urlscan.io logo urlscan.io
SecurityTrails logo

sportes.pw Open in urlscan Pro
2606:4700:3031::6815:301a  Public Scan

Go To Rescan Add Verdict Report
URL: https://sportes.pw/stream4.php
Submission: On August 17 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3031::6815:301a, located in United States and belongs to CLOUDFLARENET, US. The main domain is sportes.pw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2021. Valid for: a year.
This is the only time sportes.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.101.7 16509 (AMAZON-02)
2 192.243.59.12 39572 (ADVANCEDH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 67.202.114.214 32748 (STEADFAST)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 104.21.64.141 13335 (CLOUDFLAR...)
3 35.190.89.200 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 192.99.8.28 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.190.71.96 15169 (GOOGLE)
36 20
8    2606:4700:3031::6815:301a (United States)

ASN13335 (CLOUDFLARENET, US)
sportes.pw
1    143.204.101.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-7.fra50.r.cloudfront.net
d2va1d0hpla18n.cloudfront.net
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
easierblushingpicky.com
2    2606:4700::6811:ac3e (United States)

ASN13335 (CLOUDFLARENET, US)
velocecdn.com
1    2606:4700:3036::6815:131f (United States)

ASN13335 (CLOUDFLARENET, US)
moneymakercdn.com
2    67.202.114.214 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
3    104.21.64.141 (United States)

ASN13335 (CLOUDFLARENET, US)
ragnarp.net
3    35.190.89.200 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 200.89.190.35.bc.googleusercontent.com
www.megdexchange.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.28 (Niagara Falls, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
1    2606:4700:3034::ac43:b683 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3037::ac43:c9d8 (United States)

ASN13335 (CLOUDFLARENET, US)
asacdn.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    2606:4700:3038::6815:eb72 (United States)

ASN13335 (CLOUDFLARENET, US)
crrepo.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
Domain Requested by
8 sportes.pw sportes.pw
3 www.megdexchange.com sportes.pw
www.megdexchange.com
3 ragnarp.net sportes.pw
ragnarp.net
2 fonts.gstatic.com fonts.googleapis.com
2 asacdn.com ragnarp.net
sportes.pw
2 widgets.amung.us sportes.pw
ragnarp.net
2 whos.amung.us 2 redirects
2 velocecdn.com sportes.pw
velocecdn.com
2 easierblushingpicky.com sportes.pw
1 onclickgenius.com sportes.pw
1 crrepo.com www.megdexchange.com
1 ufpcdn.com sportes.pw
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ragnarp.net
1 www.googletagmanager.com ragnarp.net
1 cdn.jsdelivr.net ragnarp.net
1 swarm.video ragnarp.net
1 s4.histats.com s10.histats.com
1 s10.histats.com sportes.pw
1 moneymakercdn.com sportes.pw
1 d2va1d0hpla18n.cloudfront.net sportes.pw
36 21

This site contains links to these domains. Also see Links.

Domain
www.jokerlivestream.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-25 -
2022-06-24		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
easierblushingpicky.com
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.ragnarp.net
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
megdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
onclickgenius.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-01-22		 a year crt.sh

This page contains 5 frames:

Primary Page: https://sportes.pw/stream4.php
Frame ID: 3F27E024FDDC16F79D330238689E71A2
Requests: 16 HTTP requests in this frame

Frame: https://sportes.pw/adca.php
Frame ID: 0AC2E3C4152E012035289A8D41F31FD9
Requests: 2 HTTP requests in this frame

Frame: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Frame ID: CD74C2C91B338AD65C3D6A04EE58E653
Requests: 14 HTTP requests in this frame

Frame: https://www.megdexchange.com/ad/display.php?stamat=m%7C%2CgYhIuYjYrB1dAN0dEdHP3xP.ddc%2CZMkKdRAQlkuDbgTABrav5J-q0N7vIEPUHtQG6t4Qjb_D30PxuKUclzzEyKvskfndrIImDtSSIqvpSLFJWMFg2G7yZxqs8u6P8_TJrSp5aIM%2C&cbrandom=0.6367454729754816&cbtitle=Media&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportes.pw%2Fstream4.php
Frame ID: 7DA3D4C304B999183A86A51869DF31D0
Requests: 3 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: C58E107286E43ACAAE846EDBBFB100DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

36
Requests

100 %
HTTPS

62 %
IPv6

19
Domains

21
Subdomains

20
IPs

4
Countries

1048 kB
Transfer

2181 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=81&c=000000ffffff&p=
Request Chain 23
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=5610&c=000000ffffff&p=

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request stream4.php
sportes.pw/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
c5e523f1c61ead5cd33ad271fd5fa2508627d8a4136a641adc736e714fb78e3b

Request headers

:method
GET
:authority
sportes.pw
:scheme
https
:path
/stream4.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.22
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqMaiuO6mYm%2FB9GAz%2FkG4ZBoticoAT2Y985oqEZYOZ0wVz5EtGnZ7a5%2B6dZtI9%2FDk4o7zRKwh45xR%2Fi1yiOKYFfRTmMh0NNy0TGXunWGdHBMutSHA6JC7VssBmU2xQazPy3rtHO2fgTz"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67ff8c54edcf4eb6-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jocker.css
sportes.pw/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/css/jocker.css
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba3ce6398c37e9ebf78de7947be38e3c4538073c8f37f6e96a046715f58b5e42

Request headers

:path
/css/jocker.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sportes.pw
referer
https://sportes.pw/stream4.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/stream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6666944
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Apr 2020 15:32:26 GMT
server
cloudflare
etag
W/"5ea84c8a-881"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4%2BuNICbcajs6arDNLnWbq8Tlet25EL9JhUdtiYJQZ%2BSJhF%2FYJcCo0NJJbQIaIxEIM3sXYSp%2FF4kVrHOjuQqCTo%2FAhIEuHW%2FRm%2BmNzSqkiOl4BOAUhhLSUbo1Not0zChBLfAyCfAj8Ok"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
67ff8c56d99f4e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
sportes.pw/css/ 		1 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/css/style.css
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5193a2edc7711369d5d7bd6755b2482f0000fff890f856f0468104d1dd4d4b

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sportes.pw
referer
https://sportes.pw/stream4.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/stream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6666944
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Apr 2020 15:32:29 GMT
server
cloudflare
etag
W/"5ea84c8d-414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZRsubDXxhfvG4vHAoMQlv6C%2F6ROiB2RLHJOnkK0xXxu3CSTQp7%2FPqhdbtA4m3%2BjbsT5DxuSEGH8jMHQpBn0uVaNGpq6rW8qBUdnTkR7QLhKQx78QsfDGJOMU%2F%2F4oOHlqRvw%2FrF%2B7wTS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
67ff8c56d9a04e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
sportes.pw/vendor/bootstrap/css/ 		124 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917c68894cf24e326db3ccc259b02493e9c25dcecb7103829b9e551264ac2df1

Request headers

:path
/vendor/bootstrap/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
sportes.pw
referer
https://sportes.pw/stream4.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/stream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6666944
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Apr 2020 15:36:19 GMT
server
cloudflare
etag
W/"5ea84d73-1f173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29CJJ0UI4xMJhNXS5CKQfxhBV%2BGrWc4cnG%2FbrHIradJ3fzvQsiuzc2DaAmoMv1Uy7qN9%2FWOxPSCPHDPawlA9G1VXKDiemZc4ABzYmA%2BivnryMelwC7viWjqIJkilg%2Bf9PzOOmSCmjyog"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
67ff8c56d99d4e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
newtab.js
sportes.pw/js/ 		669 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/js/newtab.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3c5706c844012f3dbe84065c0a15de1f08df8152c6ad4ba98bf0c3d5f30ff0

Request headers

:path
/js/newtab.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sportes.pw
referer
https://sportes.pw/stream4.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/stream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6666944
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 28 Apr 2020 15:36:13 GMT
server
cloudflare
etag
W/"5ea84d6d-29d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDzxPPdT28Sv4JFrS9eFotVzn1sKOWdd33QlG86BBJQxbAG6q%2BoWoVDyzgT4CyFNtYwfkuJdkhnJ5fbod5X%2BnNSA9rDznuGak82WdX1ZwFLuYWxUB1RhqHA%2FP8qmkMfB1H1%2BlaaGIW2%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
67ff8c56d9a14e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
d2va1d0hpla18n.cloudfront.net/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2va1d0hpla18n.cloudfront.net/?hdavd=767172
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-7.fra50.r.cloudfront.net
Software
/
Resource Hash
c0fdb7fedda42bfa89256604ed841cb82ddb4631cde1237ed526f6cef076b647

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
21197
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-id
WW4nuuH4kI-ELt8qw0nKI3azk3L2Cd50iiBvhZyHjfePnnPdZ0xSMQ==
ijoker.jpg
sportes.pw/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sportes.pw/img/ijoker.jpg
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1833cb203f004f64c0e8650100879c086c00689f7179163bfdfc1dd577c10eb8

Request headers

:path
/img/ijoker.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sportes.pw
referer
https://sportes.pw/stream4.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/stream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
645333
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21934
last-modified
Tue, 28 Apr 2020 15:36:04 GMT
server
cloudflare
etag
"5ea84d64-55ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJNbFgwk1ekSQ47xm8tzlnxKDhYvztdIaeSbUcZzMFqeXDBygMaPN7VNd%2BADFE%2BaWhFjacegKCuESLPKFTu%2FbVAv3JCk1qvM%2B0PaAD4Mk%2FtNHYlwAmVM6mkrJ7La%2B96bwdQi9EUqbiIT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
67ff8c5a0d2c4e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
b5d5e2cbaa884029b13637009b94e342.js
easierblushingpicky.com/b5/d5/e2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://easierblushingpicky.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Aug 2021 02:42:17 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
suv4.js
velocecdn.com/script/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocecdn.com/script/suv4.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4f1a0503ce1b5d4af73aca74a6a43a4b4f74df633eb78fd4e82c2b212141d8

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180
x-guploader-uploadid
ADPycdvEHCVuC_tq4cg-yGoaDE3UsC1AeW6IYTaMlQ-WkCVLzzao76l4SSl9JWT4wXLb2hW0brf-oPTgik_HmIpGmHE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 12 Jul 2021 09:43:32 GMT
server
cloudflare
etag
W/"d3753c78c5a6f1b3c67615c0261693d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=d/4Prw==, md5=03U8eMWm8bPGdhXAJhaT2Q==
x-goog-generation
1626083012149442
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
23335
cf-ray
67ff8c59d9dd1f35-FRA
expires
Tue, 17 Aug 2021 06:42:17 GMT
suv4.js
moneymakercdn.com/script/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymakercdn.com/script/suv4.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:131f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4f1a0503ce1b5d4af73aca74a6a43a4b4f74df633eb78fd4e82c2b212141d8

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=d/4Prw==, md5=03U8eMWm8bPGdhXAJhaT2Q==
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
335
x-guploader-uploadid
ADPycdsd97Mxu1s-mFz6fQqPSN5qXC_uG3W8oK3unR4pQtKQQwMj_atjpsNv-L25eTVN_eBQH0x2cbEWvNMj8iIi6Hg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 09:43:32 GMT
server
cloudflare
etag
W/"d3753c78c5a6f1b3c67615c0261693d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFLnLeR4SJHAQEGeEKfBMDQpXmLqFwqiHilgHM1ltSMu8RStG%2FkFeqbcPHF1ioi3Ba0T%2BkQ7FC%2B1gGqsR1r9m1bKFtQoJguDcjWitDZMK0krqktvIwhlb2bSCtijxM2HyxxNbpEKRvHBpZNehJSGbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1626083012149442
access-control-allow-origin
*
content-type
text/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
23335
cf-ray
67ff8c5a2c6942d5-FRA
expires
Tue, 17 Aug 2021 02:56:06 GMT
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=81&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=81&c=000000ffffff&p=
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d54ae6c5458dbb8ce7d9c0ce27527cc699c90f2ab1af3933acdf3e1bd537ac

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
cf-cache-status
HIT
server
cloudflare
age
114847
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
67ff8c5c3a364eb0-FRA
expires
Mon, 16 Aug 2021 18:48:10 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=81&c=000000ffffff&p=
date
Tue, 17 Aug 2021 02:42:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
adca.php
sportes.pw/ Frame 0AC2 		445 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sportes.pw/adca.php
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
e01635fa42df5f94fa65b7d7437c8492154aad434f01a243890debe5fc93a7d0

Request headers

:method
GET
:authority
sportes.pw
:scheme
https
:path
/adca.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sportes.pw/stream4.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sportes.pw/stream4.php

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.22
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZEOPapZYlAOF2424O0DymwpNKIMNcAWJ4xipDXVlwL3yMEVmBJ1TJ%2FStp%2FLHeBPFmQGnNQQMogF9z3RcHqujv9cwQzdnIFg8DbN%2Fmcc%2FtN65jlO9cLAG5HBsB8SwFPm9lAmf3uKjL4w"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67ff8c5a0d374e50-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1ey38qdxyr4l58k
ragnarp.net/embed/ Frame CD74 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8dac48ae59f7e607dce485442ad20e80a42d135463d85f65f3e15c9865cea1

Request headers

:method
GET
:authority
ragnarp.net
:scheme
https
:path
/embed/1ey38qdxyr4l58k?skin=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sportes.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sportes.pw/

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
hf1=1; expires=Wed, 18-Aug-2021 02:42:17 GMT; Max-Age=86400; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHeW6GGuWtXEz5vkySjfDGvER9A34gQGMZrDVtRgUkS1j1q%2Fw79pN7FIkL7mYfW6o0NkQMWp8J1xw5RctXWUS%2FLYYcacZGP3QnjhqBKLW7YoetaE9tXJT3ywsU16ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67ff8c5a6a0e0843-CDG
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
b5d5e2cbaa884029b13637009b94e342.js
easierblushingpicky.com/b5/d5/e2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://easierblushingpicky.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Aug 2021 02:42:17 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
butof.png
sportes.pw/img/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sportes.pw/img/butof.png
Requested by
Host: sportes.pw
URL: https://sportes.pw/css/jocker.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:301a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

:path
/img/butof.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sportes.pw
referer
https://sportes.pw/css/jocker.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://sportes.pw/css/jocker.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6666944
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
820
last-modified
Tue, 28 Apr 2020 15:36:00 GMT
server
cloudflare
etag
"5ea84d60-334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPhhgEys479ed6PQLF3jHIqpme9%2BUuhUuayagB4YJTvvWjTOxRUf0bBcKMkkiM0yyDRhlZHs9dhSQea1JBqAvb%2FIYzWTgFIXp4JBhOGcKhymqYnU9xILZ7WStoeZvs43TerSed7o%2FAvD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
67ff8c5a1d3b4e50-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
display.php
www.megdexchange.com/a/ Frame 0AC2 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megdexchange.com/a/display.php?r=2855339
Requested by
Host: sportes.pw
URL: https://sportes.pw/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.89.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
f33b2c0b4e1957bbfef1f306999ed06c7f3d3c127335cef60642ea6665f2f829

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
ut.js
velocecdn.com/script/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocecdn.com/script/ut.js?cb=1629168137400
Requested by
Host: velocecdn.com
URL: https://velocecdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf6bc9029db7260488abfeacf03b3e2bb66c764953cafc832d71c4486248920

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
156
x-guploader-uploadid
ADPycdv_0KZrA8gIeS1La1GuwrdgC3kLs_FvEVN9p3UlznrX4xPd4tWX-yQ4NNpYU_udXTUXqVWhP22RmYLJ7_A3lEYk4dVhcg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 12 Jul 2021 09:43:33 GMT
server
cloudflare
etag
W/"3edfa319ab33348884cb3005dcb7a8b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0HQuQg==, md5=Pt+jGaszNIiEyzAF3Leotw==
x-goog-generation
1626083012903668
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
14322
cf-ray
67ff8c5aba871f35-FRA
expires
Tue, 17 Aug 2021 06:42:17 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:39:57 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
214044609
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1629168137440&@k0&@l1&@mMedia&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:34492284&@b3:1629168137&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fsportes.pw%2Fstream4.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Niagara Falls, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
d81b2197e6e2a61484d851752c3e21665d29ce66a5b8aca18d11af8e7f0180da

Request headers

Referer
https://sportes.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 02:42:17 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
embed.min.css
ragnarp.net/css/ Frame CD74 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/css/embed.min.css?v=0.3
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.64.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5470
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JadrelNWWUoLiTE%2B6q%2BJutvSbamD1TBklsL%2BpocDQNSjbY5sPlaWb8EVtTK7pNSvAiNTrT%2FV3BQWxt5CwB1XNkZPwUTN8J82UfBvMqMlcZZDPzH0tBpchoQALt%2FH6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67ff8c5b395332aa-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.min.js
ragnarp.net/js/ Frame CD74 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/js/jquery.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.64.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
2612
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9Hxy%2BFBd6NhqD7Y3fnjDLoICfvWj6D5RgG2kVk66%2BcQPc5gy5KCnBKY0xdEzZ8DlwZqZiXQ1nAjXnRixiO2hI6Qmjdl9lDrLrW%2BfQswEHUAo2PesJrd7TEM3aSDIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67ff8c5b395432aa-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wigistream.js
swarm.video/ Frame CD74 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3912607
x-powered-by
Express
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 22:53:39 GMT
server
cloudflare
etag
W/"7ee26-17a54d407d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8fg3Cr1yp9DeU%2BALKC3e5e0QgzybZdsWQBrZWtTz3AohKiD8aMSe9FfHBTi40V7pxUO2KmUyTL%2FAW1EYotoWZiQWcce8EYTPOyEIIrljYxkZ%2FfHM2yx%2Fkpfg3M8LQXeQHPAvVmGAAYSGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
67ff8c5b39550605-FRA
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame CD74 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
24926
x-jsd-version
0.3.13
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
141142
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by
cache-fra19136-FRA
x-jsd-version-type
version
date
Tue, 17 Aug 2021 02:42:17 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ Frame CD74 		101 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cb8e5dd4bc10a435d26a732e1e31f56754cdf3648347214c6dab4db79854686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41071
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Aug 2021 02:42:17 GMT
/
widgets.amung.us/draw/ Frame CD74
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=5610&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=5610&c=000000ffffff&p=
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3412f18ad889652096b25735e4ded086b8cb309fee8d631d14661021f6dcfe21

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
cf-cache-status
HIT
server
cloudflare
age
110776
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
67ff8c5c3a394eb0-FRA
expires
Mon, 16 Aug 2021 19:56:01 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=5610&c=000000ffffff&p=
date
Tue, 17 Aug 2021 02:42:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame CD74 		1 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/css/embed.min.css?v=0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 02:41:48 GMT
server
ESF
date
Tue, 17 Aug 2021 02:42:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Aug 2021 02:42:17 GMT
display.php
www.megdexchange.com/ad/ Frame 7DA3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.megdexchange.com/ad/display.php?stamat=m%7C%2CgYhIuYjYrB1dAN0dEdHP3xP.ddc%2CZMkKdRAQlkuDbgTABrav5J-q0N7vIEPUHtQG6t4Qjb_D30PxuKUclzzEyKvskfndrIImDtSSIqvpSLFJWMFg2G7yZxqs8u6P8_TJrSp5aIM%2C&cbrandom=0.6367454729754816&cbtitle=Media&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportes.pw%2Fstream4.php
Requested by
Host: www.megdexchange.com
URL: https://www.megdexchange.com/a/display.php?r=2855339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.89.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e8d604e7eb6434346dcd60a3333be3f9f8ef92c410d661d96c6a8723201be427

Request headers

:method
GET
:authority
www.megdexchange.com
:scheme
https
:path
/ad/display.php?stamat=m%7C%2CgYhIuYjYrB1dAN0dEdHP3xP.ddc%2CZMkKdRAQlkuDbgTABrav5J-q0N7vIEPUHtQG6t4Qjb_D30PxuKUclzzEyKvskfndrIImDtSSIqvpSLFJWMFg2G7yZxqs8u6P8_TJrSp5aIM%2C&cbrandom=0.6367454729754816&cbtitle=Media&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportes.pw%2Fstream4.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sportes.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sportes.pw/

Response headers

server
openresty
date
Tue, 17 Aug 2021 02:42:17 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
link
<//www.megdexchange.com>; rel=dns-prefetch,<//www.megdexchange.com>; rel=preconnect,<//enlisted.net>; rel=dns-prefetch,<//enlisted.net>; rel=preconnect
content-encoding
gzip
via
1.1 google
alt-svc
clear
compatibility.js
asacdn.com/script/ Frame CD74 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/compatibility.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2949
x-guploader-uploadid
ABg5-Uzy1wNDdDHDHJ9qxn8FO-IYxsbVa48z4IrXM0ccJ8cdub-HmhKeA_Jq4l7XjDoq9hgk48wb4MAHcNIb5FxXFuDsyEm6nQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 15 Sep 2020 12:10:32 GMT
server
cloudflare
etag
W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMDbyZoh0oT%2Fa5uMnQkiB6KFwWmXUgmNDFyZ3MJTOZXrrYxBDOdPIJDiKRm6LeOJADkmfQR6E2Ksex045Otsuaqf0bbJG4CZ2k7J1%2FZ1zehCQ%2FOR%2FYWk1vXzGN8mFvl%2FcLIraExh7gGM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600171832181211
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
20647
cf-ray
67ff8c5bfc494321-FRA
expires
Tue, 17 Aug 2021 02:33:14 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame CD74 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ragnarp.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:52 GMT
x-content-type-options
nosniff
age
7765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:52 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame CD74 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ragnarp.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:32:51 GMT
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:32:51 GMT
analytics.js
www.google-analytics.com/ Frame CD74 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3943
date
Tue, 17 Aug 2021 01:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Tue, 17 Aug 2021 03:36:34 GMT
identify.html
ufpcdn.com/script/ Frame C58E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ragnarp.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ragnarp.net/

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=7996cac6878fc5820b75899c68bc8bd81b4f06e4-1629168137-1800-AelQoGW7q+0Ln45y8NgarAWGfzjqZKusmkIo2eD9O02SbAoF0oUUI3fM2XlgXueqdYFwBMHaUZl8Fvy3U6fSPxQ=; path=/; expires=Tue, 17-Aug-21 03:12:17 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WobITEhzaY3N7iYNm5%2BGXb0kEm%2Feq5H%2FgrpsaVwW%2BHcRPgT7mySPEoQjEsMn0XiYQCs0gylvnpE%2FamJB1dAsUQYNkyxDhtc6Rye80Jo0cCKutKnt3oo8gsHXfx2fFmLzjkJg1eyT%2BR3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67ff8c5c4b059778-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
b504704ab69fcb80a3b1b5dd0b0fdd6a_9053.jpg
crrepo.com/extban/267649620/creatives/23312686/ Frame 7DA3 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crrepo.com/extban/267649620/creatives/23312686/b504704ab69fcb80a3b1b5dd0b0fdd6a_9053.jpg
Requested by
Host: www.megdexchange.com
URL: https://www.megdexchange.com/ad/display.php?stamat=m%7C%2CgYhIuYjYrB1dAN0dEdHP3xP.ddc%2CZMkKdRAQlkuDbgTABrav5J-q0N7vIEPUHtQG6t4Qjb_D30PxuKUclzzEyKvskfndrIImDtSSIqvpSLFJWMFg2G7yZxqs8u6P8_TJrSp5aIM%2C&cbrandom=0.6367454729754816&cbtitle=Media&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportes.pw%2Fstream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4efa31e3f02cd9b564c64771e512934a1edbcbb623033228708710308b0113

Request headers

Referer
https://www.megdexchange.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 02:42:17 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 19 Jul 2021 15:45:03 GMT
server
cloudflare
age
2048
etag
W/"60f59dff-7e62b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvU8PUKujyvGgA0Ap2VF39Z5LbtlA0PdRn1JlW2HkD8G76YsLXjk9YxPirtDPGnAFMdQLq60tDZujpkCnP8TY5Dos9Tb7cVKYqbktt%2BXarpoCsB4ZUmESTQIhIwWQ9kCLbxN%2BGoO8K83"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67ff8c5cecec4e31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
suurl.php
onclickgenius.com/script/ Frame CD74 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickgenius.com/script/suurl.php?r=3939411&cbrandom=0.3059026627594401&cbiframe=1&cbWidth=720&cbHeight=405&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
7243b6639ba918e101faa3c80448b1cd76733ade6f6adfe59d02a9f664b419e1

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
chrome.js
asacdn.com/script/ Frame CD74 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asacdn.com/script/chrome.js
Requested by
Host: sportes.pw
URL: https://sportes.pw/stream4.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
date
Tue, 17 Aug 2021 02:42:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1154
x-guploader-uploadid
ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Sep 2020 09:15:29 GMT
server
cloudflare
etag
W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPnU1OZkEZPoiXwSB0S6Ww1oa1zMTWOd%2Fjrk8jEmKl%2FLyaXXtHok2lhffPxT5J4qMxBHkc3fsB5F%2BQA5zJgfPXJMVKw%2B04byBB7%2BMV5Bsf%2BNp%2BI%2BEGo1KjuEpz9pV1FLeGnRR71kgDog"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600074929755781
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
37300
cf-ray
67ff8c5d7c9d1786-FRA
expires
Tue, 17 Aug 2021 02:30:02 GMT
i.php
www.megdexchange.com/script/ Frame 7DA3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megdexchange.com/script/i.php?stamat=m%7C%2C%2CQjdzYhentGU3BU9GH0dEdHP3xP.270%2CZyo5bUdiBwQwKu9ZTvLXP_gapMR49w2w_Bx_b8htXaJ7dx9kqdHGTH9LFbF2g1BUkSJbDnoBdGJ02FRSc8DIqE5AiRhp9vBJJPnU-0qosl1fsuU_ETTvaOYboYtEnxBkRCMtN36VyYHFiMglznZ2qgg80_tnBM9-pdj0dFZwwXpFpvFQNsHUTbns_elbpJsEAbUKmaghoVSS4xqLe4G0bU0UQIjdmowPeJwm3dJp3ZQtrhm8Px3xaM9GwEvfVU4X8dfvJ6HX0TdwsGO8GIUhDExY6qmQPGUYh_FsVj4kkDecMxK5AzGZdL4oT0vQNYqX-_ATP5H9ZJQQSak0iUawb8AY_eI1IkiHUQt1dq1UiD_XQk4mzlIQ2OnWZesmfva599fOJjTUdVu3yanrww0J6VFA5O0o8EH6nVr7MUpQdf0RZZ6fhGFrS3MCbLFOxX3wsOCyBI-eOdyLwqEEmuPyq1kIWWoAq9QZvOU81Jt5HEk%2C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.89.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.89.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.megdexchange.com/ad/display.php?stamat=m%7C%2CgYhIuYjYrB1dAN0dEdHP3xP.ddc%2CZMkKdRAQlkuDbgTABrav5J-q0N7vIEPUHtQG6t4Qjb_D30PxuKUclzzEyKvskfndrIImDtSSIqvpSLFJWMFg2G7yZxqs8u6P8_TJrSp5aIM%2C&cbrandom=0.6367454729754816&cbtitle=Media&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fsportes.pw%2Fstream4.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Aug 2021 02:42:19 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| hide_ads function| createCookie function| readCookie function| newtab function| but object| a5_0x23a7 function| a5_0x3200 function| s2ss817ff boolean| s2ss817 object| _Hasync function| vwu object| a7_0x5b3f function| a7_0x5b23 boolean| utm817 function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

8 Cookies

Domain/Path Name / Value
sportes.pw/ Name: HstCns3681769
Value: 1
sportes.pw/ Name: HstCnv3681769
Value: 1
sportes.pw/ Name: HstPn3681769
Value: 1
sportes.pw/ Name: HstCfa3681769
Value: 1629168137440
sportes.pw/ Name: HstCla3681769
Value: 1629168137440
sportes.pw/ Name: HstPt3681769
Value: 1
.ufpcdn.com/ Name: __cf_bm
Value: 7996cac6878fc5820b75899c68bc8bd81b4f06e4-1629168137-1800-AelQoGW7q+0Ln45y8NgarAWGfzjqZKusmkIo2eD9O02SbAoF0oUUI3fM2XlgXueqdYFwBMHaUZl8Fvy3U6fSPxQ=
sportes.pw/ Name: HstCmu3681769
Value: 1629168137440

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asacdn.com
cdn.jsdelivr.net
crrepo.com
d2va1d0hpla18n.cloudfront.net
easierblushingpicky.com
fonts.googleapis.com
fonts.gstatic.com
moneymakercdn.com
onclickgenius.com
ragnarp.net
s10.histats.com
s4.histats.com
sportes.pw
swarm.video
ufpcdn.com
velocecdn.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
www.megdexchange.com
104.21.64.141
143.204.101.7
192.243.59.12
192.99.8.28
2606:4700:10::6816:4aab
2606:4700:3030::6815:2ed2
2606:4700:3031::6815:301a
2606:4700:3034::ac43:b683
2606:4700:3036::6815:131f
2606:4700:3037::ac43:c9d8
2606:4700:3038::6815:eb72
2606:4700::6811:ac3e
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2008
2a04:4e42:3::485
35.190.71.96
35.190.89.200
46.105.201.240
67.202.114.214
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
07d54ae6c5458dbb8ce7d9c0ce27527cc699c90f2ab1af3933acdf3e1bd537ac
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d
1833cb203f004f64c0e8650100879c086c00689f7179163bfdfc1dd577c10eb8
1c5193a2edc7711369d5d7bd6755b2482f0000fff890f856f0468104d1dd4d4b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3412f18ad889652096b25735e4ded086b8cb309fee8d631d14661021f6dcfe21
3c4f1a0503ce1b5d4af73aca74a6a43a4b4f74df633eb78fd4e82c2b212141d8
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
6a8dac48ae59f7e607dce485442ad20e80a42d135463d85f65f3e15c9865cea1
6cb8e5dd4bc10a435d26a732e1e31f56754cdf3648347214c6dab4db79854686
7243b6639ba918e101faa3c80448b1cd76733ade6f6adfe59d02a9f664b419e1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
917c68894cf24e326db3ccc259b02493e9c25dcecb7103829b9e551264ac2df1
ba3ce6398c37e9ebf78de7947be38e3c4538073c8f37f6e96a046715f58b5e42
c0fdb7fedda42bfa89256604ed841cb82ddb4631cde1237ed526f6cef076b647
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5e523f1c61ead5cd33ad271fd5fa2508627d8a4136a641adc736e714fb78e3b
caf6bc9029db7260488abfeacf03b3e2bb66c764953cafc832d71c4486248920
d81b2197e6e2a61484d851752c3e21665d29ce66a5b8aca18d11af8e7f0180da
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df3c5706c844012f3dbe84065c0a15de1f08df8152c6ad4ba98bf0c3d5f30ff0
e01635fa42df5f94fa65b7d7437c8492154aad434f01a243890debe5fc93a7d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8d604e7eb6434346dcd60a3333be3f9f8ef92c410d661d96c6a8723201be427
ef4efa31e3f02cd9b564c64771e512934a1edbcbb623033228708710308b0113
f33b2c0b4e1957bbfef1f306999ed06c7f3d3c127335cef60642ea6665f2f829
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a