGelAuhmH9xz0PHRfnWeItnP7qUAv5Khp%2BjGZDtLFiUtvwKgMdgdpoSKD2yP6P0z3qYt0LQYcKRqc765a9TdNA28Y%2FALi0lw41MifxSBGk8Fqkq"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://to.xrivonet.info
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f7ebd3cc329a17-FRA
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ 		27 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6aae3e41a6f40e1391002e0a25dffa6efce5aad4810b5ac9b4b1a5abe47b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://to.xrivonet.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7SjPg4HvvpKhq%2BQSntDRGv6aHI6Vh7BYg9cVfpK5Pv%2BW6xfZjRuxKUYLYyX0Vd12XwltjKUGHqVkNY05zF44wEpykpKzkCIPYLGp2OJ%2FmpntCA1m5uoud4JDRvMuh4LyN4JrfVceegELCUY"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
73f7ebd3cc339a17-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
llassignament.one/ 		0
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/utx?cb=EP911oqeNQ6f&top=to.xrivonet.info&tid=712339
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:16 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
CdH36RlyBTsBiN8PRFBQMfj0N15SHUQVU0huspOA8rzNNZWyAjBOUw==
QkdWQ2EjJTUuXiN6NGUUMCtrZlMEYmQFBXNzZzQSMDBvLlUjNGBtAi4oIycHMCg4N08sIiJmUwQOAi0zcxE7KBUFPyU0NygoMgY2NiIwczsFHQABDgogD3YjOHIcCyYEHhIBDgQeAHpXCwUPEDkWd2AHKQMjGAEjCx09ewgEFSU7NwUgBAQbFBIwcigXCjE3GxMBG...
llassignament.one/ Frame DD18 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/QkdWQ2EjJTUuXiN6NGUUMCtrZlMEYmQFBXNzZzQSMDBvLlUjNGBtAi4oIycHMCg4N08sIiJmUwQOAi0zcxE7KBUFPyU0NygoMgY2NiIwczsFHQABDgogD3YjOHIcCyYEHhIBDgQeAHpXCwUPEDkWd2AHKQMjGAEjCx09ewgEFSU7NwUgBAQbFBIwcigXCjE3GxMBGyomEQIwECVyEx87JAoJFHcJCj8cNCkBfhwEJSkTHDsGGAlmO1kPLBR3NhUzERE5diIcOw4QCAR3WBcSMi4jODcEEVMYHjAvEQQkZywsFxIyLikrJDcSUwgKMBc7Ex0QKFMTLHsFRHABAgsZBwEVGjsLLxMALDU0OgswBD0BNAkAFTsFKSQSHBI7BCs7CxlyLhQAKxAVLhUsJAIHGTE1DiQWNCYqEioSGg88LyAjdwwFLxMCbgQZJT0CCxY7FREZBRsCBCE4cy9zcScQKyItNhp+BBFTGyYaOygXDRcBExAtGCk2LCs3EQwAFxlzDQdhPDAOLDdrKlZzBTgzVnRzAiAldjQYOg
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
8291857c99303ad61ef0e37f03e2b8c2bb4403e20284c4f24d7e7b9b5ba4e337

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1245
content-type
text/html
date
Wed, 24 Aug 2022 00:20:16 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
pw5os-M36TNsiLA1sGNmDXASbkOALjPNm-tz9TbyVShiVrg35-Niuw==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
cVdTczVeaDAACCgPN0BgJycEJ143PDEfWTQFBB9fJwJqO28mY3UHXBVqZUEHQWBgVUUYM25CEwIjMgdAAmpiVVwfMTxOEwdqYl0GRXlhSxtBcSZOBFcjIxJSTGZ1A0EFO25CA0dmYEMFRWZlRgFC
yrecomemu.one/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/cVdTczVeaDAACCgPN0BgJycEJ143PDEfWTQFBB9fJwJqO28mY3UHXBVqZUEHQWBgVUUYM25CEwIjMgdAAmpiVVwfMTxOEwdqYl0GRXlhSxtBcSZOBFcjIxJSTGZ1A0EFO25CA0dmYEMFRWZlRgFC
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zglXNmzdIXx%2FrsHIXSNr1IMY2L2XCLjicE%2FHBZer27LgyzIFpqRkCAeH4iRJbNze9ixZ2Z8bUD08DiT2sK7Y7ft6igUHnyouIiYANdHBQCor%2Flx7v%2FvpQyoJSCtcF9BAZwge15N7DYHMYgqD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd40de191e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
X1p5Yg
yrecomemu.one/QVdOaW9uaC0aUhVlKhk2Kz9rWy0UAX8LKxknGDFeMh4qWAsjAh8OSTU+KlRYdG55X15nJycNUnBvaBobICM7GlJwcScHCS5qaB9ScHl+R15vZWgcUnBxOhkOJmp/Tx81IyJUXndhf1pfcWN/ 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/QVdOaW9uaC0aUhVlKhk2Kz9rWy0UAX8LKxknGDFeMh4qWAsjAh8OSTU+KlRYdG55X15nJycNUnBvaBobICM7GlJwcScHCS5qaB9ScHl+R15vZWgcUnBxOhkOJmp/Tx81IyJUXndhf1pfcWN/X1p5Yg
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzX9YW7rH7K0q9Hqb2swiyfqaaEBmdXrfB9P2ZCiscPmyJz62bix8fESi4V2hV8I%2FO6RZqzcZkOXSWHlmewnbTJccx66aRvZzUEnuiLED6yuwZ9%2BF1FqovwNoEvcp6FyD2F5fl5BYrKfoBb%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd40de291e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
TUc5SlZieFo5axkQczI3CDcOHwMhI1wSPh4WVTpgKRFjDwEFIB8+Pyl6DntkfnQAbCYkIwR4b2s0TSsiODQEe3AkKV8la2sxBHt4fWkMc3h9YUx3Z2szSSsxcHYfOiI5KwR7YHt2CnpmeXYPf297
yrecomemu.one/ 		0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/TUc5SlZieFo5axkQczI3CDcOHwMhI1wSPh4WVTpgKRFjDwEFIB8+Pyl6DntkfnQAbCYkIwR4b2s0TSsiODQEe3AkKV8la2sxBHt4fWkMc3h9YUx3Z2szSSsxcHYfOiI5KwR7YHt2CnpmeXYPf297
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPBHTfZYZSPGHep2hOd7JvZ9JxD2rcO%2Fz3y5tNAdruPH5Zg5ldUMwXuXW4ikLBG0j5sBO8K9wlSvf0N%2FP0StOWHnLNnTe1NZYj8nA4tRWfS0rMz7T3LsQ71uPfeTaBCj%2FRwMl2eTF9zPM1nS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd40de591e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
asd100.bin
freychang.fun/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
access-control-allow-methods
GET
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 21:37:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWgL0NzFccz6gneVA7bH6AfM3XUzsSg1clOzRbl9Wie1v33xl5zQV7%2BzO2Yc0y5k%2FvfPY5YUGpln8v8H9kQVdlwcE4PBPACGKnBSURdNLXAS9JXVb%2FqNBZobgig%2BjoywPx9IYSuDpXNCa12W"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://to.xrivonet.info
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f7ebd3dc479a17-FRA
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ 		27 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf72d05900f36c0b66dfe870f2c0fe51a62e34ee17fdcebf2d0a52b0b413315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://to.xrivonet.info
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3MuY51A6%2F3ZCn8iDMeam8ycuYBY8wgE276kGKGe9Bi40q0D30W%2Bwz4MxGe41t2%2FtPYQs3iag5%2Fqn59%2Bspra6WgCFReZCnSYvHkauyU4g34wBBKd0%2FPgyRKfz9gUAoJTYieeWSSmoxy3oUV5"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
73f7ebd3dc489a17-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
llassignament.one/ 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/utx?cb=ByTqyfZi7sQs&top=to.xrivonet.info&tid=826383
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:16 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
qigF7Kxodc7wn9PnGbRcv--xf7RU_ISRuf24UJ0Nb238xbgmhvB-qw==
YCdrNQVUIT0BAX8oPiwvDSoyPWR1FTUtAlQiEwIBcy48V2YcXRg2IHMcPBNxUxw1CicEKwASLl0bI1Ejcghs
llassignament.one/ZFc5b1oFNVoCZQVqW0kvFjsESmgicgspPlVjCBgpFiAAAm4FJA9BOQg4TAs8FjhXG3QKMk1KaCIAXV4cKwR+Kg80PngaAgMaDSQ0Mg1rOD5dNH8lCCstCQEeEzNKLDItD30FD1Iabz4eIz5VSmgmBU4iKC85bz0PMGdPJT0+HF0WKQkWUh8... Frame BF4D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/ZFc5b1oFNVoCZQVqW0kvFjsESmgicgspPlVjCBgpFiAAAm4FJA9BOQg4TAs8FjhXG3QKMk1KaCIAXV4cKwR+Kg80PngaAgMaDSQ0Mg1rOD5dNH8lCCstCQEeEzNKLDItD30FD1Iabz4eIz5VSmgmBU4iKC85bz0PMGdPJT0+HF0WKQkWUh89BRRSKRwzLw8NMjEfaQYMVRF7BGsvLg0mHTAGSA0yNQBbLBcKEEFbYy0+VSoINjMONTYiBGBcbwMRUVt/VhFyBjkzFXE9YgEWASs+LC8NOh8AcgspPAlmaiECNm9cLQMBBwoHYjYSaDs7VydrK2gAYWA6CCIOakJiUBJrHGorBAkrEiAwDw0MKS9jJ2tBZX87ajY5WFwqNg9DADc0Fk4NPiwgdT0fMj9wBh8vElc9YgEWYDwXDQJXPBwuPV8GKS4VbVswKAJrKRxXbg05DAg/YCdrNQVUIT0BAX8oPiwvDSoyPWR1FTUtAlQiEwIBcy48V2YcXRg2IHMcPBNxUxw1CicEKwASLl0bI1Ejcghs
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3e1e0436ba269f439962b9d0323676f6a564016d3013264604b09c70050a42be

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Wed, 24 Aug 2022 00:20:16 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
7y5FdrzmqS0Ww7Nj2pb1F6AFsdtdq3Q7jd0Sxz08g0_NpBK1_EmKKA==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
SVZrcmFmaQgBXBwTDEI3DC4GFAYDMQ1AIz4SLDBUEB4MOgMBB00GCC1rU0BXem5YVBEgMlZBU28lHxMVPCVWQ0cgOA0dXG8gVkJPcXhSXFFvI1ZDRz0mChVceHAbBhUla1pEV3hlW0JVeGBdQ1M
yrecomemu.one/ 		0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/SVZrcmFmaQgBXBwTDEI3DC4GFAYDMQ1AIz4SLDBUEB4MOgMBB00GCC1rU0BXem5YVBEgMlZBU28lHxMVPCVWQ0cgOA0dXG8gVkJPcXhSXFFvI1ZDRz0mChVceHAbBhUla1pEV3hlW0JVeGBdQ1M
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V32Zh9inijmaPVveg4JJoJROJ3ttvY%2F526v3flMLrCo5ZxGvryqZ9TG63mA4yJBToUbIwnGRDTS4BmsA6MQj0V1b9wcumQLHQ2WQV1V26NlwiaHvNdizoFyuKZsnTfLdC0h%2BdLFw6FT4226"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd40de491e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b2NjR2lAXAA0VD0OMj48AzkUEg49DjkfMwwgDh0DCw8yBQgCV0UzAAteW3VfXFtQYRkGB150W0kQFyYdGhBedVlfVEUuBwkMXnVPGV5TaVFBWk13TxpeUmEdHwIEelhJExczBVJSVXFYXFNTc1hZVVJ0
yrecomemu.one/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/b2NjR2lAXAA0VD0OMj48AzkUEg49DjkfMwwgDh0DCw8yBQgCV0UzAAteW3VfXFtQYRkGB150W0kQFyYdGhBedVlfVEUuBwkMXnVPGV5TaVFBWk13TxpeUmEdHwIEelhJExczBVJSVXFYXFNTc1hZVVJ0
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucamx1NElqi93OxfQJpusgc%2BOg%2BCT2%2FMQRh6OoipWTW%2BtrHROKeG3m3G0P5SauYAhEQeU8L%2BLNdwIkvf%2F%2F33F%2FnrbakbKck1Z9mF2MEHP7tOfELKqLk5JMTkjRyvpwqDZt8ZwV3skxnL2S8V"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd40de391e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KHBaATsDO14FaVkXTQN8EmNcGGlYZQ-lBPAYwH1QuATwcFH4sYFsGYlljTQN8Qj4ARSEGcFpyaVhlBFgnD3BaASsPNgNeZU9nWFIkGDoFVGlYE1kBeERlRgR9W2dGAHxbcFoBPwszCUMlT2cuBH9de1sHah9oWQ
d141wsrw9m4as6.cloudfront.net/9alVoMUwJOgZXcx48DAx6WGdYBn9MPxteIhpoAUt5XQdRCBgBYV0XOBAxVQFqBjQGVnFMMAZScVtzCVUuV2FORTwFPlVaNgcwGlM7BT4PFzkLaAVeNgM5BFBpWBNdH3xPZ1gZOwM7DF47GXBaASIecFoBfVp7WBR/ Frame 1985 		671 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/9alVoMUwJOgZXcx48DAx6WGdYBn9MPxteIhpoAUt5XQdRCBgBYV0XOBAxVQFqBjQGVnFMMAZScVtzCVUuV2FORTwFPlVaNgcwGlM7BT4PFzkLaAVeNgM5BFBpWBNdH3xPZ1gZOwM7DF47GXBaASIecFoBfVp7WBR/KHBaATsDO14FaVkXTQN8EmNcGGlYZQ-lBPAYwH1QuATwcFH4sYFsGYlljTQN8Qj4ARSEGcFpyaVhlBFgnD3BaASsPNgNeZU9nWFIkGDoFVGlYE1kBeERlRgR9W2dGAHxbcFoBPwszCUMlT2cuBH9de1sHah9oWQ
Requested by
Host: ihavelearnat.xyz
URL: https://ihavelearnat.xyz/TUFwR0IsIxMqfSx8EmE3Py1NYnALZEIBJnx1QTAxPzZJKnYsMkZpISEuBSMkPy4eM2wjJARicAt4ESsUIgwlMAgCJiofITV1SAMDNXcnACYUAx5+Dx05BCILJTEfBhc5dCgWJh8CMiAAFBdAHw0PAAgREwswMi0TChceAQ8AACoUIRs1CgQUGDQmdQQCEyQwBB0tJiYMKiIHAC4AdjITdh0HCiwOLAAmIgwqDEUFBA8xJwUMKQlDPxIXcBcdDToMRwMEeXY3HwAsACMOJy4HHwUkGzFHEAAfZEIBCQUDEQYWPgU/dnYLICYsGhkQPn8HIA8TAAUhGCoWbyEDIAYbOglBFjcMFQckBAV1Ax4EPgYpKy4nFSEJehwrRAYQHgQ3JAQ9OBERKiEDNiAsCXIyJgMeMiAJJQMkKhJ7IxY2DikKBR8BFAotKQJzJgMVAhAhExcVexpzFAADBTkSJAQiAyAwMTcCJQouGXMTMgAFeBQicz4JES97IhYhYSg+Lh43fyQ7RXAQdHgkLHZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
e8a366b149309814d0a671918c4b7950003af3deb7a7a6ec4a3612d5ff3ee76d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihavelearnat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
485
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
Tc0g-f2QLci0lW6OqWcD3y4ZISlnwSjj5jw4frFpqvSGrn_fxaYFIw==
compatibility.js
celeritascdn.com/script/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeritascdn.com/script/compatibility.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3178
x-guploader-uploadid
ADPycdvlxu67fmSufdv2DxbqqijKsYsDfI56wssurgOqEDnQ-Z8fv_ul4tuUjG2B2ycKZ9EPfYK5fhCvK40P4TBcwJ3ZsrX8oTYB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Tue, 21 Jun 2022 09:08:43 GMT
server
cloudflare
etag
W/"946bb9192a14e6dad035a9ec8178f073"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-generation
1655802523449377
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
14461
cf-ray
73f7ebd5791f915c-FRA
expires
Wed, 24 Aug 2022 04:20:16 GMT
online.php
www.tutele.nl/ Frame ADBC 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/online.php?a=4943
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
e33da19621bea563a2c3f6279b95e5c67d80c7d9c5aed09bc286ee6a02ef5c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Range,Xauth
access-control-allow-methods
GET GET
access-control-allow-origin
* *
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 00:20:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-frame-options
*
xrivonet.info.266699.js
jsc.mgid.com/x/r/ Frame CFEA 		0
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=1227240
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
cf-cache-status
HIT
age
518
cf-polished
origSize=3
cf-ray
73f7ebd58fd69156-FRA
last-modified
Thu, 24 Feb 2022 17:09:55 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
yO1oSE7HVQ6ye6FMNVK7neEtJh6Z9lJ9Q8L9DGmlMZvrPVFiEKVRZj9tP6WgL7YCK4wk5djibGQ=
cf-bgj
minify
server
cloudflare
etag
"cf64b89236d83f0076d28cfa07bc8d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
N229NRD5TYQGJVJ8
cache-control
public, max-age=10800
x-amz-version-id
null
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 24 Aug 2022 03:20:16 GMT
display.php
www.adnetworkperformance.com/a/ 		0
0
RltnWX9RR2YaLxIUJABrRjNjWnlaRmBPO0lE
d141wsrw9m4as6.cloudfront.net/ITnR1VmktGxswVjodEWtef0ZGZVBoHgY5Bz5JHGFYDBoFYV96IBYSXT06DHAdNBBIZk8iFRsxVGgRGzVUf1IUMgtzQFMiGSEfSD0TIxEHNB4hHxJwHC9JGDkTJxgZN0x8MkB4WWtGRX4eJxoROR49UUdmBzpRR2ZYflpFc1... Frame DD18 		596 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/ITnR1VmktGxswVjodEWtef0ZGZVBoHgY5Bz5JHGFYDBoFYV96IBYSXT06DHAdNBBIZk8iFRsxVGgRGzVUf1IUMgtzQFMiGSEfSD0TIxEHNB4hHxJwHC9JGDkTJxgZN0x8MkB4WWtGRX4eJxoROR49UUdmBzpRR2ZYflpFc1oMUUdmHicaQ2JMfTZQZFk2Qk-F/THxEFCYZIhECMwslHQFzWwhBRmFHfUJQZFlmHx0iBCJRRxVMfEQZPwIrUUdmDisXHjlAa0ZFNQE8GxgzTHwyRGZdYERbY1h/RltnWX9RR2YaLxIUJABrRjNjWnlaRmBPO0lE
Requested by
Host: llassignament.one
URL: https://llassignament.one/QkdWQ2EjJTUuXiN6NGUUMCtrZlMEYmQFBXNzZzQSMDBvLlUjNGBtAi4oIycHMCg4N08sIiJmUwQOAi0zcxE7KBUFPyU0NygoMgY2NiIwczsFHQABDgogD3YjOHIcCyYEHhIBDgQeAHpXCwUPEDkWd2AHKQMjGAEjCx09ewgEFSU7NwUgBAQbFBIwcigXCjE3GxMBGyomEQIwECVyEx87JAoJFHcJCj8cNCkBfhwEJSkTHDsGGAlmO1kPLBR3NhUzERE5diIcOw4QCAR3WBcSMi4jODcEEVMYHjAvEQQkZywsFxIyLikrJDcSUwgKMBc7Ex0QKFMTLHsFRHABAgsZBwEVGjsLLxMALDU0OgswBD0BNAkAFTsFKSQSHBI7BCs7CxlyLhQAKxAVLhUsJAIHGTE1DiQWNCYqEioSGg88LyAjdwwFLxMCbgQZJT0CCxY7FREZBRsCBCE4cy9zcScQKyItNhp+BBFTGyYaOygXDRcBExAtGCk2LCs3EQwAFxlzDQdhPDAOLDdrKlZzBTgzVnRzAiAldjQYOg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
c579e9ff7aee014e956c09de99742acd825512d56a2f7811f7dc5377c59c2bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
454
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
-18VkltDYBVpCN4B4LlF0ISWOnDZW_6-6pHh8UzeRnCk8wPXxKLDkw==
T0Rna3pRXzomPAwbdHwLREVhIiEKEnR8eAYSMiUnSFJjfisJBT4jLURFF394VVlhYH1QRmNgeVFGdHx4EhY3LzoIUmMIfVJAf31+RwJsfw
d141wsrw9m4as6.cloudfront.net/Wd1FOSGEUPiAuXgM4KnVZRWd9cFJROz0nDwdsChIXDjU6MVQDGil+RwMrKnVRUT0vJgZKdysmAkpgaCkFFWx6bhUHPiV1FBk1Ky4IGTQqbhQWbCMnGx49IilERRd7ZlFSY35gFh4/KicWBHR8eA8DdHx4UEd/fm1SNXR8eB... Frame BF4D 		456 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/Wd1FOSGEUPiAuXgM4KnVZRWd9cFJROz0nDwdsChIXDjU6MVQDGil+RwMrKnVRUT0vJgZKdysmAkpgaCkFFWx6bhUHPiV1FBk1Ky4IGTQqbhQWbCMnGx49IilERRd7ZlFSY35gFh4/KicWBHR8eA8DdHx4UEd/fm1SNXR8eBYeP3h8REQTa3pRD2d6YURFYS-84ERs0OS0DHDg6bVMxZH1/T0Rna3pRXzomPAwbdHwLREVhIiEKEnR8eAYSMiUnSFJjfisJBT4jLURFF394VVlhYH1QRmNgeVFGdHx4EhY3LzoIUmMIfVJAf31+RwJsfw
Requested by
Host: llassignament.one
URL: https://llassignament.one/ZFc5b1oFNVoCZQVqW0kvFjsESmgicgspPlVjCBgpFiAAAm4FJA9BOQg4TAs8FjhXG3QKMk1KaCIAXV4cKwR+Kg80PngaAgMaDSQ0Mg1rOD5dNH8lCCstCQEeEzNKLDItD30FD1Iabz4eIz5VSmgmBU4iKC85bz0PMGdPJT0+HF0WKQkWUh89BRRSKRwzLw8NMjEfaQYMVRF7BGsvLg0mHTAGSA0yNQBbLBcKEEFbYy0+VSoINjMONTYiBGBcbwMRUVt/VhFyBjkzFXE9YgEWASs+LC8NOh8AcgspPAlmaiECNm9cLQMBBwoHYjYSaDs7VydrK2gAYWA6CCIOakJiUBJrHGorBAkrEiAwDw0MKS9jJ2tBZX87ajY5WFwqNg9DADc0Fk4NPiwgdT0fMj9wBh8vElc9YgEWYDwXDQJXPBwuPV8GKS4VbVswKAJrKRxXbg05DAg/YCdrNQVUIT0BAX8oPiwvDSoyPWR1FTUtAlQiEwIBcy48V2YcXRg2IHMcPBNxUxw1CicEKwASLl0bI1Ejcghs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
bbbdcca1fe8467beccce208ada36465a6208141fffbf292fb5346102713c000b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
358
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
-CF22v1jsfZR46JUug6un2u9lW1RcMxLDqgZP0YuBCCC6ImcVDWiYA==
A0ViMzJFGCZ9aHJQeGg2WB4vfWgBEi87MV5cb2pqUh04NzdUUHgeawFBZGh0BER7anQARXt9aAEGKz47QxxvahwERn12aQdTP2U
d141wsrw9m4as6.cloudfront.net/WWFoxdUo7NV8TdSwzVUh8YG4JQnt+MEIaJChnWy8uDAtiEB8BAn9TPiI+DEVsNDtfEnd+P18Wd2l8UBEoZW4XACtlN14PIzQ2UFB4Hm8fRW9qahkCIzY+XgI5fWgBGz59aAFEenZqFEYIfWgBAiM2bAVQeRp/A0Uybm4YUH... Frame C410 		279 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/WWFoxdUo7NV8TdSwzVUh8YG4JQnt+MEIaJChnWy8uDAtiEB8BAn9TPiI+DEVsNDtfEnd+P18Wd2l8UBEoZW4XACtlN14PIzQ2UFB4Hm8fRW9qahkCIzY+XgI5fWgBGz59aAFEenZqFEYIfWgBAiM2bAVQeRp/A0Uybm4YUHhoO0EFJj0tVBchMS4URwxtaQ-ZbeW5/A0ViMzJFGCZ9aHJQeGg2WB4vfWgBEi87MV5cb2pqUh04NzdUUHgeawFBZGh0BER7anQARXt9aAEGKz47QxxvahwERn12aQdTP2U
Requested by
Host: llassignament.one
URL: https://llassignament.one/S0kyZG4qK1EJUSp0UEIbOSUPQVwNbAAiCnp9AxMdOT4LCVoqOgRKDScmRwAIOSZcEEAlLEZBXA0eZSIBMy1nC1kFHwowChg+SDI7I3FrI1oBGFwQS3kLfyEnKgNxDAAcMAoRKgo9WyEscwtzClcfGVstS3kLdiE4OAd2EAgOJ1ZBXAkZA1w5L3teXDsJDF0+OX8RcycaJwcDUD4CM2NWOw0LBiwDcy9gM1c6KFoPLQIza0FcCRFVLVstHlUmKTF8CwUvDQxXCjQ6D3c9Jy0eVSYvIgQABi8dGFc2Hm57dCVeHjBQCVoSHHoMAQR5dyIkIXlGMiwoIX83Wh4bRRwaKhgfPgwuHgdBXA0IAjIHBjN4IikIEwsFJgEYVyMJeR5wUBgtHlUmKyJxBSk4fipQVh46HFpUWgUzVjE7Ay5XBRkNC2gjBnsLdzZZKidjJTwTPQsFLw4OeR5afBhKHBgqIUUhPCV4AAU/Lx1iVjttI0ELADt0WD4KHxhhATsSEXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
4eb77488e35219dfd6a406128cc5af6f611396451ecebdaf73f305a3ea56a5b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
250
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
WhWU6jxszu4WdUstEGzms6o-z3-mBW8Q1EQj0iO1X2L5EGAbPzyNrg==
nRXYwQTUmGV4nCjEfVHwCcE8HdwRjHEMuWzVLWylQAxN7BFg0GUd1EzEMVHwFYxpRL1J4UFUvVnhHFiBRJ0sEZ0AkS10uTywaXCAQdzAFbwVgRABpQiwYVC5CNlMCcVsxUwJxBHVYAGQGB1MCcUIsGAZ1EHY0FXMFPUAEaBB3RlExRSkTRyRXLh9EZAcDQw-N2G3Z...
d141wsrw9m4as6.cloudfront.net/ Frame 52AC 		192 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d141wsrw9m4as6.cloudfront.net/nRXYwQTUmGV4nCjEfVHwCcE8HdwRjHEMuWzVLWylQAxN7BFg0GUd1EzEMVHwFYxpRL1J4UFUvVnhHFiBRJ0sEZ0AkS10uTywaXCAQdzAFbwVgRABpQiwYVC5CNlMCcVsxUwJxBHVYAGQGB1MCcUIsGAZ1EHY0FXMFPUAEaBB3RlExRSkTRyRXLh9EZAcDQw-N2G3ZAFXMFbR1YNVgpUwICEHdGXCheIFMCcVIgFVsuHGBEACJdNxldJBB3MAFxAWtGHnQEdEQecAV0UwJxRiQQUTNcYER2dAZyWAN3EzBLAQ
Requested by
Host: llassignament.one
URL: https://llassignament.one/OVNpNG9YMQpZUFhuCxIaSz9UEV1/dltyCwhnWEMcSyRQWVtYIF8aDFU8HFAJSzwHQEFXNh0RXX89O2w2TgI9YQJ+BV1aLFMWD2InThAKcVdxNx5mBXEWJEE4QwUlYxZVAihMIQ4RL1NffgYNBSpDFiRiJ04VMEwfax9YfltsFTxCOVc7IXIGewEjBBx8CVl1BGpiWUE7QCQIbCx4Ag1OLn8xHmIIaxIrRD5QJDBiLAwQJ1giejA/RxdsJCNMLXEFMHUoaBQrBSJ6MDx9HH4SMwUqcQpZcjd0FTlhLnwyK3Zcaz8sTD1qOD1mFmsLJVxWfAkoVytoJER6XX5gM3UpYR4vVj0ICidiCEkGHn0sfBsNczd6Owx9KXQQCmImXhU/RxpxFCtxLnoZDXoXVTcjdi0KHihyF3gEHXMnVwIsUCpoNgp1OQkGHn4Xazo4ZTptHQptKmthDXU1QAQoelx8KSt4Lmh1A0cAVyNUXwdcFQx/KlQiBkNb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-150.fra56.r.cloudfront.net
Software
/
Resource Hash
1219c5bc5a69a4867c8e905b834596a3b2b30000b69147cb7aec859043f7d91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
187
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
KBrYWhFakWICf8ebosoaI2tZt5cQ1pX0MJZp-uOEzQbUWZAWt-mmBw==
pop.js
c1.popads.net/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.popads.net/pop.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
29edb89f7b40f0c87cbbfd0b6079a11e461ee20a2639a45fdca31f5ade5eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt
AZySIRADJXL/fSMEAA
x-accel-expires
@1662065987
date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
br
etag
W/"62c200ca-7b48"
last-modified
Sun, 03 Jul 2022 20:49:14 GMT
server
CDN77-Turbo
x-77-nzt-ray
7gnL1yzBqI0
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic="156.146.33.16:443"; ma=2592000; v="44,43,39"
x-cache
HIT
x-age
271229
x-77-pop
frankfurtDE
invoke.js
www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 24 Aug 2022 00:20:16 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
id.html
st.chatango.com/h5/gz/r0817221641/ Frame BBF0 		681 KB
219 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/h5/gz/r0817221641/id.html
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
05cfeecca96c97e0d3f0106989942e329e2d69591925e0ca99fef0aee32ceee9

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224127
Content-Type
text/html
Date
Wed, 24 Aug 2022 00:20:16 GMT
Expires
Thu, 24 Aug 2023 00:20:16 GMT
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
P3P
CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Server
nginx
r.json
st.chatango.com/cfg/nc/ 		20 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/cfg/nc/r.json?5768710020000088758738261
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
identify.html
ufpcdn.com/script/ Frame 7B51 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/compatibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73f7ebd5b9ff91e1-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 00:20:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDVHpyiEh5Ww5uiuXD%2F2ttS0aEFk7%2BDymNSnyIT0EkiGHCbrIgBRIxMyQFDmLw9YiJtXwhpLqXmfkJl7b8VXAcj%2BrMiMKkolmvc7LIXJ9%2Fuo2Rkb4CNmqDgSlX4det6cerh1AnUWk1gb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
c.adsco.re/ 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:16 GMT
content-encoding
br
cf-cache-status
HIT
age
15930
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
73f7ebd639a79be6-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Sat, 24 Sep 2022 00:20:16 GMT
colored.js
widgets.amung.us/ 		0
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51176
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 00:13:58 GMT
/
6.adsco.re/ 		0
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://to.xrivonet.info/
Origin
https://to.xrivonet.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://to.xrivonet.info
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebd68cf968f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
4.adsco.re/ 		0
461 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://to.xrivonet.info/
Origin
https://to.xrivonet.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://to.xrivonet.info
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
4.adsco.re/ 		43 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
a2bb5dbd031bc524572d086e58eb77ccc9ca729c388f4b8a9dec157b54641d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://to.xrivonet.info
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		47 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b5cfa150dfc2d70fdf90212ec8bf76d051fcb3a65668d5273bba114434710c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://to.xrivonet.info
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebd68cf768f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
utfgb3ti6mif.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://utfgb3ti6mif.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
utfgb3ti6mif.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://utfgb3ti6mif.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
utfgb3ti6mif.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://utfgb3ti6mif.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Shah Alam, Malaysia, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://to.xrivonet.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 25FC 		61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer
https://to.xrivonet.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age
15931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
73f7ebd69eb89124-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 00:20:17 GMT
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 24 Sep 2022 00:20:17 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server
cloudflare
vary
Accept-Encoding
/
6.adsco.re/ Frame 25FC 		0
379 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebd7ca1e6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
4.adsco.re/ Frame 25FC 		0
455 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
suurl.php
onclickgenius.com/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickgenius.com/script/suurl.php?r=2059055&cbrandom=0.14349663205320806&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=RivoRD&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/compatibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
8d8490132ff0266970e73fa01ecf0f4b16dbb384c6b4d66a85338db6e769f73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/javascript; charset=utf-8
chrome.js
celeritascdn.com/script/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeritascdn.com/script/chrome.js
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/compatibility.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
616
x-guploader-uploadid
ADPycdtUW-JJ6VmJ_q005I5SHEiHBcDKXwaaMqLnjcvcZRD4Dn8pDsP5Dh4_4LOC6qrEFxR92Aeug7GZa-6zz3nZ9-eYa4b5Qogk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Tue, 21 Jun 2022 09:08:35 GMT
server
cloudflare
etag
W/"570f12f75cff1a833ca0c6d20df2d678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=+lXQYg==, md5=Vw8S91z/GoM8oMbSDfLWeA==
x-goog-generation
1655802515177297
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
25892
cf-ray
73f7ebd7cb2f915c-FRA
expires
Wed, 24 Aug 2022 04:20:17 GMT
suv4.js
acacdn.com/script/ Frame ADBC 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acacdn.com/script/suv4.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:35e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f48b0a1a5390d4da6cba02ad516da028a3f00a2f4c7c813ebc7f3de38b3cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash
crc32c=9BvRWQ==, md5=kfDH6l+z5IV3um3zH+/G3A==
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
726
x-guploader-uploadid
ADPycdt-VZQTdEHZWg6TEHOtwR2LxMSLR5FIZo2z_c_CX1WmTXzeSFY7EIFHHxaVQJaivSrDSILXDseB7qqXeGmS8ZL5yt4l5ZSJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 12:57:17 GMT
server
cloudflare
etag
W/"91f0c7ea5fb3e48577ba6df31fefc6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW2hru2KJX5Ku1XebJ88vMOuMF10EsK3rzlNLKh%2FJ%2Blg7iI96vmzEiGliIBTwz%2FnPp2Vqlwp1sZL45VR6Q3XykAMvYzlx8G9F9lfm7UjbXK7Veh6GTZGFABfVxRbxN1DLI%2FT0AEbC8Ey"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1661259437726517
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
100209
cf-ray
73f7ebd80a979299-FRA
expires
Wed, 24 Aug 2022 00:09:54 GMT
loader.js
cdn.taboola.com/libtrc/chatango-network/ Frame BBF0 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33267c5eced7d4aee4a28cbc4f748207a6e09683561a7154288a40ad6b8cd856

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
wgSLEx4bRxSFIR1re.Jpm7zCXR9vJVl7
content-encoding
gzip
etag
"91d25f8f333cd922a080e231a3f803d4"
age
107
x-cache
HIT
content-length
20765
x-amz-id-2
/PfsLrxP8E+NPBpx67w20mlBklh++sAi2KAf+SMJmt5GWWATp0ZMvn9luA2ingo/eDmr82kF/Mk=
x-served-by
cache-hhn4073-HHN
last-modified
Tue, 23 Aug 2022 09:17:31 GMT
server
AmazonS3
x-timer
S1661300417.285820,VS0,VE1
date
Wed, 24 Aug 2022 00:20:17 GMT
vary
Accept-Encoding
x-amz-request-id
9SQECDZWDSWP4MYP
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
59
x-cache-hits
1
/
c.adsco.re/ Frame 25FC 		61 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cf-cache-status
HIT
age
15931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
73f7ebd808399124-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Sat, 24 Sep 2022 00:20:17 GMT
embed.php
www.tutele.nl/ Frame 34B5 		14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
a17e575c8bdd5f930ede0a0c84723dfbef00a1ceaee6a45499a9c64de2d2566c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

Referer
https://www.tutele.nl/online.php?a=4943
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Range,Xauth
access-control-allow-methods
GET GET
access-control-allow-origin
* *
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 00:20:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-frame-options
*
bootstrap-markdown-editor.js
www.antiadblocksystems.com/ Frame ADBC 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.antiadblocksystems.com/bootstrap-markdown-editor.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9119b80a2e8751adc2da10e7886c3cd8d1756a554c886ce58186b0d8583c75bf

Request headers

Referer
https://www.tutele.nl/
Origin
https://www.tutele.nl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
365248
alt-svc
quic="156.146.33.25:443"; ma=2592000; v="44,43,39"
x-77-nzt
AZySIRl5LB3/wJIFAA
x-accel-expires
@1661539969
server
CDN77-Turbo
x-77-nzt-ray
dJo2ktI5ejo
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Fri, 26 Aug 2022 18:52:49 GMT
/
6.adsco.re/ Frame 25FC 		0
0
/
4.adsco.re/ Frame 25FC 		0
0
impl.20220823-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame BBF0 		679 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220823-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
93acf2aa28a9d6056e2a2984e4512b64c434d19ea7639715fea24ebbfc2488a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
uyuZY26toIHTDBrTxMqwscU0q1ZJTYKx
content-encoding
br
etag
"8cac45bdeaed21d088327ff376a0dd33"
age
25471
x-cache
HIT
content-length
143698
x-amz-id-2
fS6FjHHjRo6TigHnZBKyH/pbuKI9MXtMCaArioYV37H+tD2xJhbrMrol3J89HtueF9LVX6Qdcwc=
x-served-by
cache-hhn4073-HHN
last-modified
Tue, 23 Aug 2022 09:08:00 GMT
server
AmazonS3-br
x-timer
S1661300417.308645,VS0,VE0
date
Wed, 24 Aug 2022 00:20:17 GMT
vary
Accept-Encoding
x-amz-request-id
N3T2S0ESMKJEMY4M
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
26
x-cache-hits
12660
beacon.js
sb.scorecardresearch.com/ Frame BBF0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 04:55:43 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
74658
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ilhU33bIDAqylY82ThfznAuAp7LpLQMRuVUwl2dJfObj3bhOZ3YdnQ==
ut.js
acacdn.com/script/ Frame ADBC 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acacdn.com/script/ut.js?cb=1661300417319
Requested by
Host: acacdn.com
URL: https://acacdn.com/script/suv4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:35e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1383d51b30333aaba125dd487a5d4ece438a3814d0ab70b21fa0a5c9912054a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash
crc32c=DCNmfg==, md5=qwyv0UiDRgXPexLkxERPkw==
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
457
x-guploader-uploadid
ADPycduVuON5ECRLjPMfop5GWJJdOCS-Zv3N_NdurMqqSmL3bQ4N_EQD94r9bCkkNKieNpJl14XqR3zWK5VHtb1RT0uuAspVSACM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 09:30:42 GMT
server
cloudflare
etag
W/"ab0cafd148834605cf7b12e4c4444f93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmYn3a3lzSMf7dpyAhO5F3d6lFjveFlZit19ybWZmxrIC0%2BheraHN8Xe08cckkVgyLUMd6TpX71azdz7CXmnYCPN3RDEZEPlvWHQNAIouGDjkEjCFJ4aqMGpGq4IQZGtKINeHe%2BsWu4u"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1660728642863135
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
70800
cf-ray
73f7ebd86a639128-FRA
expires
Wed, 24 Aug 2022 01:06:41 GMT
suurl4.php
youradexchange.com/script/ Frame ADBC 		1015 B
964 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3386031&cbur=0.9653438627702353&cbiframe=1&cbWidth=760&cbHeight=460&cbtitle=&cbpage=https%3A%2F%2Fto.xrivonet.info%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acacdn.com&aggr=0&chmob=?0
Requested by
Host: acacdn.com
URL: https://acacdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
523a688a11c4c7103b7d3a94cefa2aa7b118f4e9d02be307545b9603f3401707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
sandblaster.js
www.tutele.nl/ Frame 34B5 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/sandblaster.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
4ce1e5427d15be50d50e0e14c06a81e40eda36549ebaaf6c06c51c2b866e7387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 25 Apr 2022 19:23:53 GMT
server
nginx
etag
W/"6266f549-429d"
x-frame-options
*
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Range,Xauth
expires
Fri, 23 Sep 2022 00:20:17 GMT
sandblaster.min.js
www.tutele.nl/ Frame 34B5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/sandblaster.min.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
5da048e4409443b39a10c99304c14a5f2f5a58bc234a870f814ad0ce583f6129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 25 Apr 2022 19:23:53 GMT
server
nginx
etag
W/"6266f549-179b"
x-frame-options
*
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Range,Xauth
expires
Fri, 23 Sep 2022 00:20:17 GMT
sandblaster.min.js
www.tutele.nl/node_modules/sandblaster/dist/ Frame 34B5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/node_modules/sandblaster/dist/sandblaster.min.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
5da048e4409443b39a10c99304c14a5f2f5a58bc234a870f814ad0ce583f6129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 25 Apr 2022 20:10:08 GMT
server
nginx
etag
W/"62670020-179b"
x-frame-options
*
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Range,Xauth
expires
Fri, 23 Sep 2022 00:20:17 GMT
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/ Frame 34B5 		456 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13445913
x-jsd-version
0.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19134-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"72005-xDPIgqHJfOeFuHY26QsUErnjK9w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Awvyxw5fsJSU7GcTa1ANycMwYxM%2Bo4KPs4%2Fk6uJ2hMflraatROwNJQWxcWY6BmBhAc6849pzH09yd34n%2BplhARhoivM%2B9WPpZwDfv%2BHrLqsuCsyTXW2rbbjKmmLXfv1nGA9QCxKcplze6wv%2BpEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
73f7ebd88db26987-FRA
p2p-engine.min.js
cdn.swarmcloud.net/hls-de/ Frame 34B5 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
b9ea049727fcd50d491e3af6bbe4bfcde271c337e66332c06c2a2065e7177f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-fileserver
405
cdn-storageserver
DE-197
cdn-cachedat
08/16/2022 01:58:43
cdn-pullzone
703142
server
BunnyCDN-DE-832
last-modified
Tue, 16 Aug 2022 01:55:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62faf8f4-2ded7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
73003af9-f5bf-4a0e-8911-a1c8c0ebb2f0
cache-control
public, max-age=3600
cdn-requestid
054c310a9323f4f6546e8620102f61ee
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 34B5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38930
x-jsd-version
2.0.2
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19135-FRA, cache-cdg20764-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiw1FT2yQH8Q2Dnin8%2FsCR%2B5ll8BVXWCKw1gJtUk5DEkIH%2Bl%2FqnZNq48kcPx5l%2BgsZtJ4dU%2B6BhPerY7LfnNTBSFtJAqEp3HQFq78brjjHNnWeYZeORcDwbwNEjfhEPYAfqdG%2B72kDX89jZNY2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73f7ebd88db56987-FRA
access-control-expose-headers
*
/
dwr3zytn850g.cloudfront.net/ Frame 34B5 		203 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:c:4a6d:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
24fd67b01124b3d4b89c7511b03e916a0a11ef91dc3790615c0d5814625277c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
68443
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-id
PYcHmIosg-MHaNTaSsDr_g3j81sR8cbmFGkCsTBNVLPdUYVYhhqT0Q==
yzfdmoan.js
befirstcdn.com/script/ Frame 34B5 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://befirstcdn.com/script/yzfdmoan.js
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:970c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f48b0a1a5390d4da6cba02ad516da028a3f00a2f4c7c813ebc7f3de38b3cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
60
x-guploader-uploadid
ADPycdtKGMujS9ZcToJZLXeUaBmb4DqgeIh1jwPgrS6UwnJjX7x7WQapIFIY8RsHroW-JQiUZ9EnbMxIt5pGXiiRROoNAcfG7ARx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Tue, 23 Aug 2022 12:57:49 GMT
server
cloudflare
etag
W/"91f0c7ea5fb3e48577ba6df31fefc6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=9BvRWQ==, md5=kfDH6l+z5IV3um3zH+/G3A==
x-goog-generation
1661259468955717
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100209
cf-ray
73f7ebd8982f6958-FRA
expires
Wed, 24 Aug 2022 04:20:17 GMT
popunder.gif
yrecomemu.one/ 		35 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/popunder.gif
Requested by
Host: to.xrivonet.info
URL: https://to.xrivonet.info/universo.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Aug 2022 00:20:17 GMT
cf-cache-status
HIT
last-modified
Sat, 20 Aug 2022 01:16:23 GMT
server
cloudflare
age
342234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E7bP2%2FdSC0LUbVBQRdRXxu%2BzJPWncY%2BOgl6P%2B%2Bikm%2BryT2voWFNw8o%2F6r4KjJt3q854FE3m7LjxeZnLFFEyBUSbfh4b6IvHgU1vUA39gCenR9dBhudy2XBUKR1rF9ssIULDJ7%2BmKVURn9KW"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73f7ebd87a2e9a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
multi
llassignament.one/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/multi?cs=d3NCNnNBQHoDQEJDcQRDT0d3BkE&abt=0&red=1&sm=76&k=&v=1.0.59.0&sts=0&prn=0&emb=0&tid=712339&u=1871442350193956&agec=1661300416&fs=1&mbkb=263.1578947368421&ref=https%3A%2F%2Fto.xrivonet.info%2Funiverso.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&_OG8h=1661300417395&crc=1
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=622073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a9b64aeb83b069d034bcda24ef8e6b888fe857ca9b0a2fcb6c4a4a8ed16880d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
1458
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
4LJ9UxW62OrVaYsSLBDi-Vev9GxvwXW94nO2JupCgKPGbddpmmhS9Q==
bVE1clBCblYBbT8JXR4FKGBPJjwjOlMcBiwJYiBkCQRdJTElBBMGOQlsDUBmXmkGVCAENQhBYksiQRMkGCIIQGBdZhMbPgs+CEB2G2wFXGhDaBtCdhhsBEpnXGUBQGNYYQRLY1RkA1QkHTBST2FLIUEGPFBgA0RhXmEFRmFaYgxE
yrecomemu.one/ 		0
473 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yrecomemu.one/bVE1clBCblYBbT8JXR4FKGBPJjwjOlMcBiwJYiBkCQRdJTElBBMGOQlsDUBmXmkGVCAENQhBYksiQRMkGCIIQGBdZhMbPgs+CEB2G2wFXGhDaBtCdhhsBEpnXGUBQGNYYQRLY1RkA1QkHTBST2FLIUEGPFBgA0RhXmEFRmFaYgxE
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFn6E%2BU5vPoiBQkta7K2Cq8ErGmPpF6botRXC7HCzQVC1pLF60KfW5x9wvAr9kkRWHPmJE180B7TJNWAbw5%2FHMZjw%2B5iU2Ud8HPdd3I2YZ3KHG1rMjOgbJrNyA%2FMB6%2BSD7TJBh4lt5F%2BztfP"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebd8ca809a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
llassignament.one/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/floater?cs=NlN0a1AAZUJfYwZrTF9lBmNHU2g&abt=0&red=1&sm=83&k=&v=0.8.9.0&sts=0&prn=0&emb=0&tid=826383&u=1871442350193956&agec=1661300416&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=263.1578947368421&ref=https%3A%2F%2Fto.xrivonet.info%2Funiverso.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td9_oi1_&_HRLT=1661300417397&crc=1
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
759b68db71b5807635aafa401d8e1b4633d563007c7787e1ef3fef4c9721afc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://to.xrivonet.info
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
860
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
i-oThen7HI44NIEICV0TB3s8LlCtUy64IC--R6_xIE201wd2NFiAAQ==
b
sb.scorecardresearch.com/ Frame BBF0 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661300417402&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817221641%2Fid.html&c8=&c9=https%3A%2F%2Fto.xrivonet.info%2F
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Vf-onijOnXmKucNyAHjdhejcezatOd_XdgenytHQsDPHCgzkUY0zuQ==
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ Frame BBF0 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4697
date
Tue, 23 Aug 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 24 Aug 2022 01:02:00 GMT
truncated
/ Frame 2312 		900 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
p
adsco.re/ 		362 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
1e701247f89808a37ebab306d5eda89e46c08678586bc37d48ef93f05178a6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

AS-P-G
OK
Date
Wed, 24 Aug 2022 00:20:17 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://to.xrivonet.info
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
/
c.adsco.re/ Frame ADBC 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/bootstrap-markdown-editor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cf-cache-status
HIT
age
15931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
73f7ebd9fa119124-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Sat, 24 Sep 2022 00:20:17 GMT
gprofile.xml
ust.chatango.com/groupinfo/r/i/rivosp/ Frame BBF0 		46 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ust.chatango.com/groupinfo/r/i/rivosp/gprofile.xml
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Sun, 02 Nov 2014 20:41:56 GMT
Server
nginx
Content-Type
text/xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Wed, 24 Aug 2022 00:20:18 GMT
/
6.adsco.re/ Frame ADBC 		0
346 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tutele.nl/
Origin
https://www.tutele.nl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.tutele.nl
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebdaac546937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
4.adsco.re/ Frame ADBC 		0
458 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tutele.nl/
Origin
https://www.tutele.nl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.tutele.nl
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
4.adsco.re/ Frame ADBC 		43 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
a2bb5dbd031bc524572d086e58eb77ccc9ca729c388f4b8a9dec157b54641d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.tutele.nl
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ Frame ADBC 		47 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b5cfa150dfc2d70fdf90212ec8bf76d051fcb3a65668d5273bba114434710c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.tutele.nl
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebdabc656937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
4qcrqctvqdi8.l4.adsco.re/ Frame ADBC 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://4qcrqctvqdi8.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tutele.nl/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
4qcrqctvqdi8.n4.adsco.re/ Frame ADBC 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://4qcrqctvqdi8.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tutele.nl/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
4qcrqctvqdi8.s4.adsco.re/ Frame ADBC 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://4qcrqctvqdi8.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Shah Alam, Malaysia, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tutele.nl/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 5DD4 		61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer
https://www.tutele.nl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age
15931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
73f7ebdabaaf9124-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 00:20:17 GMT
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 24 Sep 2022 00:20:17 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server
cloudflare
vary
Accept-Encoding
/
6.adsco.re/ Frame 5DD4 		0
343 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
73f7ebdb7cd16937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47
/
4.adsco.re/ Frame 5DD4 		0
455 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/online.php?a=4943
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:17 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ Frame 5DD4 		5 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:17 GMT
content-encoding
br
cf-cache-status
HIT
age
15931
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
73f7ebdb9b959124-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires
Sat, 24 Sep 2022 00:20:17 GMT
/
6.adsco.re/ Frame 5DD4 		0
0
/
4.adsco.re/ Frame 5DD4 		0
0
c
serve.popads.net/ 		44 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.popads.net/c?_=BAoAYwVuwQFjBW7BgAGBAsAAIAuUSBAQYQxt9t87OeOiYJ_yFkN0waLPF8b-vWm0ExFjwQBGMEQCIEFuUKalqN-OWcCYT78DYPxGRnXL5yKivvVTdBon7fP0AiA56aPxm_HpgK1vkAWDDRGi84K5yg08eGSQOYlgdknzD8IAIG0CYxCvU_N070ml66vZy864Q7a6CTvbLiXo6pvNwjvfxAAQKgEEoAArAAAAAAAAAAAACMUAEJGxikdD6Zox0l12dYCUgM_DAEcwRQIhALB01G0h0ZuyLhzLK1SCQeKvwKP5YfmmSr5Ks6itilmxAiA33gmpetC6KV2kjZPTSnZKpJsEZrc-YaRdop99DQ3wvA&v=4&siteId=2082502&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.10 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/universo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
asf
9
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
popads-ec
ASB
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
44
asd100.bin
freychang.fun/ Frame 34B5 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
access-control-allow-methods
GET
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 23:33:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZIIICIOnOI%2FobvNes37CTFD6AIvli0q8PhBlasjsu2ZTRu%2BZ%2FvwpMpekMbbHFxEsWe4QPMZN5%2B5war%2BSJLKQDaZBgFodgeoAnPUB%2BgL9btqLyWN7lesF3%2FyCp3R66tZgqFSaxgl0b%2B7Qmi3"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://www.tutele.nl
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f7ebdceb64907c-FRA
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ Frame 34B5 		27 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf72d05900f36c0b66dfe870f2c0fe51a62e34ee17fdcebf2d0a52b0b413315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.tutele.nl
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lygpHL9ZBkRkaHmZftWg6ceOqmIhSGME8Jt5hwG0RFric%2F6npx5r1BJmG8jgZzDPGHjWR1yPvfkfAlgKPaLVOMsuX%2BIOMiA3gutJJ%2Fub0t5LjR7AR6UbrJxU7byhtYptjLPPZPcCMk1nElgP"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
73f7ebdceb62907c-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
llassignament.one/ Frame 34B5 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/utx?cb=m8avIpINxQGY&top=www.tutele.nl&tid=938710
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:18 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.tutele.nl
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
Uysow2Y81EjDv-bG3KvxsvmFTRuJVxLDmcHbx-ucQOJOAFs2wa82oQ==
CSYoex4XOiwlPjIuXSg9HSUiHAMZCy8MChk+Gj0fLgNAED8tOjQoOjgtPR8OET8lDw4uOD4AODkYKwwvSiIJCD8OIiUmOzktCiIoOQE7BS8ROTgSDjstOAsWPSssDy4vXgEJKC8MJBwoNzgqJi8uOwETAzk+NywqETo6C0gKOT8yIDI4XBwoOQg0EzsoITcYODAtP...
llassignament.one/bUp5em8MKBoXUAx3G1waHyZEX10rb0s8Cxo4SgAWGSRBT18KZBoWABguHwgAAz5XFAoZb0s8DiMnDRELOSIvOC4CHjtKJi4LPB0tLxw3Lj0sLSg7PQ4rLxE1OgYDFhcsIg4CPTgILDE5DiIsOC4LAhE/KS8hSTMpKxArLAQkGy8WOTocLzQ... Frame 84E1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/bUp5em8MKBoXUAx3G1waHyZEX10rb0s8Cxo4SgAWGSRBT18KZBoWABguHwgAAz5XFAoZb0s8DiMnDRELOSIvOC4CHjtKJi4LPB0tLxw3Lj0sLSg7PQ4rLxE1OgYDFhcsIg4CPTgILDE5DiIsOC4LAhE/KS8hSTMpKxArLAQkGy8WOTocLzQ1OC0VID4/fzo9GB4vOywMPwkrIDU8GE0xJyt6KDIIOwMvLAQ/DisWOjt6TC0iGnogLV8rAjo4Ww4OKw4MOhgOIjosJT44PS8bOh01DBw/CSYoex4XOiwlPjIuXSg9HSUiHAMZCy8MChk+Gj0fLgNAED8tOjQoOjgtPR8OET8lDw4uOD4AODkYKwwvSiIJCD8OIiUmOzktCiIoOQE7BS8ROTgSDjstOAsWPSssDy4vXgEJKC8MJBwoNzgqJi8uOwETAzk+NywqETo6C0gKOT8yIDI4XBwoOQg0EzsoITcYODAtP3lNPjgrBBs5GC8EPC8IJ2wTCQADOkQxIyR+Di9fFSg7STsF
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
d5c7ac4a855e9f3fb7029942354d2da2d7d8d2102ed23586e45a6d3278a28439

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1233
content-type
text/html
date
Wed, 24 Aug 2022 00:20:18 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
Vr1vMV3kPDhRM1lPe72k3W2gWFZKae9m7KQKH8lJ-nJhKr-4oEiP6A==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
GzEuAgcbHAchGyouAD18IhQGNBYeJilVBj0iCyEEFBsWIA09Mg00FUslKVEcPxwPIx9IRw80DV4dNgoiCEoBUCIgPgEkDUg
llassignament.one/ZUx4d0UELhsaegRxGlEwFyBFUncjaUoxIRI+Sw08ESJAQnUCYhsbKhAoHgUqCzhWGSARaUoxMgZ+SEMLLQkpNik/HywQJiAUORsMNAotJwcwDi41dREuMAALNCo5MiMuNSpPITEOPCR1HQM+InABBBQQFC0dFzEADR0cMyIwCi4PDC8bHxs... Frame CF37 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llassignament.one/ZUx4d0UELhsaegRxGlEwFyBFUncjaUoxIRI+Sw08ESJAQnUCYhsbKhAoHgUqCzhWGSARaUoxMgZ+SEMLLQkpNik/HywQJiAUORsMNAotJwcwDi41dREuMAALNCo5MiMuNSpPITEOPCR1HQM+InABBBQQFC0dFzEADR0cMyIwCi4PDC8bHxsDMx4QLQY3OxsxdCMVMCUPLA8WPQA9GkgTBw4KGjApIy0+JTIEHwAxATQ7NjoAMAI8LwQCLSkhHwApEDEBNDQIJRIOKDAkBBF+LjIDAR05PQMyJx88BycNPD8TNx46Hxw1GUlHAzMgQVJ3Jw0tPQA0O1UEBjMJPhMAI3QiNTInGT0iCBIfORgALR4XMB03CjwmMhUoLg8qBh46RwI0HjkxFgk/GzEuAgcbHAchGyouAD18IhQGNBYeJilVBj0iCyEEFBsWIA09Mg00FUslKVEcPxwPIx9IRw80DV4dNgoiCEoBUCIgPgEkDUg
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-12.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
d3b5d5a5e54e8b2b03d7fc1842a68411a0b5eb2997a48889404116891c128773

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1206
content-type
text/html
date
Wed, 24 Aug 2022 00:20:18 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-id
-uh8tT242seP5d6gmRDYgksLuIg4tNmeSuypuifLIRs_IH0cwDxgOw==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
MT98A2kgLDVecmFudwN8YGh1A3dgbHg
yrecomemu.one/UFhBMk9/ZyJBcgQQD3sePAJkAAkCEDUCFRgOBFQHAjAlZysnOwYGaSQxJQ92Y2B2A392KChWcmF+MkYuJC0yD352MS9UIG1+Nw9+fmt1HH1odnEUOm1pZ0Y/ Frame 34B5 		0
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/UFhBMk9/ZyJBcgQQD3sePAJkAAkCEDUCFRgOBFQHAjAlZysnOwYGaSQxJQ92Y2B2A392KChWcmF+MkYuJC0yD352MS9UIG1+Nw9+fmt1HH1odnEUOm1pZ0Y/MT98A2kgLDVecmFudwN8YGh1A3dgbHg
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNnMubouqriIvrr0ZSWSEtCWi1fD5Sb2QfvY5znJODhBHIL1EN2A%2FUn2pXuGD2X5C8dWYat8b3on1oWItVYpEgwTuagjYEEUiLCQZ%2BvVsnJsRjjXuEBbiyVFTP%2BsASLmaZbaYKD1L9IWuIqV"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebdd2d6b9a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ Frame 34B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ Frame 34B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ Frame 34B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
cFExMWpfblJCVyZif3cwQGhcYCImN1R2UzIyZ1VTKQRjCTwoZRdFAxRsCAJSR2AAFxoZNQwAUlYiRVAeBSIMAEwZP1deV1YnDABEQH8AH1hWJAwATAQhUFZXQXdBRR4cbAAHXEFiAQFeQWkBCVk
yrecomemu.one/ Frame 34B5 		0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/cFExMWpfblJCVyZif3cwQGhcYCImN1R2UzIyZ1VTKQRjCTwoZRdFAxRsCAJSR2AAFxoZNQwAUlYiRVAeBSIMAEwZP1deV1YnDABEQH8AH1hWJAwATAQhUFZXQXdBRR4cbAAHXEFiAQFeQWkBCVk
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwe%2BL8t89wusX1vD8jsrh%2BCZQAVpFWM8ten4e%2BBxBbqkoSuQW3lmn3vZk93hv9PBTIQLRR%2BwHABY6V48yyIhEMdVHGyAJfkEDxqwEqzMOW4fQlAayhlmkt8Sm2ZjcLFaycplG%2FTk3gIdsQgf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebdd2d6c9a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ut.js
befirstcdn.com/script/ Frame 34B5 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://befirstcdn.com/script/ut.js?cb=1661300418110
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/yzfdmoan.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:970c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1383d51b30333aaba125dd487a5d4ece438a3814d0ab70b21fa0a5c9912054a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
657
x-guploader-uploadid
ADPycduVuON5ECRLjPMfop5GWJJdOCS-Zv3N_NdurMqqSmL3bQ4N_EQD94r9bCkkNKieNpJl14XqR3zWK5VHtb1RT0uuAspVSACM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 17 Aug 2022 09:30:42 GMT
server
cloudflare
etag
W/"ab0cafd148834605cf7b12e4c4444f93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=DCNmfg==, md5=qwyv0UiDRgXPexLkxERPkw==
x-goog-generation
1660728642863135
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
70800
cf-ray
73f7ebdd3b686958-FRA
expires
Wed, 24 Aug 2022 04:20:18 GMT
suurl4.php
youradexchange.com/script/ Frame 34B5 		1015 B
830 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3386031&cbur=0.8253160966808972&cbiframe=1&cbWidth=760&cbHeight=460&cbtitle=&cbpage=https%3A%2F%2Fwww.tutele.nl%2Fonline.php%3Fa%3D4943&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0&chmob=?0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/yzfdmoan.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
f0f8b480573a9741e92f11cb14246fe4174bd530ac02f6d983c64d407384c41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
gzip
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json; charset=utf-8
p
adsco.re/ Frame ADBC 		362 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
f01302c3b34fc6f628fb298524aacfd734e67319d9805b45d1131a8556f2ea8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

AS-P-G
OK
Date
Wed, 24 Aug 2022 00:20:18 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://www.tutele.nl
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
ST8a235f56dea5e1c.m3u8
ed22.zorrohd2.nl/live/ Frame 34B5 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
102058eea1ed1ff5fbfa506a4e4d17634d96a7b55a2348763d8e307b1be47348
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTB0G/MJI0ilXpl8j93cmorGyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Wed, 24 Aug 2022 00:20:07 GMT
Server
nginx/1.18.0
ETag
"63056eb7-55f"
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.tutele.nl
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes, bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
1375
ST8a235f56dea5e1c.m3u8
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c.m3u8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:18 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
aNmtkdThVBAoTB0ICAEgBBVNTRAgQARcaVkZWLzlxAhwxRUBUKVchUBAfHhEFBk0IFFZRVkIQVlVWVVNZUglZQR5CGwseBVcRCRZZQR4KHF0QHgVIVVkRDRlUV05WMw0YW0FHCB4cDRtcWRwXUAoGBRBQCgZaVFsIE1gmUAoGHA0bDgJOVzcdBFscQwwfTl-ZFWUY...
dwr3zytn850g.cloudfront.net/ Frame 84E1 		669 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwr3zytn850g.cloudfront.net/aNmtkdThVBAoTB0ICAEgBBVNTRAgQARcaVkZWLzlxAhwxRUBUKVchUBAfHhEFBk0IFFZRVkIQVlVWVVNZUglZQR5CGwseBVcRCRZZQR4KHF0QHgVIVVkRDRlUV05WMw0YW0FHCB4cDRtcWRwXUAoGBRBQCgZaVFsIE1gmUAoGHA0bDgJOVzcdBFscQwwfTl-ZFWUYbCBBPUwkPHEwTWSJACwFFV0MdBFtMHlBCBghQCnVOVkVUXwABUAoGDAEWU1lCQUcIVQMWGlVTTlYzCQZfSkUWA1pVRxYHW1VQCgYYBRNZRAJBR34DWFNbCwBNEUgJ
Requested by
Host: llassignament.one
URL: https://llassignament.one/bUp5em8MKBoXUAx3G1waHyZEX10rb0s8Cxo4SgAWGSRBT18KZBoWABguHwgAAz5XFAoZb0s8DiMnDRELOSIvOC4CHjtKJi4LPB0tLxw3Lj0sLSg7PQ4rLxE1OgYDFhcsIg4CPTgILDE5DiIsOC4LAhE/KS8hSTMpKxArLAQkGy8WOTocLzQ1OC0VID4/fzo9GB4vOywMPwkrIDU8GE0xJyt6KDIIOwMvLAQ/DisWOjt6TC0iGnogLV8rAjo4Ww4OKw4MOhgOIjosJT44PS8bOh01DBw/CSYoex4XOiwlPjIuXSg9HSUiHAMZCy8MChk+Gj0fLgNAED8tOjQoOjgtPR8OET8lDw4uOD4AODkYKwwvSiIJCD8OIiUmOzktCiIoOQE7BS8ROTgSDjstOAsWPSssDy4vXgEJKC8MJBwoNzgqJi8uOwETAzk+NywqETo6C0gKOT8yIDI4XBwoOQg0EzsoITcYODAtP3lNPjgrBBs5GC8EPC8IJ2wTCQADOkQxIyR+Di9fFSg7STsF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:c:4a6d:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e53d65b859d0257a869a4d8c159c7d1ff6310c12d4a2b72c3a69ed57b6fb7746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
498
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-id
Q-bfqN-UwrvEA-uKmlq5kYo6fU7SinI30QtEdFzNtJyj_TEeu3b9Ow==
STRiVlRmCwElaR8FCjkBJXIJNGU9XztkYT9sJQQ5K1kaBw0OX0QiPS0JW2VsfgVScCQgUF9ncjpAAyIhOglRZmR4Egs4MiYJUmZkeBIUa2VnB1Z4ZnEaUnAhdAVaYWV9AFBlYXkFW2VtfAJEIiQoU19ncjlAFjppeAJUZ2d5BFZnbHsFWg
yrecomemu.one/ Frame 34B5 		0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/STRiVlRmCwElaR8FCjkBJXIJNGU9XztkYT9sJQQ5K1kaBw0OX0QiPS0JW2VsfgVScCQgUF9ncjpAAyIhOglRZmR4Egs4MiYJUmZkeBIUa2VnB1Z4ZnEaUnAhdAVaYWV9AFBlYXkFW2VtfAJEIiQoU19ncjlAFjppeAJUZ2d5BFZnbHsFWg
Requested by
Host: www.tutele.nl
URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mu5uK2ZZrsvIXb%2F3hNF%2Ff15RVJVaAKwMsxZgUdaw7HRlsBk%2FLaCXvf7H6Idu4iupE24qlinvypvwqWGFdAe%2F8%2BbvOXOMNzaUbNp%2Bb1dNHhB7SbOFI97%2FS31mj%2F4mzF3qaDfMwtUcmDqpiMFB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebddede89a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xE.htm
antiadblocksystems.com/ Frame ADBC 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://antiadblocksystems.com/xE.htm?_=BAoAYwVuwgFjBW7CgAGBAsAAILJww8w9VBBYfGOPEmz4YU2Q0vamJ4iqxN33rABxBoYvwQBGMEQCIGjTmGnOaB1vgFM0g8i1vBm1dtGabAo3lcvfLA41VjknAiBauK-2Us5OrPjrb3GfAS4qXcXxRLuZ1Z9ZrBP9m6wivsIAIECCt0_1XsHmyoJqSmX8Vpy0AAlZub06RlP_v0ZKElNHxAAQKgEEoAArAAAAAAAAAAAACMUAEAlYDjRdhkPebhiDLLxKzxPDAEcwRQIgDnqEcW6dzD4KIam6SOFm0dInelnBaoA-1Y-vtPCg9hYCIQCj9-popF65_zK2CJOtmeA1slLXW-2zyMHkdnJHFN80cg&v=4&CJRONKbF=4768999&minBid=&rcsaJDRC=3:1,3:1,0&wnzYHuLU=&JcapuqGT=https%3A%2F%2Fto.xrivonet.info%2F&s=1600,1200,2.11,3376,2532,1
Requested by
Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/bootstrap-markdown-editor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Aug 2022 00:20:18 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
wc204NHEQAlZSTgcEXAlIQFUPBUBVB0tbHwNQfAEfKyR8dTBDS0xOFU5dHlgQHQoFEhQdDgUFVxIJWglFVRhZCRwcF1FYHRJICnJEXV0dBkFbGlFaFRwaSxFDQwNMEUNDXAgaQVZeehFDQxpRWkdHSAt2VEFdQAJFWkgKBBADHVRRBhYPU10FVl9+AUJEQw-sCVEF...
dwr3zytn850g.cloudfront.net/ Frame CF37 		185 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwr3zytn850g.cloudfront.net/wc204NHEQAlZSTgcEXAlIQFUPBUBVB0tbHwNQfAEfKyR8dTBDS0xOFU5dHlgQHQoFEhQdDgUFVxIJWglFVRhZCRwcF1FYHRJICnJEXV0dBkFbGlFaFRwaSxFDQwNMEUNDXAgaQVZeehFDQxpRWkdHSAt2VEFdQAJFWkgKBBADHVRRBhYPU10FVl9+AUJEQw-sCVEFdEF8ZBwBUEUMwSAoEHRoGXRFDQwpdVxocRB0GQRAFSlscFkgKckBDWRYEX0ZcCQZfQl0JEUNDHllSEAEEHQY3Rl4PGkJFS00JQA
Requested by
Host: llassignament.one
URL: https://llassignament.one/ZUx4d0UELhsaegRxGlEwFyBFUncjaUoxIRI+Sw08ESJAQnUCYhsbKhAoHgUqCzhWGSARaUoxMgZ+SEMLLQkpNik/HywQJiAUORsMNAotJwcwDi41dREuMAALNCo5MiMuNSpPITEOPCR1HQM+InABBBQQFC0dFzEADR0cMyIwCi4PDC8bHxsDMx4QLQY3OxsxdCMVMCUPLA8WPQA9GkgTBw4KGjApIy0+JTIEHwAxATQ7NjoAMAI8LwQCLSkhHwApEDEBNDQIJRIOKDAkBBF+LjIDAR05PQMyJx88BycNPD8TNx46Hxw1GUlHAzMgQVJ3Jw0tPQA0O1UEBjMJPhMAI3QiNTInGT0iCBIfORgALR4XMB03CjwmMhUoLg8qBh46RwI0HjkxFgk/GzEuAgcbHAchGyouAD18IhQGNBYeJilVBj0iCyEEFBsWIA09Mg00FUslKVEcPxwPIx9IRw80DV4dNgoiCEoBUCIgPgEkDUg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:c:4a6d:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f77b188ecdae5f5fcff8c42566e5bfeb9a5042d91ac145ea2e21f92a99117700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llassignament.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
182
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-id
AIViQHCoHx2XeeAejSqYpCZ5Nybkh1MwxEWbk8_6hJzRLftpua_S_A==
popunder.gif
yrecomemu.one/ Frame 34B5 		35 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yrecomemu.one/popunder.gif
Requested by
Host: dwr3zytn850g.cloudfront.net
URL: https://dwr3zytn850g.cloudfront.net/?yzrwd=938710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Aug 2022 00:20:18 GMT
cf-cache-status
HIT
last-modified
Sat, 20 Aug 2022 01:16:23 GMT
server
cloudflare
age
342235
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJrVwahzmJT0TSqKEJdOBN8%2B6jY1lG5gNeTwrNvkhciEgwmIvQz1UjXL1YM7RXISUUq4QrKMckweXm%2BJ8LqZy%2BzA0aEqQPJEe%2FwPqoXvQ1Uxf6SSCCMV9LE1Gk2hI3TO%2FRD23Ex6m%2BPvuE9Z"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73f7ebdfa82b9a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
videokey.php
www.tutele.nl/ Frame 34B5 		17 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tutele.nl/videokey.php?e=ed22.zorrohd2&key=ST8a235f56dea5e1c-48.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.149.224.101 , Norway, ASN48357 (K4X, EE),
Reverse DNS
static.91.149.224.101.sibyl.li
Software
nginx /
Resource Hash
0d0a038502b8c69a5ab9d2213497e4d70dd22760f23932a9016271f49785d2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options *

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTB0G/MJI0ilXpl8j93cmorGyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 00:20:18 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
x-frame-options
*
access-control-allow-methods
GET, GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*, *
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Range,Xauth
expires
Thu, 19 Nov 1981 08:52:00 GMT
json
pro.ip-api.com/ Frame 34B5 		166 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
df18df4f2d6d60ed7861cb095766467036971de3e89e79656e93c8c753dab52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 24 Aug 2022 00:20:18 GMT
Content-Length
166
Content-Type
application/json; charset=utf-8
channel
cn.cdnbye.com/v1/ Frame 34B5 		311 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cn.cdnbye.com/v1/channel
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.112.233.92 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
/
Resource Hash
c8adb472899b4a57d4f215e38a3e16694c1cedee01ddc921dc0850473c83a9b4

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 24 Aug 2022 00:20:19 GMT
content-encoding
gzip
content-length
218
vary
Accept-Encoding
content-type
application/json; charset=utf-8
595416d6-8fb8-45a4-81b1-9d54eb2022d8
https://www.tutele.nl/ Frame 34B5 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.tutele.nl/595416d6-8fb8-45a4-81b1-9d54eb2022d8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50d66999181688303f1ce1d08acaec3a9e1fdaabe657f3d78c7013a57ac25e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
62407
Content-Type
text/javascript
ST8a235f56dea5e1c-48.ts
ed22.zorrohd2.nl/live/ Frame 34B5 		596 KB
596 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-48.ts
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e056d567db1bd23c384acf6cdbf0d82fa93fea34ee6918c81a688a0dafe30537
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Wed, 24 Aug 2022 00:18:34 GMT
Server
nginx/1.18.0
ETag
"63056e5a-94f10"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.tutele.nl
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes, bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
610064
ST8a235f56dea5e1c-48.ts
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-48.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:18 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ST8a235f56dea5e1c-48.ts
ed22.zorrohd2.nl/live/ Frame 34B5 		1 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-48.ts
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7da59d0dfbe21f43e842e8afb43e12a6445bbac07c2fc26984c71d0de3f99c9c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range
bytes=0-0

Response headers

Date
Wed, 24 Aug 2022 00:20:18 GMT
Last-Modified
Wed, 24 Aug 2022 00:18:34 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
https://www.tutele.nl
ETag
"63056e5a-94f10"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Content-Range
bytes 0-0/610064
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
1
ST8a235f56dea5e1c-48.ts
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-48.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:18 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ST8a235f56dea5e1c-49.ts
ed22.zorrohd2.nl/live/ Frame 34B5 		531 KB
532 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-49.ts
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb5e5af12882fbb11eedc9bf81a3160c11b050ebc0610e4e6bb7e77d128195ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:19 GMT
Last-Modified
Wed, 24 Aug 2022 00:18:39 GMT
Server
nginx/1.18.0
ETag
"63056e5f-84d50"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.tutele.nl
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes, bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
544080
ST8a235f56dea5e1c-49.ts
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-49.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:18 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ST8a235f56dea5e1c-50.ts
ed22.zorrohd2.nl/live/ Frame 34B5 		583 KB
583 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-50.ts
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
db4ea145c21b3c305747cf4da37247cbe2b00185a89f1e7a3d3538dcf8c2e046
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:19 GMT
Last-Modified
Wed, 24 Aug 2022 00:18:45 GMT
Server
nginx/1.18.0
ETag
"63056e65-91a30"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.tutele.nl
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes, bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
596528
ST8a235f56dea5e1c-50.ts
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-50.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:19 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
cWZ0clNeWRcBbhUxLhodKQIwJxUSJCY3BRQxJTQQIzAuIRckXlIGOhVbTEBlQl5HVCMYAklBYVcVABMnBBVJQGNBU1IbPRcJSUBjQVBEQmZEXlFFEBkSAAIgVFU1V2E3Q0Y0JBQEBBswGksXFj1fFUdcJgJLAxcgBUtGXDIcBw4dPRARB1wwHgtRQBUWAwAeMhgCW...
yrecomemu.one/ 		0
472 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yrecomemu.one/cWZ0clNeWRcBbhUxLhodKQIwJxUSJCY3BRQxJTQQIzAuIRckXlIGOhVbTEBlQl5HVCMYAklBYVcVABMnBBVJQGNBU1IbPRcJSUBjQVBEQmZEXlFFEBkSAAIgVFU1V2E3Q0Y0JBQEBBswGksXFj1fFUdcJgJLAxcgBUtGXDIcBw4dPRARB1wwHgtRQBUWAwAeMhgCWhgjFAFRRRAfExgedkYlQEFmSFdHRGdJVkZHa0lTR0BiQUACT2NfXlpLfUFAAU9iSVFFRmdDVUFCYkhVTUdlVxIEEzRMV1ICJwUKSUNlR1dHQmNFV01LYEg
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://to.xrivonet.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 00:20:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rF3mrVy%2BHEmra5CM1ikP48zbbx8VFaBJ%2FL79lAb%2Bf626bwpD1oMyScehD7ceuLDfHWR729agAeF8IsCI%2BF86mywSMVPCw86%2FVOUPgXe1FB%2FBaFDGINxUdP16p9d72DNH%2BG5fXSGrYz2ombg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73f7ebe8ae779a24-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ 		0
0
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame 5DC3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Requested by
Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=826383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.128.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:21 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
X0NJBPD4P3MXPXZK
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
WRWeG1mpaLBAPxv1psE4fVqj1ctWbwxV/slrQZ+++sS5My7EgOeb5VnoPhH2xAaoAXNgeQFrkdU=
x-amz-meta-s3b-last-modified
20200625T081632Z
truncated
/ Frame 5DC3 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5DC3 		814 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
ST8a235f56dea5e1c-51.ts
ed22.zorrohd2.nl/live/ Frame 34B5 		580 KB
580 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-51.ts
Requested by
Host: cdn.swarmcloud.net
URL: https://cdn.swarmcloud.net/hls-de/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e94d5de585783067d694aa4dfee741d646d3e4aed28ca2a53224def56b6150ec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
xauth
5jnX9+oBu6TjHHZNOB5FK4yfN0o1zNR+cvP4YNmItKGvvJJAFxpaBsDaO0z51F3Uqc7iOKwuwobmfNe3epleNGhBuJuC1r9x5znS4YOaxpZiKh9KkfSDtKd+yYQ3bYhZTqrGB5Rl9zuuYMyPyUHo7BlTgnorTAsvVNRb6/5wgg11mqrOCWEUr2i81l0OXVQMM0G3z+M/AwBY7YeYoqsd6fHh17oMt2KKvOVfbUIFEMvLDn4I+lhCN11URAfBJNe8kgzvu67IlEQwf/7/gYslAm/p5+dTnV0cPoY1HmpRuaETMlV4gZhMKxcqq8m+eO/VuUTKwHN0Qa7zHtClEKMRTC7zNV1b7D7iAivK92qNgouyZC0zkMLpKQ08ZoMTC33Z
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 00:20:21 GMT
Last-Modified
Wed, 24 Aug 2022 00:18:50 GMT
Server
nginx/1.18.0
ETag
"63056e6a-90f30"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.tutele.nl
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes, bytes
Access-Control-Allow-Headers
Range,Xauth
Content-Length
593712
ST8a235f56dea5e1c-51.ts
ed22.zorrohd2.nl/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ed22.zorrohd2.nl/live/ST8a235f56dea5e1c-51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.209.15.184 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
xauth
Access-Control-Request-Method
GET
Origin
https://www.tutele.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers
Range,Xauth
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Wed, 24 Aug 2022 00:20:21 GMT
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.adnetworkperformance.com
URL
http://www.adnetworkperformance.com/a/display.php?r=404241
Domain
widgets.amung.us
URL
http://widgets.amung.us/colored.js
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| jstiming function| tickAboveFold object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| a number| b string| e string| f number| g function| h string| k object| atOptions number| LAST_CORRECT_EVENT_TIME object| utr_622073 number| userTrackingInterval number| _2904221654 object| win number| _2752405763 function| fa number| _2925012899 number| iinf object| adcashMacros object| zoneSett object| urls object| _0xb170 function| acPrefetch object| CTABPu object| _pop object| ___gcfg object| closure_lm_960960 function| ufpAttach object| CTAMAT number| delay object| adcashUfp object| detectZoom object| iframe object| where boolean| punderminipop object| _pao object| _wau function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogListView function| _ContactFormView function| _CustomSearchView function| _ExampleView function| _FeaturedPostView function| _BlogView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _GadgetView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _NewsBarView function| _PageListView function| _PlusBadgeView function| _PlusFollowersView function| _PlusOneView function| _PlusPostsView function| _PollView function| _PopularPostsView function| _ProfileView function| _SlideshowView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _VideoBarView function| _WikipediaView object| gapi object| ___jsl object| ___gu string| blogger_templates_experiment_id string| blogger_blog_id function| __gjsload__ function| AdscoreInit object| pako string| txt function| ed number| t string| property number| r string| bt object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| Cnac object| stamat function| NqPnfu9723221102457873 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _adas_v211fa function| jonIUBFjnvJDNvluc0.9176869953846774 number| refS

14 Cookies

Domain/Path Name / Value
.xrivonet.info/ Name: _ga
Value: GA1.2.1047703820.1661300416
.xrivonet.info/ Name: _gid
Value: GA1.2.96742189.1661300416
.xrivonet.info/ Name: _gat_gtag_UA_153096092_1
Value: 1
ligninenchant.com/ Name: GL_UI4
Value: eJw9jVtugzAQRSHm0SgFdSQW0CWYBBD5rLqIfqLBnhA34ImMG9Td16rUft2j%2B9CNomhXlRA%2FMgHiC1t4bXvZnI819vqkumY8dij7k2olou7als6wN%2BvgcZzJJ%2FA8kSVn1KBYUwEvIfpzbpY3m0A6OrS6gHQJjbmAfHS8reQqAYnFhSB7vzoOmi74yQ5ELZvAxgaOJex4rUS5h%2FzDWB2G5QF2tSyLLILDfUZ%2FYbcMRmcxpJNDTRC%2FwZNCTxO7b8g1rTfPdwCe9fDf%2F%2F0VWy0h0%2FQwKpyzv5L7ATxwSl8%3D
ligninenchant.com/ Name: GL_GI10
Value: eJxNjMFKw0AURdOJjkZr5UJx7Q8kIBLQrbboqgs3XQ7T9DUZNPOGmacYv97Ygrq7nMs5WZap%2BQzKBZzd3VT3dVVXtzXylhhqscS04XcvcTDe9oSTJ4q99QN0pNaxh1qtcX7YpuEt4XixLP%2BxvXW14ijd9UvnPJVrShI6%2B%2BYsjhonA4pnK%2BJ8Sx7FDzh0pmPn78hdCrh45Ejlg21eN%2BwJhScxKRBtUYxP4GiFMPul%2B47OceqSCZE%2FBz3Bpbievkbb8G6XSLTC5EOrb%2Br8T%2BQ%3D
.mgid.com/ Name: __cf_bm
Value: 9XcVPJ_aDn4h9Bvc6Tu45.htF.tBWgDpMK60_BttdkU-1661300416-0-AXGu5AYNh1mZjGeQdSUIUw6wIccwQgApVdscBQwEILvgdPDj07lj/ATlmRRDEWCRgT9EDxWUd2EoiuWx3cPtD3k=
to.xrivonet.info/ Name: a
Value: rXh5lhrdWOvTy1X8tgFnQMSQGKsDBEzS
to.xrivonet.info/ Name: adcashufpv3
Value: 16976036221150852470440574041
www.tutele.nl/ Name: a
Value: lJ7P5bIyJfoJESeNSd1eIdaw04534x94
to.xrivonet.info/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYwVuwQFjBW7BgAGBAsAAIAuUSBAQYQxt9t87OeOiYJ_yFkN0waLPF8b-vWm0ExFjwQBGMEQCIEFuUKalqN-OWcCYT78DYPxGRnXL5yKivvVTdBon7fP0AiA56aPxm_HpgK1vkAWDDRGi84K5yg08eGSQOYlgdknzD8IAIG0CYxCvU_N070ml66vZy864Q7a6CTvbLiXo6pvNwjvfxAAQKgEEoAArAAAAAAAAAAAACMUAEJGxikdD6Zox0l12dYCUgM_DAEcwRQIhALB01G0h0ZuyLhzLK1SCQeKvwKP5YfmmSr5Ks6itilmxAiA33gmpetC6KV2kjZPTSnZKpJsEZrc-YaRdop99DQ3wvA
to.xrivonet.info/ Name: _popprepop
Value: 1
freychang.fun/ Name: csu
Value: 1871442350193956@2@1661300416
www.tutele.nl/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYwVuwgFjBW7CgAGBAsAAILJww8w9VBBYfGOPEmz4YU2Q0vamJ4iqxN33rABxBoYvwQBGMEQCIGjTmGnOaB1vgFM0g8i1vBm1dtGabAo3lcvfLA41VjknAiBauK-2Us5OrPjrb3GfAS4qXcXxRLuZ1Z9ZrBP9m6wivsIAIECCt0_1XsHmyoJqSmX8Vpy0AAlZub06RlP_v0ZKElNHxAAQKgEEoAArAAAAAAAAAAAACMUAEAlYDjRdhkPebhiDLLxKzxPDAEcwRQIgDnqEcW6dzD4KIam6SOFm0dInelnBaoA-1Y-vtPCg9hYCIQCj9-popF65_zK2CJOtmeA1slLXW-2zyMHkdnJHFN80cg
st.chatango.com/ Name: session_id
Value: 7764266854547568

15 Console Messages

Source Level URL
Text
javascript warning URL: https://to.xrivonet.info/universo.html(Line 912)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://to.xrivonet.info/universo.html(Line 912)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://pl164625.pvclouds.com/61/b9/67/61b9671524e2ca246e7898cf092e4832.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security error URL: https://to.xrivonet.info/universo.html
Message:
Mixed Content: The page at 'https://to.xrivonet.info/universo.html' was loaded over HTTPS, but requested an insecure script 'http://www.adnetworkperformance.com/a/display.php?r=404241'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://to.xrivonet.info/universo.html(Line 1157)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://to.xrivonet.info/universo.html(Line 1157)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security error URL: https://to.xrivonet.info/universo.html(Line 1203)
Message:
Mixed Content: The page at 'https://to.xrivonet.info/universo.html' was loaded over HTTPS, but requested an insecure script 'http://widgets.amung.us/colored.js'. This request has been blocked; the content must be served over HTTPS.
other error URL: https://www.tutele.nl/online.php?a=4943
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://www.tutele.nl/': '*' is not a recognized directive. The header will be ignored.
rendering warning URL: https://st.chatango.com/h5/gz/r0817221641/id.html(Line 4)
Message:
The key "target-densitydpi" is not supported.
other error URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://www.tutele.nl/': '*' is not a recognized directive. The header will be ignored.
rendering warning URL: https://www.tutele.nl/embed.php?&a=4943&s=oemspbvbhve96etg68otefedi4&ip=81.95.5.35&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F104.0.5112.101+Safari%2F537.36&referer=https%3A%2F%2Fto.xrivonet.info%2F(Line 23)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
javascript warning URL: https://c.adsco.re/(Line 55)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://c.adsco.re/(Line 55)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
4qcrqctvqdi8.l4.adsco.re
4qcrqctvqdi8.n4.adsco.re
4qcrqctvqdi8.s4.adsco.re
6.adsco.re
acacdn.com
accounts.google.com
adsco.re
antiadblocksystems.com
apis.google.com
befirstcdn.com
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
cdn.swarmcloud.net
cdn.taboola.com
celeritascdn.com
cn.cdnbye.com
d141wsrw9m4as6.cloudfront.net
dwr3zytn850g.cloudfront.net
ed22.zorrohd2.nl
freychang.fun
ihavelearnat.xyz
img1.blogblog.com
jsc.mgid.com
ligninenchant.com
llassignament.one
onclickgenius.com
pl164625.pvclouds.com
pro.ip-api.com
sb.scorecardresearch.com
serve.popads.net
st.chatango.com
to.xrivonet.info
ufpcdn.com
ust.chatango.com
utfgb3ti6mif.l4.adsco.re
utfgb3ti6mif.n4.adsco.re
utfgb3ti6mif.s4.adsco.re
webpick-cdn.s3.us-west-2.amazonaws.com
widgets.amung.us
www.adnetworkperformance.com
www.antiadblocksystems.com
www.bcloudhost.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tutele.nl
youradexchange.com
yrecomemu.one
4.adsco.re
6.adsco.re
webpick-cdn.s3.us-west-2.amazonaws.com
widgets.amung.us
www.adnetworkperformance.com
104.19.136.78
13.32.110.12
138.199.37.226
143.204.215.7
151.101.65.44
162.252.214.5
18.66.97.112
185.200.116.90
185.200.118.90
185.209.15.184
192.243.59.13
192.243.59.20
193.112.233.92
208.93.230.22
208.95.113.2
216.21.13.10
23.109.248.131
2600:9000:223c:3800:c:4a6d:9800:21
2606:4700:3030::6815:2dcf
2606:4700:3030::6815:2ed2
2606:4700:3033::6815:35e1
2606:4700:3037::ac43:c04d
2606:4700::6810:5714
2606:4700::6810:5b06
2606:4700::6811:970c
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:809::200d
2a00:1450:4001:811::2009
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a02:6ea0:c700::17
2a02:6ea0:c700::18
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::9
35.190.41.116
35.190.71.96
38.132.109.186
51.77.64.70
52.218.128.129
65.9.58.150
91.149.224.101
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
05cfeecca96c97e0d3f0106989942e329e2d69591925e0ca99fef0aee32ceee9
07dde3a5822a5cc0a1fa868d443d17cc070cfcf86f0b6a897a5698b77af47eec
0d0a038502b8c69a5ab9d2213497e4d70dd22760f23932a9016271f49785d2cc
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c
102058eea1ed1ff5fbfa506a4e4d17634d96a7b55a2348763d8e307b1be47348
1219c5bc5a69a4867c8e905b834596a3b2b30000b69147cb7aec859043f7d91b
1383d51b30333aaba125dd487a5d4ece438a3814d0ab70b21fa0a5c9912054a6
15116d7519b09dd81dc87a09b5f8ef5108ef98c0aba3a475991e78d45ca03aa5
1cf72d05900f36c0b66dfe870f2c0fe51a62e34ee17fdcebf2d0a52b0b413315
1e701247f89808a37ebab306d5eda89e46c08678586bc37d48ef93f05178a6b9
24fd67b01124b3d4b89c7511b03e916a0a11ef91dc3790615c0d5814625277c1
27f48b0a1a5390d4da6cba02ad516da028a3f00a2f4c7c813ebc7f3de38b3cc2
29edb89f7b40f0c87cbbfd0b6079a11e461ee20a2639a45fdca31f5ade5eb349
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
33267c5eced7d4aee4a28cbc4f748207a6e09683561a7154288a40ad6b8cd856
3e1e0436ba269f439962b9d0323676f6a564016d3013264604b09c70050a42be
4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90
4ce1e5427d15be50d50e0e14c06a81e40eda36549ebaaf6c06c51c2b866e7387
4eb77488e35219dfd6a406128cc5af6f611396451ecebdaf73f305a3ea56a5b2
50d66999181688303f1ce1d08acaec3a9e1fdaabe657f3d78c7013a57ac25e51
523a688a11c4c7103b7d3a94cefa2aa7b118f4e9d02be307545b9603f3401707
52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702
54660548e27ae957e12348e09515b27205a3ad6ed66cc81ec2cda7d9f149d7dc
5da048e4409443b39a10c99304c14a5f2f5a58bc234a870f814ad0ce583f6129
68b5cfa150dfc2d70fdf90212ec8bf76d051fcb3a65668d5273bba114434710c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7
759b68db71b5807635aafa401d8e1b4633d563007c7787e1ef3fef4c9721afc2
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c
7da59d0dfbe21f43e842e8afb43e12a6445bbac07c2fc26984c71d0de3f99c9c
8291857c99303ad61ef0e37f03e2b8c2bb4403e20284c4f24d7e7b9b5ba4e337
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84873562689d2fc2a0c74180234ec825609747ce151ca8b2d6381405477f5069
8d8490132ff0266970e73fa01ecf0f4b16dbb384c6b4d66a85338db6e769f73f
8fbdf298344f4a01a3f7250d2e01fae9277d70e1ef073d5aa5f7eadd00bd6ed3
9119b80a2e8751adc2da10e7886c3cd8d1756a554c886ce58186b0d8583c75bf
93acf2aa28a9d6056e2a2984e4512b64c434d19ea7639715fea24ebbfc2488a5
95db5e0f52d1d89a1c17733e005452f61c10c4b351a8737b7730fbf68dc3cd8e
9a6aae3e41a6f40e1391002e0a25dffa6efce5aad4810b5ac9b4b1a5abe47b96
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a17e575c8bdd5f930ede0a0c84723dfbef00a1ceaee6a45499a9c64de2d2566c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2bb5dbd031bc524572d086e58eb77ccc9ca729c388f4b8a9dec157b54641d0e
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
a9b64aeb83b069d034bcda24ef8e6b888fe857ca9b0a2fcb6c4a4a8ed16880d1
b1ea9b31cb09c6817be1f977cbd0308676c4824268fa05fbb1fff5151fcae965
b9ea049727fcd50d491e3af6bbe4bfcde271c337e66332c06c2a2065e7177f6b
bbbdcca1fe8467beccce208ada36465a6208141fffbf292fb5346102713c000b
c579e9ff7aee014e956c09de99742acd825512d56a2f7811f7dc5377c59c2bc4
c8adb472899b4a57d4f215e38a3e16694c1cedee01ddc921dc0850473c83a9b4
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d3b5d5a5e54e8b2b03d7fc1842a68411a0b5eb2997a48889404116891c128773
d5c7ac4a855e9f3fb7029942354d2da2d7d8d2102ed23586e45a6d3278a28439
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
db4ea145c21b3c305747cf4da37247cbe2b00185a89f1e7a3d3538dcf8c2e046
df18df4f2d6d60ed7861cb095766467036971de3e89e79656e93c8c753dab52c
df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963
e056d567db1bd23c384acf6cdbf0d82fa93fea34ee6918c81a688a0dafe30537
e33da19621bea563a2c3f6279b95e5c67d80c7d9c5aed09bc286ee6a02ef5c62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53d65b859d0257a869a4d8c159c7d1ff6310c12d4a2b72c3a69ed57b6fb7746
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
e8a366b149309814d0a671918c4b7950003af3deb7a7a6ec4a3612d5ff3ee76d
e94d5de585783067d694aa4dfee741d646d3e4aed28ca2a53224def56b6150ec
eb5e5af12882fbb11eedc9bf81a3160c11b050ebc0610e4e6bb7e77d128195ed
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f01302c3b34fc6f628fb298524aacfd734e67319d9805b45d1131a8556f2ea8a
f0f8b480573a9741e92f11cb14246fe4174bd530ac02f6d983c64d407384c41f
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f1e7af110eade94625013d4f28b2dc4a30b5c10d4a7802baf766b68f473c27af
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f77b188ecdae5f5fcff8c42566e5bfeb9a5042d91ac145ea2e21f92a99117700
fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a
ffcfc7fb265d4d6beac3c2bad5f4c09aa3fa2fb2d6fb85c3dda8bd3962dc5adf