urlscan.io logo urlscan.io
SecurityTrails logo

1.vecdn.pw Open in urlscan Pro
104.21.65.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1.vecdn.pw/ch4.php/
Effective URL: https://1.vecdn.pw/ch4.php/
Submission: On September 12 via manual from NZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 8 countries across 51 domains to perform 152 HTTP transactions. The main IP is 104.21.65.51, located in and belongs to CLOUDFLARENET, US. The main domain is 1.vecdn.pw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2021. Valid for: a year.
This is the only time 1.vecdn.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 104.21.65.51 13335 (CLOUDFLAR...)
12 35.190.65.213 15169 (GOOGLE)
3 172.67.184.236 13335 (CLOUDFLAR...)
3 192.243.59.13 39572 (ADVANCEDH...)
6 6 67.202.94.93 32748 (STEADFAST)
6 172.67.8.141 13335 (CLOUDFLAR...)
9 172.67.151.56 13335 (CLOUDFLAR...)
6 35.190.41.116 15169 (GOOGLE)
3 172.67.182.131 13335 (CLOUDFLAR...)
3 151.101.113.229 54113 (FASTLY)
3 74.125.133.97 15169 (GOOGLE)
3 64.233.184.95 15169 (GOOGLE)
6 173.194.76.94 15169 (GOOGLE)
3 142.250.110.139 15169 (GOOGLE)
3 46.105.201.240 16276 (OVH)
3 192.99.8.28 16276 (OVH)
3 158.69.139.238 16276 (OVH)
6 51.161.15.92 16276 (OVH)
3 99.84.82.35 16509 (AMAZON-02)
3 54.76.25.53 16509 (AMAZON-02)
1 104.16.87.26 13335 (CLOUDFLAR...)
3 13.227.158.67 16509 (AMAZON-02)
10 67.202.105.33 32748 (STEADFAST)
1 13.227.158.11 16509 (AMAZON-02)
3 138.197.56.196 14061 (DIGITALOC...)
4 18 52.30.140.199 16509 (AMAZON-02)
1 5 104.76.200.221 16625 (AKAMAI-AS)
7 7 51.210.112.236 16276 (OVH)
12 14 3.124.210.90 16509 (AMAZON-02)
4 6 74.125.133.155 15169 (GOOGLE)
3 3 46.228.164.13 56396 (AMOBEE)
2 2 185.33.220.241 29990 (ASN-APPNEX)
1 1 52.57.110.162 16509 (AMAZON-02)
1 1 18.158.226.176 16509 (AMAZON-02)
3 4 13.248.242.197 16509 (AMAZON-02)
2 2 185.29.134.248 30419 (MEDIAMATH...)
3 3 151.101.114.49 54113 (FASTLY)
4 4 35.166.113.102 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
3 99.84.82.57 16509 (AMAZON-02)
1 104.21.78.98 13335 (CLOUDFLAR...)
1 104.36.113.23 62713 (AS-PUBMATIC)
4 4 141.95.34.104 16276 (OVH)
2 2 35.227.248.159 15169 (GOOGLE)
1 51.144.7.192 8075 (MICROSOFT...)
1 34.250.89.160 16509 (AMAZON-02)
2 2 52.87.48.29 14618 (AMAZON-AES)
4 4 66.155.71.25 13768 (COGECO-PEER1)
1 35.244.174.68 ()
1 1 64.58.232.179 13649 (ASN-VINS)
1 64.58.232.180 ()
1 1 156.154.202.36 19907 (NEUSTAR-AS6)
1 54.229.143.145 16509 (AMAZON-02)
1 1 34.204.22.100 14618 (AMAZON-AES)
2 2 34.253.137.48 16509 (AMAZON-02)
1 1 199.127.207.182 26120 (RHYTHMONE)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 69.173.144.138 26667 (RUBICONPR...)
1 99.83.181.31 ()
152 41
15    104.21.65.51 (None, )

ASN13335 (CLOUDFLARENET, US)
1.vecdn.pw
12    35.190.65.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.65.190.35.bc.googleusercontent.com
superfastcdn.com
3    172.67.184.236 (United States)

ASN13335 (CLOUDFLARENET, US)
moneymakercdn.com
3    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
asundersimultaneously.com
6    67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
6    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
9    172.67.151.56 (United States)

ASN13335 (CLOUDFLARENET, US)
ragnarp.net
6    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
3    172.67.182.131 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
3    151.101.113.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    74.125.133.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f97.1e100.net
www.googletagmanager.com
3    64.233.184.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f95.1e100.net
fonts.googleapis.com
6    173.194.76.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f94.1e100.net
fonts.gstatic.com
3    142.250.110.139 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f139.1e100.net
www.google-analytics.com
3    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
3    192.99.8.28 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
3    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
e.dtscout.com
6    51.161.15.92 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net
t.dtscout.com
3    99.84.82.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-35.muc50.r.cloudfront.net
get.s-onetag.com
3    54.76.25.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
pd.sharethis.com
1    104.16.87.26 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
3    13.227.158.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-67.muc51.r.cloudfront.net
onetag-geo.s-onetag.com
10    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    13.227.158.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-11.muc51.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
3    138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
18    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
5    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
tags.bluekai.com
7    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
14    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
6    74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net
cm.g.doubleclick.net
3    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com
i.w55c.net
1    18.158.226.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-226-176.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    35.166.113.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-113-102.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    99.84.82.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-57.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    104.21.78.98 (None, )

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
1    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    141.95.34.104 (France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com
id5-sync.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    34.250.89.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-89-160.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.87.48.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-48-29.compute-1.amazonaws.com
aorta.clickagy.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.244.174.68 (None, )

ASN- ()
idsync.rlcdn.com
1    64.58.232.179 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (None, )

ASN- ()
ib.mookie1.com
1    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
1    54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
ml314.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    34.253.137.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-137-48.eu-west-1.compute.amazonaws.com
sync.tidaltv.com
1    199.127.207.182 (United States)

ASN26120 (RHYTHMONE, US)
dt-secure.videohub.tv
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    99.83.181.31 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
Apex Domain
Subdomains		 Transfer
21 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
25 KB
15 vecdn.pw
1.vecdn.pw
33 KB
14 eyeota.net
ps.eyeota.net
8 KB
12 amung.us
whos.amung.us
widgets.amung.us
11 KB
12 superfastcdn.com
superfastcdn.com
229 KB
11 tynt.com
cdn.tynt.com
ic.tynt.com
de.tynt.com
6 KB
9 dtscout.com
e.dtscout.com
t.dtscout.com
29 KB
9 ragnarp.net
ragnarp.net
112 KB
8 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
33 KB
7 onaudience.com
pixel.onaudience.com
3 KB
6 doubleclick.net
cm.g.doubleclick.net
1 KB
6 histats.com
s10.histats.com
s4.histats.com
15 KB
6 gstatic.com
fonts.gstatic.com
137 KB
6 youradexchange.com
youradexchange.com
5 bluekai.com
tags.bluekai.com
2 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 id5-sync.com
id5-sync.com
6 KB
4 demdex.net
dpm.demdex.net
4 KB
4 adsrvr.org
match.adsrvr.org
2 KB
3 everesttech.net
sync-tm.everesttech.net
796 B
3 turn.com
d.turn.com
1 KB
3 dtscdn.com
t.dtscdn.com
1 KB
3 sharethis.com
pd.sharethis.com
264 B
3 google-analytics.com
www.google-analytics.com
58 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 googletagmanager.com
www.googletagmanager.com
121 KB
3 jsdelivr.net
cdn.jsdelivr.net
414 KB
3 swarm.video
swarm.video
383 KB
3 asundersimultaneously.com
asundersimultaneously.com
3 moneymakercdn.com
moneymakercdn.com
24 KB
2 tidaltv.com
sync.tidaltv.com
686 B
2 clickagy.com
aorta.clickagy.com
1 KB
2 tapad.com
pixel.tapad.com
917 B
2 mathtag.com
sync.mathtag.com
1 KB
2 w55c.net
i.w55c.net
pm.w55c.net
2 KB
2 adnxs.com
ib.adnxs.com
2 KB
1 rubiconproject.com
token.rubiconproject.com
214 B
1 adgrx.com
cm.adgrx.com
408 B
1 videohub.tv
dt-secure.videohub.tv
547 B
1 stackadapt.com
sync.srv.stackadapt.com
630 B
1 ml314.com
ml314.com
422 B
1 agkn.com
aa.agkn.com
677 B
1 mookie1.com
ib.mookie1.com
992 B
1 ib-ibi.com
global.ib-ibi.com
513 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 krxd.net
beacon.krxd.net
338 B
1 cintnetworks.com
c.cintnetworks.com
328 B
1 pubmatic.com
image6.pubmatic.com
166 B
1 dtssrv.com
a.dtssrv.com
567 B
1 yahoo.com
cms.analytics.yahoo.com
902 B
0 survata.com Failed
px.surveywall-api.survata.com Failed
152 51
Domain Requested by
15 1.vecdn.pw 1.vecdn.pw
14 ps.eyeota.net 12 redirects 1.vecdn.pw
12 superfastcdn.com 1.vecdn.pw
superfastcdn.com
ragnarp.net
11 bcp.crwdcntrl.net 3 redirects 1.vecdn.pw
tags.crwdcntrl.net
bcp.crwdcntrl.net
9 ragnarp.net 1.vecdn.pw
ragnarp.net
7 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
7 pixel.onaudience.com 7 redirects
7 ic.tynt.com 1.vecdn.pw
6 cm.g.doubleclick.net 4 redirects bcp.crwdcntrl.net
6 t.dtscout.com e.dtscout.com
6 fonts.gstatic.com fonts.googleapis.com
6 youradexchange.com superfastcdn.com
6 widgets.amung.us 1.vecdn.pw
ragnarp.net
6 whos.amung.us 6 redirects
5 tags.bluekai.com 1 redirects 1.vecdn.pw
bcp.crwdcntrl.net
4 pixel-sync.sitescout.com 4 redirects
4 id5-sync.com 4 redirects
4 dpm.demdex.net 4 redirects
4 match.adsrvr.org 3 redirects bcp.crwdcntrl.net
3 de.tynt.com cdn.tynt.com
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 sync-tm.everesttech.net 3 redirects
3 d.turn.com 3 redirects
3 t.dtscdn.com e.dtscout.com
3 onetag-geo.s-onetag.com get.s-onetag.com
3 pd.sharethis.com e.dtscout.com
3 get.s-onetag.com e.dtscout.com
3 e.dtscout.com s4.histats.com
3 s4.histats.com s10.histats.com
3 s10.histats.com 1.vecdn.pw
3 www.google-analytics.com www.googletagmanager.com
3 fonts.googleapis.com ragnarp.net
3 www.googletagmanager.com ragnarp.net
3 cdn.jsdelivr.net ragnarp.net
3 swarm.video ragnarp.net
3 asundersimultaneously.com 1.vecdn.pw
3 moneymakercdn.com 1.vecdn.pw
2 sync.tidaltv.com 2 redirects
2 aorta.clickagy.com 2 redirects
2 pixel.tapad.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ib.adnxs.com 2 redirects
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 token.rubiconproject.com bcp.crwdcntrl.net
1 cm.adgrx.com bcp.crwdcntrl.net
1 dt-secure.videohub.tv 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ml314.com bcp.crwdcntrl.net
1 aa.agkn.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 beacon.krxd.net bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 image6.pubmatic.com bcp.crwdcntrl.net
1 a.dtssrv.com e.dtscout.com
1 cms.analytics.yahoo.com 1 redirects
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 cdn.tynt.com e.dtscout.com
0 px.surveywall-api.survata.com Failed bcp.crwdcntrl.net
152 62

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-13 -
2022-06-12		 a year crt.sh
superfastcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-31 -
2022-08-31		 a year crt.sh
asundersimultaneously.com
R3		 2021-08-26 -
2021-11-24		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.ragnarp.net
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-01		 2 years crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-03		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sharethis.com
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA		 2020-09-21 -
2021-10-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-11-12		 2 years crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh

This page contains 11 frames:

Primary Page: https://1.vecdn.pw/ch4.php/
Frame ID: A747FB01B146AA804B91DDFC4F3710DA
Requests: 35 HTTP requests in this frame

Frame: https://1.vecdn.pw/ch4.php/adca.php
Frame ID: 46C108AC4835F59D51238C3367351EC3
Requests: 21 HTTP requests in this frame

Frame: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Frame ID: D1499D880FF14CE4D31C6D59EC1BB583
Requests: 14 HTTP requests in this frame

Frame: https://1.vecdn.pw/ch4.php/adca.php
Frame ID: BC6C54A498695D8A0D2D913BAB09CC93
Requests: 25 HTTP requests in this frame

Frame: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Frame ID: 7794D93F6B992E7C6B31096AF9F3EFF9
Requests: 14 HTTP requests in this frame

Frame: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Frame ID: 3898C655D881DFE4F7D9510FF6E8FB79
Requests: 14 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401631435572FCEAAF7B53FCC3EF18
Frame ID: F09142A5D79AAA195FF5CA5BE06E4C01
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401631435572B61635CE4ED26C5201
Frame ID: 365CC4B3C8E1F1558A0D5D51D08F45B3
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104016314355729E5B594C15ACE71F82
Frame ID: F74D919422432128ECBD4413139DF974
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 4ADD9808530651BFD59D8FE1412F7255
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Frame ID: D0107F7200BC82EE8D99271973D7188E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Live Footbal Streaming - Live Premier League

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

152
Requests

99 %
HTTPS

0 %
IPv6

51
Domains

62
Subdomains

41
IPs

8
Countries

1638 kB
Transfer

4494 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=2222&c=000000ffffff&p=
Request Chain 17
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=2191&c=000000ffffff&p=
Request Chain 30
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=9236&c=000000ffffff&p=
Request Chain 45
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=9363&c=000000ffffff&p=
Request Chain 51
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=2264&c=000000ffffff&p=
Request Chain 75
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=9157&c=000000ffffff&p=
Request Chain 102
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
Request Chain 104
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401631435572B61635CE4ED26C5201 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDlK_dBUIC6frMWYODacGNQ&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4150594769817729154&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D3%2526dc_mr%253D5%2526dc_orig%253D3b2cb90%2526%2526referrer_pid%253D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?uid=8246603711012135140&bid=2cr76e1&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=h0ffZEGM1MpkUZ5&newuser=1&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=a646be3d-891d-40a3-904e-1e9ec5f350f4&bid=1e2n4ou
Request Chain 105
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
Request Chain 106
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401631435572B61635CE4ED26C5201 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEPlyafHGZCtF0oWC7aln100&google_cver=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=8751613d-bb35-4c00-9733-3cfa91c8ba23&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90&_test=YT27NQAA6yjUTQAR HTTP 302
  • https://ps.eyeota.net/match?uid=YT27NQAA6yjUTQAR&bid=0rijhbu&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YT27NQAA6yjUTQAR HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17bd92346f4-49950000010f4926&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17bd92346f4-49950000010f4926&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=57554028644765051760306204747205370567&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-4t.50GxE2pVlnzAPXWGqavOjfdhyYWXgOrE-~A
Request Chain 111
  • https://pixel.onaudience.com/?partner=137085098&mapped=104016314355729E5B594C15ACE71F82 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=a646be3d-891d-40a3-904e-1e9ec5f350f4&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=e5739dd09b481174
Request Chain 127
  • https://id5-sync.com/s/19/9.gif?puid=73fff4e66fddc479a75143a199faf5ee&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=73fff4e66fddc479a75143a199faf5ee&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=c9d13052ea7b69463b4ccb8060082703&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/7/3.gif?puid=4150594769817729154&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NzNmZmY0ZTY2ZmRkYzQ3OWE3NTE0M2ExOTlmYWY1ZWU&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g
Request Chain 129
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=73fff4e66fddc479a75143a199faf5ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=73fff4e66fddc479a75143a199faf5ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=da6cb5f5-0682-4c6f-b234-21b1cefc7baa
Request Chain 131
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=73fff4e66fddc479a75143a199faf5ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=73fff4e66fddc479a75143a199faf5ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=58423148095857826013076891046712673700
Request Chain 134
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=73fff4e66fddc479a75143a199faf5ee HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
Request Chain 135
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee
Request Chain 136
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205030403907007254577
Request Chain 138
  • https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d1557d4a-2878-432d-78db-59f6f13681c9$ip$216.131.114.210
Request Chain 139
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=d5020d3a-b460-4797-a58d-44a0d03ef565?gdpr=1&gdpr_consent=
Request Chain 140
  • https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-112f071048e617ad760a6d6fb1de4a07
Request Chain 142
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8751613d-bb35-4c00-9733-3cfa91c8ba23
Request Chain 143
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
Request Chain 145
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT27NQAA6yjUTQAR
Request Chain 148
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/73fff4e66fddc479a75143a199faf5ee/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4150594769817729154

152 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1.vecdn.pw/ch4.php/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
3a3e2bd9cccf66803de91ee78952f44018f83634f1483842cf3d66dbe3acb359

Request headers

:method
GET
:authority
1.vecdn.pw
:scheme
https
:path
/ch4.php/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.22
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDMAbQPZfGvLHzc7tA%2FuKT2%2FwQrXSZfydF8KQ%2BXlz0hAtN7wzI%2FQT4XKX4kIEXZtm8hRYIwp%2B83DeVESpOkgQ4zYO5AIpmX5qeLI8hEUXWzCAHG0kH7pyB5UzOwN"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c99db88d411f-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
1.vecdn.pw/css/ 		1 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/style.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2649919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 05 Jan 2020 09:02:10 GMT
server
cloudflare
etag
W/"5e11a612-414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdOuzKl1s0ap0PKDxSSOu8vy%2BmPpFHpS1wbfmBe%2BCViL9kF1RocOz2lnJOlZwq1CVobUnDsijgn4zTi9cu%2FgS2P0fLpc6zZOJKgBoy1QzBSYSyqn8zfZkM1bgpu%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c99fbb26411f-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
1.vecdn.pw/css/ 		1 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/custom.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ae5cd4652705937c46802a60f15261729446c0abe6a9571936953c912cb108

Request headers

:path
/css/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 18 Apr 2021 06:10:23 GMT
server
cloudflare
etag
W/"607bcd4f-4cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdjAtdmTuacwVS%2BVvq0aq9cdrHyZTFRAFFmQi7kqYIb2wU%2BNUQTj2LwAbNdOgcmMzhPCprvwBtKkBSpCsVpEUlYgws8f%2FnP9TCWsBxwfOeR5HmkDtZb%2F6zazj3ZA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c99fbb29411f-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
su.js
superfastcdn.com/script/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2983
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
suv4.js
moneymakercdn.com/script/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymakercdn.com/script/suv4.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.184.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07951d4a0d7641967a1305c9e5e9a1cf7383ea3d2a18b2d32730407c81a792d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=6t15gQ==, md5=GbslUxLbD0mYjseiuedLhQ==
date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157
x-guploader-uploadid
ADPycdsPXsB9nV1qwSlp_4l1z9w9n4x7v7MRvyhecYXmFVpwZ8GMlnC_KopwXwHK_4GVfoE8sJxe58KQOOcy07PrM4vrjP08fQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
cloudflare
etag
W/"19bb255312db0f49988ec7a2b9e74b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GA1RtlU9q89JSuGifbDtt07lex5%2FOXkEVps7zQq8IC2NH9O3jZ4ZAEWYfSHBwNy%2B2%2Fyi%2F9gsqpJApUbjWbSjYSlaLi%2Fv0CQrwFfuoSVaPwaoxGsxJiol7MyBur5Gjq7nhyeeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1631274101556599
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
23757
cf-ray
68d7c9a01d3c0625-FRA
expires
Sun, 12 Sep 2021 08:38:53 GMT
b5d5e2cbaa884029b13637009b94e342.js
asundersimultaneously.com/b5/d5/e2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=2222&c=000000ffffff&p=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=2222&c=000000ffffff&p=
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859e41f143b75fbae625309029b18c8df3ef7e67b200e2c831c83fad0c2515f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Sep 2021 08:32:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a25e60f9d6-PRG
expires
Mon, 13 Sep 2021 08:32:51 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=2222&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
adca.php
1.vecdn.pw/ch4.php/ Frame 46C1 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/ch4.php/adca.php
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
eb865b46d21998f31a31ac86e504fb03872bdfc20f25b34992d8a18e6eebb969

Request headers

:method
GET
:authority
1.vecdn.pw
:scheme
https
:path
/ch4.php/adca.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/ch4.php/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.22
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5W43RtSxId0hs4jMa7eIqCKBBhx4XUIiPlRj4UX29QMHLe%2Fyno6YTAoMvUyGliQyNXZnajrRYM7AgcCHZRyKafHLQEfrJZr6nJvRjo80HjtjeN1Qn8CdQUhUns6"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c99fbb2c411f-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1ey38qdxyr4l58k
ragnarp.net/embed/ Frame D149 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d380138be7c6a161b2968fa49b5025beec93c0bc6ef305184ee4b1fa0b47b7

Request headers

:method
GET
:authority
ragnarp.net
:scheme
https
:path
/embed/1ey38qdxyr4l58k?skin=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-type
text/html; charset=UTF-8
set-cookie
hf1=1; expires=Mon, 13-Sep-2021 08:32:51 GMT; Max-Age=86400; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0GxDXGb%2FHRNgI%2BxchG3w%2BntE2G%2BrNoDYF5Eq2cimbv0tjh3lxyCmZk4fqvdbAMM82Ncd%2FRVyJpBCC47udLlQ%2BzXNfVBcQtb2M4XeM06w%2BFNkm%2BvtozClf9lRRBJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c9a03820f9de-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bgs.png
1.vecdn.pw/ch4.php/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/ch4.php/img/bgs.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/ch4.php/img/bgs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 12 Sep 2021 08:32:51 GMT
server
cloudflare
x-powered-by
PHP/7.3.22
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2F7gJS%2BDj3yUOODxmREY6kjfYWlGWkpqHH6cVXlBzLrTIBJ5gzkEtL3033rWkg3jZt%2FkwNmmU15jCyGwYYT%2F0spa6zkmHTljeMQ7CfpErKwQ7KizNOBwmyLJCV57"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c99fe96f410e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x.png
1.vecdn.pw/img/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/img/x.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

:path
/img/x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
820
last-modified
Sat, 17 Oct 2020 06:54:47 GMT
server
cloudflare
etag
"5f8a9537-334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QalY8wPZWeSTyotFPcUAgDB1tql4oANcmK6Ab7uVrL%2Fe9UKD7ipzHgY3mt4SJMkpbYFvr4vufo26Xrp6E9fQBvkw9FP0rWiIFa01IBC9256FY8vCbbRKiTJNPL55"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68d7c99fe971410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
ut.js
superfastcdn.com/script/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435571193
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
114
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=2278415&cbur=0.8959022382688089&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
via
1.1 google
server
openresty
alt-svc
clear
style.css
1.vecdn.pw/css/ Frame 46C1 		1 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/style.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2649919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 05 Jan 2020 09:02:10 GMT
server
cloudflare
etag
W/"5e11a612-414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhVG8UzZmHacNBC%2FDROy4Dj0ySGI%2FG1wFPB8ROFK4ojX%2FM3nK0xtJ1Enn%2F9yMGqkNCoeT11ury7u69WaLA6DgFnT40vKfTphxzl2h3Yk0fdyrDdDawcjDlqWep0m"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c9a19c39410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
1.vecdn.pw/css/ Frame 46C1 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/custom.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ae5cd4652705937c46802a60f15261729446c0abe6a9571936953c912cb108

Request headers

:path
/css/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 18 Apr 2021 06:10:23 GMT
server
cloudflare
etag
W/"607bcd4f-4cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbmV58oeLEtk2Cn1fqyX0kR%2FtPlF0%2FTJ6g7LhB%2BG2%2FA9lGbl3Ci14ZCSQ9QVNZ6hq16PRjGB4VORxiGpmgjA79Ol73jwXKqFvYOOjZzTbK3PJqj0Ydzaq6G567GB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c9a19c3b410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
su.js
superfastcdn.com/script/ Frame 46C1 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2983
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
suv4.js
moneymakercdn.com/script/ Frame 46C1 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymakercdn.com/script/suv4.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07951d4a0d7641967a1305c9e5e9a1cf7383ea3d2a18b2d32730407c81a792d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=6t15gQ==, md5=GbslUxLbD0mYjseiuedLhQ==
date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157
x-guploader-uploadid
ADPycdsPXsB9nV1qwSlp_4l1z9w9n4x7v7MRvyhecYXmFVpwZ8GMlnC_KopwXwHK_4GVfoE8sJxe58KQOOcy07PrM4vrjP08fQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
cloudflare
etag
W/"19bb255312db0f49988ec7a2b9e74b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxLuVmcE4Xc7nnjd96mQtc9T0V%2F7NyZk7PZSbNuYzpGWz8Wa0Uy5RrlwqbGqR%2BwmxVVmYTwLK9Dio7clDd0RgGJTcN4pTy50vhzvJCXPbEhG3Dtlctnk%2B%2BNcbYJsXEAvECxGsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1631274101556599
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
23757
cf-ray
68d7c9a1a88c05f1-FRA
expires
Sun, 12 Sep 2021 08:38:53 GMT
b5d5e2cbaa884029b13637009b94e342.js
asundersimultaneously.com/b5/d5/e2/ Frame 46C1 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
widgets.amung.us/draw/ Frame 46C1
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=2191&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=2191&c=000000ffffff&p=
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf0b1132a54b2c798f88cc75be0e72e90f442309c905d0c4f54949555764e92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Sep 2021 07:36:34 GMT
server
cloudflare
age
3377
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a25e62f9d6-PRG
expires
Mon, 13 Sep 2021 07:36:34 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=2191&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
adca.php
1.vecdn.pw/ch4.php/ Frame BC6C 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/ch4.php/adca.php
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
36b104cb22b7ac56664ea4e9a2b953153dbb1a20f188d3b4b7f8d8ca21a2dea5

Request headers

:method
GET
:authority
1.vecdn.pw
:scheme
https
:path
/ch4.php/adca.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/ch4.php/adca.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.22
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChpWccQwMOpHUFiee3UKluXQ5e4ORaEmJuaxv2VdvYqEpRleRNeguW%2BBRhwVt6aQPNij92fyE%2B%2B1qLhZ4hn8tXlsFCWGcfwWMnxdpIZv%2Fmf6rl3ZkYLxHVGPaHFH"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c9a19c3e410e-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1ey38qdxyr4l58k
ragnarp.net/embed/ Frame 7794 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47fc7dfe7426a0770925c36e9f6274347ff250f99504c15d03495677a589379f

Request headers

:method
GET
:authority
ragnarp.net
:scheme
https
:path
/embed/1ey38qdxyr4l58k?skin=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-type
text/html; charset=UTF-8
set-cookie
hf1=1; expires=Mon, 13-Sep-2021 08:32:51 GMT; Max-Age=86400; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VmZEWf%2B8uyUlAcTglkuq71Ye6a9sfZ0rWFXsMivPFsBuUl2Dt%2B2oyty3fnmbK%2FfH%2FR%2BwOn%2FlHDw76L609%2BumMhOoJYON2De8QxwGcwyATWyHD7svLRItLSOxkUQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c9a199d7f9de-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ut.js
superfastcdn.com/script/ Frame 46C1 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435571472
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
114
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ Frame 46C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=2278415&cbur=0.25416938991786564&cbiframe=1&cbWidth=300&cbHeight=250&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
via
1.1 google
server
openresty
alt-svc
clear
bgs.png
1.vecdn.pw/ch4.php/img/ Frame 46C1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/ch4.php/img/bgs.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/ch4.php/img/bgs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Sep 2021 08:32:51 GMT
server
cloudflare
age
0
x-powered-by
PHP/7.3.22
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1GdJRy0AxpIM5%2Bv8OPcg02YA%2Bu5XKuXdk8UprQo9BZ7d4iKD6dXH1shmAC3o%2FeNifNfsOkSfy3Epre4LzNFVKQndfVqYczO5aTMxQU22FJIAiPEQW%2BNyjdneZ0z"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a1cca8410e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x.png
1.vecdn.pw/img/ Frame 46C1 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/img/x.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

:path
/img/x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
820
last-modified
Sat, 17 Oct 2020 06:54:47 GMT
server
cloudflare
etag
"5f8a9537-334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUzmbokYDhrH6HuJpENh89Taz1ieMVKpvD1%2BWw1%2FrRtaIShc%2BJPRSdYj9758tyksc1YdbqWQrXXhpKExiPj5MaXNB0xJ9Gnu%2BdKUeo58IT2kIvcVwgr34dz6SuIa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68d7c9a1ccac410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.min.css
ragnarp.net/css/ Frame D149 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/css/embed.min.css?v=0.3
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5582
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaeYR1Q0FwXULLEZHtVfhs%2FB2S94oyFbFHbV3AlkuPm%2B1mzg%2FX2HAmjbh7iidjO3rxxUbZGtNpTezicPXFMgjzMtM6bNondLvs9lRF1QhD5gBfd%2F42YXFa46aBhgug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a21cb627b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ragnarp.net/js/ Frame D149 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/js/jquery.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
2583
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8gvCPt%2BgC3dF7hWkMu6k%2F8zZPS7Vy7IA32Q8yyd7g0LhE5IO%2F14Ihm%2BVXV%2BY7H3vsQO%2BRD52lZwr0Qvqff56%2FStYvwsqD1GLQEpznAgK7QD2JZqTagEDemOiWgSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a21cb527b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wigistream.js
swarm.video/ Frame D149 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.182.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6180041
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 22:53:39 GMT
server
cloudflare
etag
W/"7ee26-17a54d407d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHadEfOtDSIxUidpoPAw5FKEqSEAdhkaiytczSUWZp4IxJ80ZSYfn7harkVYdYQFUomYLWaMQQ4V6uUNuCqVsAcg1poFXph2kX8KhRMBj0b93E03hS19AmazDUBaZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
68d7c9a23d375be5-FRA
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame D149 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18354
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
141142
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by
cache-fra19133-FRA, cache-hhn4052-HHN
x-jsd-version-type
version
date
Sun, 12 Sep 2021 08:32:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
su.js
superfastcdn.com/script/ Frame D149 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2983
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
js
www.googletagmanager.com/gtag/ Frame D149 		101 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3109c114e79d5097d14665c32470cdc06ac4d0ec0db9935379fb969910b3aff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41243
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Sep 2021 08:32:51 GMT
/
widgets.amung.us/draw/ Frame D149
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=9236&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=9236&c=000000ffffff&p=
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88dd42db796f1bfb184da4c9b86040f981ac78865808cf37004a9aa2fcf93ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Sep 2021 07:55:59 GMT
server
cloudflare
age
2212
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a2fed4f9d6-PRG
expires
Mon, 13 Sep 2021 07:55:59 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=9236&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame D149 		1 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/css/embed.min.css?v=0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f95.1e100.net
Software
ESF /
Resource Hash
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 07:57:00 GMT
server
ESF
date
Sun, 12 Sep 2021 08:32:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Sep 2021 08:32:51 GMT
ut.js
superfastcdn.com/script/ Frame D149 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435571659
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
114
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ Frame D149 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.5925748175569154&cbiframe=1&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
via
1.1 google
server
openresty
alt-svc
clear
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame D149 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:57:33 GMT
x-content-type-options
nosniff
age
81318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 09:57:33 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame D149 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:31:45 GMT
x-content-type-options
nosniff
age
97266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:31:45 GMT
analytics.js
www.google-analytics.com/ Frame D149 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5147
date
Sun, 12 Sep 2021 07:07:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 12 Sep 2021 09:07:04 GMT
js15_as.js
s10.histats.com/ Frame 46C1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:29:03 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
787153228
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:29:03 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
787153228
embed.min.css
ragnarp.net/css/ Frame 7794 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/css/embed.min.css?v=0.3
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5582
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnoOuVpURU%2BZFkWBpFDTiS0kWxl8Yu2bThHMGvAs8u5SeSQzcrX63BBBHbTn%2BCqSjdB8MzrBiM7r14U8ZlZETfy%2BgAWlkC%2FrrckPX1OSGYqp6AQoZoMOak2loEuUEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a4380a27b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ragnarp.net/js/ Frame 7794 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/js/jquery.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
2583
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXszIl31Afa82S2hv%2F4e9XYXeU71EOk9WAf4Mg%2BelfhUuaCNIXUmD1v5ltoIX4dpbjNFOP%2FotUTrOMsJ1mtCupxjK7cNLvRBD01gQZFdZ%2By35cdjsLhlWpS1PCvW9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a4380d27b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wigistream.js
swarm.video/ Frame 7794 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6180041
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 22:53:39 GMT
server
cloudflare
etag
W/"7ee26-17a54d407d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stC6gXT0FHB%2BAGOZf0x9IzVNMBbFIkPQos12dfFetWuttR0QmxiXx8MZk7%2B4KUgoG57trvK1ZL3uF%2FtzKzWa2pUhNDsZB05rElTHd0TI2TdgzjuNB%2FPDCG7iFYZnLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
68d7c9a45c3e177a-FRA
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 7794 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18354
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
141142
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by
cache-fra19133-FRA, cache-hhn4052-HHN
x-jsd-version-type
version
date
Sun, 12 Sep 2021 08:32:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
su.js
superfastcdn.com/script/ Frame 7794 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2983
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
js
www.googletagmanager.com/gtag/ Frame 7794 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3109c114e79d5097d14665c32470cdc06ac4d0ec0db9935379fb969910b3aff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41243
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Sep 2021 08:32:51 GMT
/
widgets.amung.us/draw/ Frame 7794
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=9363&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=9363&c=000000ffffff&p=
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f5921031bede7e6fbf2a50ae1f04e26b99a737ff2e62bd523de127dc9246a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Sep 2021 08:32:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a4f8c7f9d6-PRG
expires
Mon, 13 Sep 2021 08:32:52 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=9363&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
style.css
1.vecdn.pw/css/ Frame BC6C 		1 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/style.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2649919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 05 Jan 2020 09:02:10 GMT
server
cloudflare
etag
W/"5e11a612-414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAQKdZmi3Mk%2BzVCyETJ0c7eEnOkAeQJwh02W5HMwCVq2DBOo5A5af5iouVEi%2BI%2F32VH0dJXBI0azyGRPhKXgo777nI0Qsdny8AygSJmCTEZXMMs9yRd%2F6UmGpCCr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c9a44897410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
1.vecdn.pw/css/ Frame BC6C 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.vecdn.pw/css/custom.css
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ae5cd4652705937c46802a60f15261729446c0abe6a9571936953c912cb108

Request headers

:path
/css/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 18 Apr 2021 06:10:23 GMT
server
cloudflare
etag
W/"607bcd4f-4cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jy3v9r9qZ50J8ARZkaSWK5aAZYQJFpQWOP5rUPEW8DXLCQud6s9aySO8n6xP3bNLk0%2B8bi2eHn8XAYfVxaGR1mEgjeBKPuH9%2FpZlI77aIPsx9ty4zSGlmZ93Xd0n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
68d7c9a44898410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
su.js
superfastcdn.com/script/ Frame BC6C 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2983
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
suv4.js
moneymakercdn.com/script/ Frame BC6C 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymakercdn.com/script/suv4.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07951d4a0d7641967a1305c9e5e9a1cf7383ea3d2a18b2d32730407c81a792d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=6t15gQ==, md5=GbslUxLbD0mYjseiuedLhQ==
date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157
x-guploader-uploadid
ADPycdsPXsB9nV1qwSlp_4l1z9w9n4x7v7MRvyhecYXmFVpwZ8GMlnC_KopwXwHK_4GVfoE8sJxe58KQOOcy07PrM4vrjP08fQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
cloudflare
etag
W/"19bb255312db0f49988ec7a2b9e74b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLXA90lQeSvGUZ%2B6%2FX3yntswASSjwEmmZ25NUwQMmJo9fAuBRSb%2BsBnODTFX6fZKOQCS%2BsPq8fTQNbjxWQsuxNQixw1gJF2YdPxjN3557chlxnzIoEK7K%2BEHHQ2446mo7eXFJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1631274101556599
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
23757
cf-ray
68d7c9a43cfa05f1-FRA
expires
Sun, 12 Sep 2021 08:38:53 GMT
b5d5e2cbaa884029b13637009b94e342.js
asundersimultaneously.com/b5/d5/e2/ Frame BC6C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
widgets.amung.us/draw/ Frame BC6C
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=2264&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=2264&c=000000ffffff&p=
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a08e78b96a7168df3760e58892bdce23ef616866a56202a1c4f399d530a2d0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Sep 2021 08:26:18 GMT
server
cloudflare
age
393
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a4f8c8f9d6-PRG
expires
Mon, 13 Sep 2021 08:26:18 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=2264&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
1ey38qdxyr4l58k
ragnarp.net/embed/ Frame 3898 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8f616fdc8ca3f34a8644d59a6be1348a6dd49d3e16a74176ef395e16e34105

Request headers

:method
GET
:authority
ragnarp.net
:scheme
https
:path
/embed/1ey38qdxyr4l58k?skin=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
hf1=1; expires=Mon, 13-Sep-2021 08:32:51 GMT; Max-Age=86400; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxRkaYX602kAjQeUaH%2FQe2ZnXTiSqtNAmOoaXFah%2B2KZQnCLKIOu5asAV5xfLXPzzj0eIYLWM4kc1GoNJSWw6BwBjvdEllolPqI4eBd6laEPrj7Dzp8EApkf0G4sEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d7c9a4381127b8-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
0.php
s4.histats.com/stats/ 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1631435571876&@k0&@l1&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:105216641&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
2ba7c21efc1f1a68f48c00dbec679f03d11efd159b932f63125692578e50b622

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ Frame 46C1 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g0&@h2&@i1&@j1631435571878&@k2&@l2&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@ohttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-1213504&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
2ba7c21efc1f1a68f48c00dbec679f03d11efd159b932f63125692578e50b622

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
css
fonts.googleapis.com/ Frame 7794 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/css/embed.min.css?v=0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f95.1e100.net
Software
ESF /
Resource Hash
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 08:21:27 GMT
server
ESF
date
Sun, 12 Sep 2021 08:32:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Sep 2021 08:32:51 GMT
ut.js
superfastcdn.com/script/ Frame BC6C 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435571904
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
114
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ Frame BC6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=2278415&cbur=0.8131958113435322&cbiframe=1&cbWidth=300&cbHeight=250&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:51 GMT
via
1.1 google
server
openresty
alt-svc
clear
bgs.png
1.vecdn.pw/ch4.php/img/ Frame BC6C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/ch4.php/img/bgs.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/ch4.php/img/bgs.png
pragma
no-cache
cookie
HstCfa3681769=1631435571876; HstCmu3681769=1631435571876; HstCnv3681769=1; HstCns3681769=1; HstCla3681769=1631435571878; HstPn3681769=2; HstPt3681769=2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/ch4.php/adca.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/adca.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Sep 2021 08:32:51 GMT
server
cloudflare
age
0
x-powered-by
PHP/7.3.22
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nth%2BzzDs%2ByDLT3bivKmG1tmrEXakwm%2F1GtyjxlB0QDHOx8%2FwvZVBI%2FLFrUevKClEPua4dSJYeGymWJ3156KAloGfKNfFqLuX2IduCJQJvfKZEy0t%2BymuBbcMELV%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a488e9410e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x.png
1.vecdn.pw/img/ Frame BC6C 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.vecdn.pw/img/x.png
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

:path
/img/x.png
pragma
no-cache
cookie
HstCfa3681769=1631435571876; HstCmu3681769=1631435571876; HstCnv3681769=1; HstCns3681769=1; HstCla3681769=1631435571878; HstPn3681769=2; HstPt3681769=2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1.vecdn.pw
referer
https://1.vecdn.pw/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
820
last-modified
Sat, 17 Oct 2020 06:54:47 GMT
server
cloudflare
etag
"5f8a9537-334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87O3T89%2F1u%2FHn5hlUZ1RfoEPcigB2Ruw7jxrwTNkCiyPO4Y38rAp2TK9%2BiyWPvlnL8EL%2BkqhmJwjtcZaWBmmRPkQzNZPcXVJvbwy9aqllrR4yfnqPvmUIBl2Tvr2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68d7c9a488ea410e-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
ut.js
superfastcdn.com/script/ Frame 7794 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435572004
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
115
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ Frame 7794 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.9010605122336794&cbiframe=1&cbWidth=320&cbHeight=250&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:52 GMT
via
1.1 google
server
openresty
alt-svc
clear
js15_as.js
s10.histats.com/ Frame BC6C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:29:03 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
787153228
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 7794 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:57:33 GMT
x-content-type-options
nosniff
age
81319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 09:57:33 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 7794 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:31:45 GMT
x-content-type-options
nosniff
age
97267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:31:45 GMT
analytics.js
www.google-analytics.com/ Frame 7794 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.110.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5148
date
Sun, 12 Sep 2021 07:07:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 12 Sep 2021 09:07:04 GMT
0.php
s4.histats.com/stats/ Frame BC6C 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g0&@h3&@i1&@j1631435572016&@k138&@l3&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@ohttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@q0&@r0&@s0&@ten-US&@u1600&@b1:-161876724&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
2ba7c21efc1f1a68f48c00dbec679f03d11efd159b932f63125692578e50b622

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1631435571876&@k0&@l1&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:105216641&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd2f4678965011e70938868921b45f7cfc0d7e379b62a5f13b77821510916b4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.653
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Sun, 12 Sep 2021 08:32:51 GMT
/
e.dtscout.com/e/ Frame 46C1 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3681769&@f16&@g0&@h2&@i1&@j1631435571878&@k2&@l2&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@ohttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-1213504&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a79838692d401ad0db0f82b0af93360bb8302d3b44ce47f7371f04fea1489ce6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.521
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Sun, 12 Sep 2021 08:32:51 GMT
embed.min.css
ragnarp.net/css/ Frame 3898 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/css/embed.min.css?v=0.3
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5583
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4S%2Fe7vyCydDnCXdIdyWx1Iq6P6GDngP3TzrrwHlzhFLrGNu5Yh0MOioxydDF91p6OQZZtEIn8vY1MPTKpTicadz%2FURNUOISi5jdKfVjIu02Obu%2B59%2BQTTfzNeoOFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a62aa327b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ragnarp.net/js/ Frame 3898 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ragnarp.net/js/jquery.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
2584
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyJ73C90W4jbv4t7cLB6YQW1Yh4Da%2BQ0TGIhqCytyhXluUbnEKE7AI8dDN0NOhuXKrCMTIlaK4ToX6E3n%2Fzw1IT4Ua6TCsXkiCW%2BYXELCYHNSZ1jyX93ZZUU8CRjZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d7c9a62aa527b8-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wigistream.js
swarm.video/ Frame 3898 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6180042
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 22:53:39 GMT
server
cloudflare
etag
W/"7ee26-17a54d407d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n19LxPp%2BWThyjZXTSNRmtqxN3fhpNZy5K6Y%2FMAIoFuk%2B8h%2FeoT6agBc5bsUlQo%2B13G2H58E2iUBq3qjN0XOI38sRN%2B8bKSs0LLGLAJK8uumTo0LLIRb7BYeJHXygA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
68d7c9a62f39177a-FRA
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 3898 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18355
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
141142
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by
cache-fra19133-FRA, cache-hhn4052-HHN
x-jsd-version-type
version
date
Sun, 12 Sep 2021 08:32:52 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
su.js
superfastcdn.com/script/ Frame 3898 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/su.js
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:43:08 GMT
age
2984
x-guploader-uploadid
ADPycdvEh2nUFwC9g6wOHyerPnhRcUZ71eZpeAhro2Ua2j1DTQh4-DfiL7vrCYIGtFcgzoUjGK5NR8b4iYxBGl7Oix-aptiSzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
23905
last-modified
Fri, 10 Sep 2021 11:41:40 GMT
server
UploadServer
etag
"6ac016d23c82affa91f3894867486200"
x-goog-hash
crc32c=7GC9Xg==, md5=asAW0jyCr/qR84lIZ0hiAA==
x-goog-generation
1631274100831460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
23905
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 08:43:08 GMT
js
www.googletagmanager.com/gtag/ Frame 3898 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f92c0471d638dc52aabd5514b747dde7be8991ab20cf1579cbd27b0b30a006a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41238
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Sep 2021 08:32:52 GMT
/
widgets.amung.us/draw/ Frame 3898
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=9157&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=9157&c=000000ffffff&p=
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c6ef428d4e0e17f23ebbc583f32b70d89322171f4bc7ce405608c14a28a951

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Sep 2021 08:32:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
68d7c9a6eafbf9d6-PRG
expires
Mon, 13 Sep 2021 08:32:52 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=9157&c=000000ffffff&p=
date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame 3898 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ragnarp.net
URL: https://ragnarp.net/css/embed.min.css?v=0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f95.1e100.net
Software
ESF /
Resource Hash
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 08:10:41 GMT
server
ESF
date
Sun, 12 Sep 2021 08:32:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Sep 2021 08:32:52 GMT
ut.js
superfastcdn.com/script/ Frame 3898 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superfastcdn.com/script/ut.js?cb=1631435572284
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.65.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.65.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:30:57 GMT
age
115
x-guploader-uploadid
ADPycdulAOSlfvVlfWUOCKsKAFRxLyXnWyX0fs7DFUczMHPiPPP3Y5wiA5Dm1hVO3IkqRGa-02QyhCkOJRWu-ZwUdEc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14943
last-modified
Fri, 10 Sep 2021 11:41:41 GMT
server
UploadServer
etag
"95dddcd48f55fb39bee8fe5a249a295b"
x-goog-hash
crc32c=nzbJtg==, md5=ld3c1I9V+zm+6P5aJJopWw==
x-goog-generation
1631274101670004
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
14943
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Sep 2021 09:30:57 GMT
suurl4.php
youradexchange.com/script/ Frame 3898 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.9470029035087264&cbiframe=1&cbWidth=320&cbHeight=250&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:32:52 GMT
via
1.1 google
server
openresty
alt-svc
clear
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame 3898 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 09:57:33 GMT
x-content-type-options
nosniff
age
81319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 09:57:33 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 3898 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f94.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ragnarp.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:31:45 GMT
x-content-type-options
nosniff
age
97267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 05:31:45 GMT
analytics.js
www.google-analytics.com/ Frame 3898 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.110.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ragnarp.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5148
date
Sun, 12 Sep 2021 07:07:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 12 Sep 2021 09:07:04 GMT
/
e.dtscout.com/e/ Frame BC6C 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3681769&@f16&@g0&@h3&@i1&@j1631435572016&@k138&@l3&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@ohttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@q0&@r0&@s0&@ten-US&@u1600&@b1:-161876724&@b3:1631435572&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
928a0644800baf73bdb8dd206619aed5dc71c5a6a78519b1026d4fc88a665f2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.547
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Sun, 12 Sep 2021 08:32:51 GMT
/
t.dtscout.com/idg/ Frame F091 		1 KB
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=10401631435572FCEAAF7B53FCC3EF18
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fe44599c0d4926aacff28fb561504de1a8db15b16cc38b6187495d4a80d25db5

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://1.vecdn.pw/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1631435572; l=10401631435572B61635CE4ED26C5201
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 12 Sep 2021 08:32:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-35.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
53101
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc181.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 11 Sep 2021 17:47:51 GMT
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
BaSit3-c09tRj-wudcwNw9Ui7E694HnNPnnO51AuldbzrJIGJ2zCWA==
dtscout
pd.sharethis.com/pd/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 12 Sep 2021 08:32:52 GMT
afwu.js
cdn.tynt.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.87.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:37 GMT
server
cloudflare
age
226406
etag
W/"612951fd-288b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
68d7c9a8beb04125-PRG
expires
Wed, 15 Sep 2021 08:32:52 GMT
/
t.dtscout.com/pv/ 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=1.vecdn.pw&_ss=2ub8k7a42v&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4m02&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7764e93305cc78b87af1fa6965c9a755285425e0f09a7328d9de2ccb4aec3848

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.195
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
/
t.dtscout.com/idg/ Frame 365C 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=10401631435572B61635CE4ED26C5201
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dd7dec1b27510cf207888768e5ad07e2c8b438818adec24c1f43dcfef2a0b2ca

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://1.vecdn.pw/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1631435572; l=10401631435572B61635CE4ED26C5201
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 12 Sep 2021 08:32:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 46C1 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-35.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
53101
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc181.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 11 Sep 2021 17:47:51 GMT
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
N2n-ACh7_sxvEkOTkNVE3UxHIwbROqTiDLATj-8bM--ydpn0dG_N9g==
dtscout
pd.sharethis.com/pd/ Frame 46C1 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 12 Sep 2021 08:32:52 GMT
/
t.dtscout.com/pv/ Frame 46C1 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=1.vecdn.pw&_ss=2ub8k7a42v&_pv=2&_ls=0&_cc=us&_pl=d&_cbid=6bgu&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8a4953c7134ad74b15a2660c543cc2a2d4493186f68fde80dbada01097bbd30b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.137
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.158.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-158-67.muc51.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 13:42:33 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront), 1.1 d255d09921fa67cc672b1ef95f57ba6b.cloudfront.net (CloudFront)
age
67819
x-amzn-requestid
0873d3e7-bd72-451b-98eb-af105f95ee05
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1, MUC51-C1
x-amz-apigw-id
FgDLgHzdiYcFrNw=
content-length
555
x-amz-cf-id
wW6FFgAILX8nkyW26s3XdAk99HA7eJoy7skzczcvYAglNdS8LSHA7w==
/
onetag-geo.s-onetag.com/ Frame 46C1 		555 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.158.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-158-67.muc51.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 13:42:33 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront), 1.1 d255d09921fa67cc672b1ef95f57ba6b.cloudfront.net (CloudFront)
age
67819
x-amzn-requestid
0873d3e7-bd72-451b-98eb-af105f95ee05
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1, MUC51-C1
x-amz-apigw-id
FgDLgHzdiYcFrNw=
content-length
555
x-amz-cf-id
65YlDi5SgVFm3QBMfbNYMVeuDOUKa-Zc3eo-g9cf_6BGtSsQGIsvxg==
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0&t=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
t.dtscout.com/idg/ Frame F74D 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=104016314355729E5B594C15ACE71F82
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d2a0a87af1af72cc7f1bbb337f81bc34fb54f63805a7b932ac64ffa611baa76d

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://1.vecdn.pw/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1631435572; l=104016314355729E5B594C15ACE71F82
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 12 Sep 2021 08:32:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BC6C 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-35.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
53101
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a1e8102a85e1e5a1d6e04d628d5dc181.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 11 Sep 2021 17:47:51 GMT
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
h7GxHLgxKq9HP7EodI-yEyjzx64kSqC6QhjmniMTIXznr2ej-SVnCA==
dtscout
pd.sharethis.com/pd/ Frame BC6C 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 12 Sep 2021 08:32:52 GMT
/
t.dtscout.com/pv/ Frame BC6C 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=1.vecdn.pw&_ss=2ub8k7a42v&_pv=3&_ls=0&_cc=us&_pl=d&_cbid=3nlq&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
33347f4afcb62972cac4f13263ff4e52556f7d35b1d1bbae8f81947ee4dcfb33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:52 GMT
X-T
0.168
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Sun, 12 Sep 2021 08:32:51 GMT
/
onetag-geo.s-onetag.com/ Frame BC6C 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.158.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-158-67.muc51.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 13:42:33 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront), 1.1 d255d09921fa67cc672b1ef95f57ba6b.cloudfront.net (CloudFront)
age
67819
x-amzn-requestid
0873d3e7-bd72-451b-98eb-af105f95ee05
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1, MUC51-C1
x-amz-apigw-id
FgDLgHzdiYcFrNw=
content-length
555
x-amz-cf-id
mDzbfDCIsIqE6-WhPMS1XLYhWnRjYClvx6kIq0aJMpExKEFd6EQxOA==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-158-11.muc51.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 01:45:07 GMT
content-encoding
gzip
server
restify
age
24465
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://1.vecdn.pw
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
MUC51-C1
x-amz-cf-id
3Wew_0amSGlLKTIZfZ2qWg2AyrDwW-CqFuC-kHKsaHeX16RecqzBAQ==
via
1.1 af266e4aa0723a4bcb4b2e1d46456a84.cloudfront.net (CloudFront)
/
t.dtscdn.com/widget/ 		0
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=10401631435572B61635CE4ED26C5201&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:19:01 GMT
X-T
0.9
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Sun, 12 Sep 2021 08:19:00 GMT
tpid=10401631435572B61635CE4ED26C5201
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.87
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
cache-control
no-cache
x-server
10.45.15.57
content-length
0
expires
0
27675
tags.bluekai.com/site/ 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=10401631435572B61635CE4ED26C5201&ret=html&phint=__bk_t%3DLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&phint=__bk_l%3Dhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2F&r=13625326
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
d6e3
Content-Type
image/gif
match
ps.eyeota.net/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401631435572B61635CE4ED26C5201
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDlK_dBUIC6frMWYODacGNQ&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4150594769817729154&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D3%2526dc_mr%253D5%2526dc_orig%253D3b2cb90%2526%2526referre...
  • https://ps.eyeota.net/match?uid=8246603711012135140&bid=2cr76e1&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid...
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26refer...
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=h0ffZEGM1MpkUZ5&newuser=1&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=a646be3d-891d-40a3-904e-1e9ec5f350f4&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=a646be3d-891d-40a3-904e-1e9ec5f350f4&bid=1e2n4ou
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=a646be3d-891d-40a3-904e-1e9ec5f350f4&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
tpid=10401631435572B61635CE4ED26C5201
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/ Frame 46C1
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
49 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.1
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401631435572B61635CE4ED26C5201
cache-control
no-cache
x-server
10.45.0.103
content-length
0
expires
0
match
ps.eyeota.net/ Frame 46C1
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401631435572B61635CE4ED26C5201
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=1febae8391325671
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVMUmZKTll0UWV5bDYwdDJKcTQxeXZpSkFTZXlBVjNQbVk1czhTcE9mdWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEPlyafHGZCtF0oWC7aln100&google_cver=1
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=8751613d-bb35-4c00-9733-3cfa91c8ba23&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_p...
  • https://ps.eyeota.net/match?uid=YT27NQAA6yjUTQAR&bid=0rijhbu&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YT27NQAA6yjUTQAR
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17bd92346f4-49950000010f4926&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2c...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17bd92346f4-49950000010f4926&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_m...
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=57554028644765051760306204747205370567&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-4t.50GxE2pVlnzAPXWGqavOjfdhyYWXgOrE-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-4t.50GxE2pVlnzAPXWGqavOjfdhyYWXgOrE-~A
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:54 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Sun, 12 Sep 2021 08:32:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-4t.50GxE2pVlnzAPXWGqavOjfdhyYWXgOrE-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
/
t.dtscdn.com/widget/ Frame 46C1 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=10401631435572B61635CE4ED26C5201&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&r=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:19:01 GMT
X-T
1.04
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Sun, 12 Sep 2021 08:19:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame BC6C 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-57.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 14:24:52 GMT
content-encoding
gzip
etag
W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
age
65298
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
CtlevgiX0UmS4G4vrQpgJOpIcPAU4MGEVOzPgKv7Ty5YVCcrlj37Bw==
/
t.dtscdn.com/widget/ Frame BC6C 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=104016314355729E5B594C15ACE71F82&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&r=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:19:01 GMT
X-T
1.45
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Sun, 12 Sep 2021 08:19:00 GMT
27675
tags.bluekai.com/site/ Frame BC6C 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=104016314355729E5B594C15ACE71F82&ret=html&phint=__bk_t%3DLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&phint=__bk_l%3Dhttps%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&r=81984587
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
61fb
Content-Type
image/gif
33141
tags.bluekai.com/site/ Frame BC6C
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104016314355729E5B594C15ACE71F82
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=a646be3d-891d-40a3-904e-1e9ec5f350f4&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=e5739dd09b481174
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=e5739dd09b481174
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/adca.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=e5739dd09b481174
content-length
0
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Mon, 13 Sep 2021 08:32:52 GMT
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Mon, 13 Sep 2021 08:32:52 GMT
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=3&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Mon, 13 Sep 2021 08:32:52 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0&t=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0&t=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame BC6C 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-57.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://1.vecdn.pw/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 11 Sep 2021 11:27:06 GMT
content-encoding
gzip
age
75948
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
JLaIUe8BPF3WhgeoTfBY67cB_kQkVPoFv25FBsUe7aZ0Ckx45QaUkA==
data
bcp.crwdcntrl.net/6/ Frame BC6C 		307 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7807e4982f129f86c3b99c737081157abf618626c7a037a1d01c0fe6a7b57775

Request headers

Referer
https://1.vecdn.pw/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://1.vecdn.pw
cache-control
no-cache
x-server
10.45.23.87
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
307
expires
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631435572627&dn=AFWU&iso=0
Requested by
Host: 1.vecdn.pw
URL: https://1.vecdn.pw/ch4.php/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/ch4.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
a
a.dtssrv.com/ Frame BC6C 		0
567 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=104016314355729E5B594C15ACE71F82&k=lotpano&v=6f220adb7fd4e0a0777a2b2208494945a702c7c71929695c29ec9d3a98fc8bbc
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php&j=https%3A%2F%2F1.vecdn.pw%2Fch4.php%2Fadca.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1.vecdn.pw/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR5vxzGtS8d3ynOgFKb0z%2FPN38k%2FkVVx%2FtFc9yhhxkVmETvPc%2BnLmeMr0t%2FuzYR%2Fy9fUcILV%2Bc7ElX%2B%2BKlgITD0mwiayXnDxQ66ui%2FcopdAIBpL8xbMIIZGxhKflGhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
68d7c9af1f7d412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 4ADD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-57.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1.vecdn.pw/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=73fff4e66fddc479a75143a199faf5ee; _cc_cc="ACZ4XmNQMDdOS0szSTUzS0tJSTYxt0w0NzU0MU40tLRMS0wzTU1lAIJE292m%2F4GAH8QBA96elkXajB9lGf4zMjIc3zSFBcb%2B%2BNkSxny2eA5cePmfQrjqo4eYYezd%2By4LwNgfGu7D2YeRtE4%2FoQ5T8m4JwsQ1G55yw8Q7J5%2FUgrEBmN5Fbw%3D%3D"; _cc_aud="ABR4XmNgYGBItN1tCqQggJmBgWsGmLmoFUQyPqwHkgBTpQS8"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.vecdn.pw/

Response headers

content-type
text/html
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
content-encoding
gzip
date
Sat, 11 Sep 2021 17:42:49 GMT
cache-control
max-age: 86400
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
qtF3KpWmn-Ok6s2aGn4KgpzYBMbX6nxPI1sWPJUaUhq-byMsksVxlA==
age
53405
pixels
bcp.crwdcntrl.net/ Frame D010 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c910e785c4013308f26f07e3b3532718febb4dd4a5de8e8ed249463976e26ea7

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=73fff4e66fddc479a75143a199faf5ee; _cc_cc="ACZ4XmNQMDdOS0szSTUzS0tJSTYxt0w0NzU0MU40tLRMS0wzTU1lAIJE292m%2F4GAH8QBA96elkXajB9lGf4zMjIc3zSFBcb%2B%2BNkSxny2eA5cePmfQrjqo4eYYezd%2By4LwNgfGu7D2YeRtE4%2FoQ5T8m4JwsQ1G55yw8Q7J5%2FUgrEBmN5Fbw%3D%3D"; _cc_aud="ABR4XmNgYGBItN1tCqQggJmBgWsGmLmoFUQyPqwHkgBTpQS8"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
content-type
text/html
content-length
3170
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.20.84
server
Jetty(9.4.38.v20210224)
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D010 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D010
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=73fff4e66fddc479a75143a199faf5ee&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=73fff4e66fddc479a75143a199faf5ee&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=c9d13052ea7b69463b4ccb8060082703&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/7/3.gif?puid=4150594769817729154&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NzNmZmY0ZTY2ZmRkYzQ3OWE3NTE0M2ExOTlmYWY1ZWU&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NzNmZmY0ZTY2ZmRkYzQ3OWE3NTE0M2ExOTlmYWY1ZWU&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NzNmZmY0ZTY2ZmRkYzQ3OWE3NTE0M2ExOTlmYWY1ZWU&google_redir={xENCODEDURL}&id5id=ID5-ZHMOLIwXfZ97i0Btn8aC6zcUO5T4oArrygPCJ09S5g
cache-control
no-cache
x-server
10.45.9.17
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame D010 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=da6cb5f5-0682-4c6f-b234-21b1cefc7baa
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame D010
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=73fff4e66fddc479a75143a199faf5ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=73fff4e66fddc479a75143a199faf5ee&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=da6cb5f5-0682-4c6f-b234-21b1cefc7baa
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=da6cb5f5-0682-4c6f-b234-21b1cefc7baa
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.115
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=da6cb5f5-0682-4c6f-b234-21b1cefc7baa
date
Sun, 12 Sep 2021 08:32:53 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
t
px.surveywall-api.survata.com/ Frame D010 		0
0
tpid=58423148095857826013076891046712673700
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame D010
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=73fff4e66fddc479a75143a199faf5ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=73fff4e66fddc479a75143a199faf5ee&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=58423148095857826013076891046712673700
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=58423148095857826013076891046712673700
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.1
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-usw2-2-v013-06d2d428f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8kgAnN/uRAI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=58423148095857826013076891046712673700
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame D010 		0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:73fff4e66fddc479a75143a199faf5ee
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
usermatch.gif
beacon.krxd.net/ Frame D010 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=73fff4e66fddc479a75143a199faf5ee
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.89.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-89-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1631435573
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
420246.gif
idsync.rlcdn.com/ Frame D010
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=73fff4e66fddc479a75143a199faf5ee
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:32:59 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Sun, 12 Sep 2021 08:32:54 GMT
server
Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
Content-Type
application/json
Location
https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-18-44.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
image.sbxx
ib.mookie1.com/ Frame D010
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.58.232.180 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Sep 2021 08:32:54 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS07
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Sun, 12 Sep 2021 08:32:53 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=73fff4e66fddc479a75143a199faf5ee
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS07
Content-Type
text/html; charset=utf-8
Content-Length
217
tpid=205030403907007254577
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame D010
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205030403907007254577
49 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205030403907007254577
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.171
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 12 Sep 2021 08:32:54 GMT
Server
AAWebServer
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Location
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205030403907007254577
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Expires
0
utsync.ashx
ml314.com/ Frame D010 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=73fff4e66fddc479a75143a199faf5ee&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Sep 2021 08:32:53 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Mon, 13 Sep 2021 04:32:53 GMT
tpid=0-d1557d4a-2878-432d-78db-59f6f13681c9$ip$216.131.114.210
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame D010
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d1557d4a-2878-432d-78db-59f6f13681c9$ip$216.131.114.210
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d1557d4a-2878-432d-78db-59f6f13681c9$ip$216.131.114.210
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.9.17
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d1557d4a-2878-432d-78db-59f6f13681c9$ip$216.131.114.210
Date
Sun, 12 Sep 2021 08:32:54 GMT
Connection
keep-alive
Content-Length
130
Content-Type
text/html; charset=utf-8
tpid=d5020d3a-b460-4797-a58d-44a0d03ef565
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame D010
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=d5020d3a-b460-4797-a58d-44a0d03ef565?gdpr=1&gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=d5020d3a-b460-4797-a58d-44a0d03ef565?gdpr=1&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.115
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=d5020d3a-b460-4797-a58d-44a0d03ef565?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
tpid=CI-112f071048e617ad760a6d6fb1de4a07
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame D010
Redirect Chain
  • https://dt-secure.videohub.tv/v1/usync/lo
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-112f071048e617ad760a6d6fb1de4a07
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-112f071048e617ad760a6d6fb1de4a07
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.32
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-112f071048e617ad760a6d6fb1de4a07
Date
Sun, 12 Sep 2021 08:32:54 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bridge
cm.adgrx.com/ Frame D010 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Sep 2021 08:32:54 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
qmap
sync.crwdcntrl.net/ Frame D010
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8751613d-bb35-4c00-9733-3cfa91c8ba23
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8751613d-bb35-4c00-9733-3cfa91c8ba23
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.2
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Sun, 12 Sep 2021 08:32:54 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=8751613d-bb35-4c00-9733-3cfa91c8ba23
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 12 Sep 2021 08:32:53 GMT
tpid=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame D010
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.101
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=023a34e3-8c8a-4c16-821c-494ab5fdfadf-613dbb36-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame D010 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=73fff4e66fddc479a75143a199faf5ee&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpid=YT27NQAA6yjUTQAR
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame D010
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT27NQAA6yjUTQAR
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT27NQAA6yjUTQAR
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.121
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631435574.644921,VS0,VE0
x-served-by
cache-hhn4024-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT27NQAA6yjUTQAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D010 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame D010 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=c9d13052ea7b69463b4ccb8060082703
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 08:32:54 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=4150594769817729154
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame D010
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/73fff4e66fddc479a75143a199faf5ee/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4150594769817729154
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4150594769817729154
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C95%2C94%2C92%2C80%2C79%2C78%2C65%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 08:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.101
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4150594769817729154
pragma
no-cache
date
Sun, 12 Sep 2021 08:32:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1.vecdn.pw/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 12 Sep 2021 08:33:03 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/t

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| hide_ads function| cbut object| a5_0x50cf function| a5_0x45b4 function| s2ss912ff boolean| s2ss912 object| a8_0x328e function| a8_0x31d7 boolean| utm912 string| utsid-send object| a6_0x56ce function| a6_0x285a object| _Hasync function| vwu function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| __connect object| _33Across function| __uspapi number| char

66 Cookies

Domain/Path Name / Value
1.vecdn.pw/ Name: HstCfa3681769
Value: 1631435571876
1.vecdn.pw/ Name: HstCmu3681769
Value: 1631435571876
1.vecdn.pw/ Name: HstCnv3681769
Value: 1
1.vecdn.pw/ Name: HstCns3681769
Value: 1
1.vecdn.pw/ Name: HstCla3681769
Value: 1631435572016
1.vecdn.pw/ Name: HstPn3681769
Value: 3
1.vecdn.pw/ Name: HstPt3681769
Value: 3
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1631435572
.dtscout.com/ Name: l
Value: 104016314355729E5B594C15ACE71F82
.vecdn.pw/ Name: __dtsu
Value: 104016314355729E5B594C15ACE71F82
.vecdn.pw/ Name: lotame_domain_check
Value: vecdn.pw
.onaudience.com/ Name: done_redirects236
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: cookie
Value: 24f2aa13e0c54b08
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 73fff4e66fddc479a75143a199faf5ee
.eyeota.net/ Name: mako_uid
Value: 17bd92346f4-49950000010f4926
.eyeota.net/ Name: SERVERID
Value: 18726~DM
.adsrvr.org/ Name: TDID
Value: a646be3d-891d-40a3-904e-1e9ec5f350f4
.doubleclick.net/ Name: IDE
Value: AHWqTUnRLWD5J0DNTwTBSevt5NdO0Fhgqlcz5a3WK9wQcK9gckHw87xn4DtvZj7W6GM
.onaudience.com/ Name: done_redirects109
Value: 1
.mathtag.com/ Name: uuid
Value: 8751613d-bb35-4c00-9733-3cfa91c8ba23
.turn.com/ Name: uid
Value: 4150594769817729154
.adnxs.com/ Name: uuid2
Value: 8246603711012135140
.dtscdn.com/ Name: uid
Value: 104016314355729E5B594C15ACE71F82
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YT27NQAA6yjUTQAR
.w55c.net/ Name: wfivefivec
Value: h0ffZEGM1MpkUZ5
.w55c.net/ Name: matcheyeota
Value: 5
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjY-7DR1PT6ORAFOAFaBmV5ZW90YWAC
.vecdn.pw/ Name: _cc_id
Value: 73fff4e66fddc479a75143a199faf5ee
.vecdn.pw/ Name: panoramaId_expiry
Value: 1632040373397
.vecdn.pw/ Name: panoramaId
Value: 6f220adb7fd4e0a0777a2b2208494945a702c7c71929695c29ec9d3a98fc8bbc
.tapad.com/ Name: TapAd_TS
Value: 1631435573707
.tapad.com/ Name: TapAd_DID
Value: da6cb5f5-0682-4c6f-b234-21b1cefc7baa
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.krxd.net/ Name: _kuid_
Value: OW3BTqHO
.tidaltv.com/ Name: tidal_ttid
Value: d5020d3a-b460-4797-a58d-44a0d03ef565
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjA3tjI0NAAANSpiJgkAAAA="
.sitescout.com/ Name: ssi
Value: 023a34e3-8c8a-4c16-821c-494ab5fdfadf#1631435574151
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjMxNDM1NTc0MTc1fQ
.agkn.com/ Name: ab
Value: 0001%3AiCjDHQSi%2F6idn26HdXURom5alW12ojNo
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d1557d4a-2878-432d-78db-59f6f13681c9.5RuNOoxJIxUG3jM5nkT%2BL%2F%2FGGZYwLcwphq3saV4Qy4c
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-d1557d4a-2878-432d-78db-59f6f13681c9%24ip%24216.131.114.210.91%2BQFusrw%2Fnlk1H59BRRzzjXBn1QwRabpx7cW07wmgs
.videohub.tv/ Name: UIXX_UPDT
Value: "UILO=1631435574176"
.videohub.tv/ Name: uid
Value: CI-112f071048e617ad760a6d6fb1de4a07
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDdOS0szSTUzS0tJSTYxt0w0NzU0MU40tLRMS0wzTU1lAIJE291m%2F%2F7%2F%2F88P4oABb0%2FLIm3Gj7IM%2FxkZGY5vmsICY3%2F8bAljPls8By68%2FE8hXPXRQ8ww9u59lwVg7A8N9%2BHsw0hap59Qhyl5twRh4poNT7lh4p2TT2rB2ACY30Vv"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBItN1tBqQggJmBYVErmMk1A0QyPqwHkgBXaAS9"
.dpm.demdex.net/ Name: dpm
Value: 58423148095857826013076891046712673700
.demdex.net/ Name: demdex
Value: 58423148095857826013076891046712673700
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: e3l3jc4mr1pwpyqu3mvknhzp
.yahoo.com/ Name: A3
Value: d=AQABBDa7PWECEFRCSS5KuJZ61N81YAMwFhw&S=AQAAAuoMue7OvKy7SvJnMx0fTbU
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: eb6b7081-9c8d-4312-b379-be9c124376f9#1631435582204#2
.id5-sync.com/ Name: 3pi
Value: 224#1631435582462#1064941614|321#1631435582430#-1897356074|19#1631435582213#242350313#73fff4e66fddc479a75143a199faf5ee|398#1631435582462#63818777
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: evtviqlfr2mvb5aip5v22wy2
.ib.mookie1.com/ Name: ibkukiuno
Value: s=7ff71dc6-81a9-45fa-b5aa-8e1a2140528a&h=&v=9783014241&l=-8585701713100516478&op=&hl=0&vlu=3&tcs=1&dcc=-8585701713100516478
.ib.mookie1.com/ Name: ibkukinet
Value: 3632493266=-8585701713100516478

14 Console Messages

Source Level URL
Text
security warning URL: https://1.vecdn.pw/ch4.php/
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://1.vecdn.pw/ch4.php/adca.php
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/adca.php' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://1.vecdn.pw/ch4.php/adca.php
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/adca.php' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://1.vecdn.pw/ch4.php/
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security warning URL: https://1.vecdn.pw/ch4.php/adca.php
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/adca.php' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://asundersimultaneously.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://1.vecdn.pw/ch4.php/adca.php
Message:
Mixed Content: The page at 'https://1.vecdn.pw/ch4.php/adca.php' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://ragnarp.net/embed/1ey38qdxyr4l58k?skin=2(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://px.surveywall-api.survata.com/t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.vecdn.pw
a.dtssrv.com
aa.agkn.com
aorta.clickagy.com
asundersimultaneously.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn.jsdelivr.net
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect-metrics-collector.s-onetag.com
d.turn.com
de.tynt.com
dpm.demdex.net
dt-secure.videohub.tv
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
i.w55c.net
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
ml314.com
moneymakercdn.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.surveywall-api.survata.com
ragnarp.net
s10.histats.com
s4.histats.com
superfastcdn.com
swarm.video
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
px.surveywall-api.survata.com
104.16.87.26
104.21.65.51
104.21.78.98
104.36.113.23
104.76.200.221
13.227.158.11
13.227.158.67
13.248.242.197
138.197.56.196
141.95.34.104
142.250.110.139
151.101.113.229
151.101.114.49
156.154.202.36
158.69.139.238
172.67.151.56
172.67.182.131
172.67.184.236
172.67.8.141
173.194.76.94
173.231.181.122
18.158.226.176
185.29.134.248
185.33.220.241
192.243.59.13
192.99.8.28
199.127.207.182
212.82.100.182
3.124.210.90
34.204.22.100
34.250.89.160
34.253.137.48
35.166.113.102
35.190.41.116
35.190.65.213
35.227.248.159
35.244.174.68
46.105.201.240
46.228.164.13
51.144.7.192
51.161.15.92
51.210.112.236
52.30.140.199
52.57.110.162
52.87.48.29
54.229.143.145
54.76.25.53
64.233.184.95
64.58.232.179
64.58.232.180
66.155.71.25
67.202.105.33
67.202.94.93
69.173.144.138
74.125.133.155
74.125.133.97
99.83.181.31
99.84.82.35
99.84.82.57
00c6ef428d4e0e17f23ebbc583f32b70d89322171f4bc7ce405608c14a28a951
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d
1a08e78b96a7168df3760e58892bdce23ef616866a56202a1c4f399d530a2d0c
20f5921031bede7e6fbf2a50ae1f04e26b99a737ff2e62bd523de127dc9246a9
2ba7c21efc1f1a68f48c00dbec679f03d11efd159b932f63125692578e50b622
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3109c114e79d5097d14665c32470cdc06ac4d0ec0db9935379fb969910b3aff9
33347f4afcb62972cac4f13263ff4e52556f7d35b1d1bbae8f81947ee4dcfb33
36b104cb22b7ac56664ea4e9a2b953153dbb1a20f188d3b4b7f8d8ca21a2dea5
3a3e2bd9cccf66803de91ee78952f44018f83634f1483842cf3d66dbe3acb359
3b8f616fdc8ca3f34a8644d59a6be1348a6dd49d3e16a74176ef395e16e34105
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
47fc7dfe7426a0770925c36e9f6274347ff250f99504c15d03495677a589379f
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
7764e93305cc78b87af1fa6965c9a755285425e0f09a7328d9de2ccb4aec3848
7807e4982f129f86c3b99c737081157abf618626c7a037a1d01c0fe6a7b57775
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
8175db46316f861b3dde8a416d7da93228b91a89cd463d0359283e887c11ba21
859e41f143b75fbae625309029b18c8df3ef7e67b200e2c831c83fad0c2515f7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88d380138be7c6a161b2968fa49b5025beec93c0bc6ef305184ee4b1fa0b47b7
8a4953c7134ad74b15a2660c543cc2a2d4493186f68fde80dbada01097bbd30b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
928a0644800baf73bdb8dd206619aed5dc71c5a6a78519b1026d4fc88a665f2c
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a79838692d401ad0db0f82b0af93360bb8302d3b44ce47f7371f04fea1489ce6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbf0b1132a54b2c798f88cc75be0e72e90f442309c905d0c4f54949555764e92
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c88dd42db796f1bfb184da4c9b86040f981ac78865808cf37004a9aa2fcf93ce
c910e785c4013308f26f07e3b3532718febb4dd4a5de8e8ed249463976e26ea7
cd2f4678965011e70938868921b45f7cfc0d7e379b62a5f13b77821510916b4a
d07951d4a0d7641967a1305c9e5e9a1cf7383ea3d2a18b2d32730407c81a792d
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2a0a87af1af72cc7f1bbb337f81bc34fb54f63805a7b932ac64ffa611baa76d
d5ae5cd4652705937c46802a60f15261729446c0abe6a9571936953c912cb108
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
db00798223e53f40371f10590e73605beeff1f00e93641392cf9557a8906fbff
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
dd7dec1b27510cf207888768e5ad07e2c8b438818adec24c1f43dcfef2a0b2ca
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb865b46d21998f31a31ac86e504fb03872bdfc20f25b34992d8a18e6eebb969
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f92c0471d638dc52aabd5514b747dde7be8991ab20cf1579cbd27b0b30a006a1
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe44599c0d4926aacff28fb561504de1a8db15b16cc38b6187495d4a80d25db5