urlscan.io logo urlscan.io
SecurityTrails logo

fifaworldcup.world Open in urlscan Pro
192.64.117.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fifaworldcup.world/
Effective URL: https://fifaworldcup.world/
Submission: On September 29 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 34 HTTP transactions. The main IP is 192.64.117.118, located in United States and belongs to NAMECHEAP-NET, US. The main domain is fifaworldcup.world. The Cisco Umbrella rank of the primary domain is 906714.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 7th 2022. Valid for: a year.
This is the only time fifaworldcup.world was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 192.64.117.118 22612 (NAMECHEAP...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
3 35.190.41.116 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 188.114.96.3 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 45.154.206.22 48357 (K4X)
34 16
2    192.64.117.118 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium193-1.web-hosting.com
fifaworldcup.world
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
acdcdn.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
v3.sportsonline.to
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
4    2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnondemand.org
4    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
l94kq6peamppjk.smokelearned.net
1    2606:4700:3033::ac43:af62 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:3035::ac43:a822 (United States)

ASN13335 (CLOUDFLARENET, US)
awstats.cloud
1    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    45.154.206.22 (Isle Of Man)

ASN48357 (K4X, EE)
4c5hu8z6jsdre2gt.cdnexpress11.net
Apex Domain
Subdomains		 Transfer
4 cdnexpress11.net
4c5hu8z6jsdre2gt.cdnexpress11.net
3 MB
4 smokelearned.net
l94kq6peamppjk.smokelearned.net
48 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 15709
widgets.amung.us — Cisco Umbrella Rank: 17241
4 KB
4 cdnondemand.org
cdnondemand.org — Cisco Umbrella Rank: 481276
114 KB
3 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 38202
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
39 KB
2 awstats.cloud
awstats.cloud — Cisco Umbrella Rank: 173673
2 KB
2 sportsonline.to
v3.sportsonline.to — Cisco Umbrella Rank: 362906
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
83 KB
2 acdcdn.com
acdcdn.com — Cisco Umbrella Rank: 166144
60 KB
2 fifaworldcup.world
fifaworldcup.world — Cisco Umbrella Rank: 906714
740 B
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
898 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
138 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 136419
128 KB
34 15
Domain Requested by
4 4c5hu8z6jsdre2gt.cdnexpress11.net swarm.video
4 l94kq6peamppjk.smokelearned.net v3.sportsonline.to
l94kq6peamppjk.smokelearned.net
4 cdnondemand.org v3.sportsonline.to
cdnondemand.org
l94kq6peamppjk.smokelearned.net
3 youradexchange.com acdcdn.com
cdnondemand.org
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 awstats.cloud l94kq6peamppjk.smokelearned.net
awstats.cloud
2 widgets.amung.us v3.sportsonline.to
l94kq6peamppjk.smokelearned.net
2 whos.amung.us 2 redirects
2 v3.sportsonline.to fifaworldcup.world
v3.sportsonline.to
2 www.googletagmanager.com fifaworldcup.world
v3.sportsonline.to
2 acdcdn.com fifaworldcup.world
acdcdn.com
2 fifaworldcup.world 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com l94kq6peamppjk.smokelearned.net
1 cdn.jsdelivr.net l94kq6peamppjk.smokelearned.net
1 swarm.video l94kq6peamppjk.smokelearned.net
34 16

This site contains links to these domains. Also see Links.

Domain
youradexchange.com
Subject Issuer Validity Valid
fifaworldcup.world
Sectigo RSA Domain Validation Secure Server CA		 2022-08-07 -
2023-08-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh
*.smokelearned.net
E1		 2022-09-19 -
2022-12-18		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
4c5hu8z6jsdre2gt.cdnexpress11.net
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://fifaworldcup.world/
Frame ID: 95F90F44D2E69E6CC04A75D82825EA28
Requests: 7 HTTP requests in this frame

Frame: https://v3.sportsonline.to/channels/hd/hd1.php
Frame ID: 578284DBCDAC18919F1E4EF617193D6F
Requests: 8 HTTP requests in this frame

Frame: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Frame ID: CF3CF3B0C9A7F462CFBDA7A3E33F65AF
Requests: 18 HTTP requests in this frame

Frame: https://l94kq6peamppjk.smokelearned.net/deb.html
Frame ID: 19BC54E11E12068AF78371509AD64F3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fifaworldcup.world/ HTTP 301
    https://fifaworldcup.world/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

34
Requests

91 %
HTTPS

73 %
IPv6

15
Domains

16
Subdomains

16
IPs

5
Countries

4103 kB
Transfer

5531 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fifaworldcup.world/ HTTP 301
    https://fifaworldcup.world/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://whos.amung.us/cwidget/sportsonline/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=630&c=000000ffffff&p=left
Request Chain 19
  • https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=1343&c=000000ffffff&p=left

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fifaworldcup.world/
Redirect Chain
  • http://fifaworldcup.world/
  • https://fifaworldcup.world/
664 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fifaworldcup.world/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.64.117.118 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium193-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c51cb7649bd61765f9e0ce1b063b8cbaa90f34bf03b373ab6e2e337cb80a3455

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
336
content-type
text/html
date
Thu, 29 Sep 2022 07:36:50 GMT
last-modified
Sun, 07 Aug 2022 06:05:33 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
707
content-type
text/html
date
Thu, 29 Sep 2022 07:36:49 GMT
keep-alive
timeout=5, max=100
location
https://fifaworldcup.world/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
suv4.js
acdcdn.com/script/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdcdn.com/script/suv4.js
Requested by
Host: fifaworldcup.world
URL: https://fifaworldcup.world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fifaworldcup.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3486
x-guploader-uploadid
ADPycdvP3IemmK8Vr_KitEwI_zMUJp1XJCPndt_vYc3nIlNXhbedm7YU3sxwr4nETPO1YpSNb8OZrwYsNwP0SVB9XxopTmU18t4R
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:41:05 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626465441111
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noXGzi%2Fyfn7WAVTQC%2FHq8SDANA6v1yhaT8rOsLgWVjzfuvI1bCpKhxMPBDxOht1W0Pa9TR12DArg9AQkTUl%2FZ53SxtlFJWQDN9X2Bq0ly6i9GSXQ4AX%2FK6nJgX6dsUywwpFlP4aLXhWt"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
75230cd30bd59131-FRA
expires
Thu, 29 Sep 2022 06:50:34 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137358395-1
Requested by
Host: fifaworldcup.world
URL: https://fifaworldcup.world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13f16241a04905b188cad509b30bdc49fa3d179c34efdbdb2cdc1e23f315bb52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fifaworldcup.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42339
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Sep 2022 07:36:50 GMT
hd1.php
v3.sportsonline.to/channels/hd/ Frame 5782 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v3.sportsonline.to/channels/hd/hd1.php
Requested by
Host: fifaworldcup.world
URL: https://fifaworldcup.world/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
22097935687039462ef3329c661ca56c30f6062c347839a1883caf910527cc23

Request headers

Referer
https://fifaworldcup.world/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75230cd3fe34bb9d-FRA
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:36:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4JV7DKXXSbZ%2Fhbr2CCn0Z%2FkqX1zsGJmLgGivBxRoJALYv%2FFIuaO733In8IXzVdcyQwO%2BK13QhgLBHQJHnWjhZChhjE7MZjWpaNs8WF0szgBwBm6jUY%2F5kAaDILE5B6H3mZbrO3DsOi8T7E167%2FKMII%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137358395-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fifaworldcup.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1253
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 29 Sep 2022 09:15:57 GMT
ut.js
acdcdn.com/script/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdcdn.com/script/ut.js?cb=1664437010495
Requested by
Host: acdcdn.com
URL: https://acdcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fifaworldcup.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1315
x-guploader-uploadid
ADPycdtsF6dORb567ZowlBPbKjyNFfkxeH0hbghA3PPugX0Gjju4ZAOTEXy7Xy64yZf8ZJJm0jGENoCv_uY5yqN1wT2jPLRCjNHG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYCAOz2Hvn9ftIxsRZlM%2F5oUolUMn1ABbDHUGQEnhBt80j31y3F8%2FHnHfY%2F0Opz0awZiEThxpLcp0s7V3ZCfxYJk88eq%2BjvVER5UoLkYafYa%2FNoPGrXdo1WAxlwwWzdWjn6e1MRTjGni"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
75230cd43e719131-FRA
expires
Thu, 29 Sep 2022 07:30:43 GMT
suurl4.php
youradexchange.com/script/ 		1 KB
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5034787&cbur=0.045680731899876204&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Ffifaworldcup.world%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0&chmob=?0
Requested by
Host: acdcdn.com
URL: https://acdcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
eaa3f9d212e89d1784dd49c1c8b6e31f99ea76dc92597992624ccca14e189d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fifaworldcup.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:36:50 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=494893275&t=pageview&_s=1&dl=https%3A%2F%2Ffifaworldcup.world%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1315891136&gjid=561296613&cid=1235283606.1664437011&tid=UA-137358395-1&_gid=958117457.1664437011&_r=1&gtm=2ou9q0&z=1007869931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fifaworldcup.world/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 07:36:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fifaworldcup.world
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
cdnondemand.org/script/ Frame 5782 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/bootstrap.js
Requested by
Host: v3.sportsonline.to
URL: https://v3.sportsonline.to/channels/hd/hd1.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
795
x-guploader-uploadid
ADPycduI37KEPlpa7dhAN4STX9m-ZBO4Y32gaR3L6T8kNSA9aGUTdsjejcQNb213CG0L3bKHfuueOJtQ0XijxlZrTxbkBD5eMsBy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100523
cf-ray
75230cd67812691f-FRA
expires
Thu, 29 Sep 2022 11:36:50 GMT
SCCfwxq.png
v3.sportsonline.to/channels/hd/ Frame 5782 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.sportsonline.to/channels/hd/SCCfwxq.png
Requested by
Host: v3.sportsonline.to
URL: https://v3.sportsonline.to/channels/hd/hd1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/channels/hd/hd1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:50 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Dec 2021 14:48:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61af7432-4c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8ju7rdBuxnJlLYrDU%2B0Ry5aA9%2F7TPwps2xTO6QLz%2BQHA0t5U1DjPLc%2Fgpn8HEKxCqG2dMKlF4PJgNijwH9kC5OQLcgDvQ%2BI6C7T79MJgwVCaZiGGAwnaM%2BhSI8sziSR66H6N8zcdqxQy76r2VBjY0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75230cd64dc8902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1220
/
widgets.amung.us/draw/ Frame 5782
Redirect Chain
  • https://whos.amung.us/cwidget/sportsonline/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=630&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=630&c=000000ffffff&p=left
Requested by
Host: v3.sportsonline.to
URL: https://v3.sportsonline.to/channels/hd/hd1.php
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e98968a0278317c0effd07cc74e022f3e8fbcf4092031da8a45b3852070b0bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:48:03 GMT
server
cloudflare
age
17328
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
75230cd74b845bf1-FRA
expires
Fri, 30 Sep 2022 02:48:03 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=630&c=000000ffffff&p=left
date
Thu, 29 Sep 2022 07:36:51 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75230cd669d35bf1-FRA
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame 5782 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-202511892-1
Requested by
Host: v3.sportsonline.to
URL: https://v3.sportsonline.to/channels/hd/hd1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba25433cd0d60e2234fd8a6bb4fdea1acb331ce5dfa29b8ccec1785446d42535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42339
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Sep 2022 07:36:51 GMT
ut.js
cdnondemand.org/script/ Frame 5782 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/ut.js?cb=1664437011005
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1326
x-guploader-uploadid
ADPycduxBPe-xxn4RWgYhI8ZBbwGkkDW65tffK9iwT646mBzOol8wC088X1fbXvF85-KLQD9Syel9VjaPVj8rZDZIVkfbA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
71356
cf-ray
75230cd6d8da691f-FRA
expires
Thu, 29 Sep 2022 11:36:51 GMT
suurl4.php
youradexchange.com/script/ Frame 5782 		953 B
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=4827899&cbur=0.183846267489975&cbiframe=1&cbWidth=700&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Ffifaworldcup.world%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0&chmob=?0
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
d03353b454c82196b48e9ac505deb9930e1aa6a9b166bdcfe15ee6f180a5a519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
6y5l8ujvxr
l94kq6peamppjk.smokelearned.net/embed/ Frame CF3C 		35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Requested by
Host: v3.sportsonline.to
URL: https://v3.sportsonline.to/channels/hd/hd1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2069503982c188d4d38c352bb60fa008046b9f3cfbbe674ba7f2ca7bba5a707f

Request headers

Referer
https://v3.sportsonline.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75230cd81ac89b67-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 07:36:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbbg3o9q1Zf2eF%2FfkdiprYzSKrN99vtkopCZsBR7leZjNxTAWV9%2B8G%2FnRKfctEl5QPQ%2BWHrtbFslixUCYO3ZLDLkYoUJW868wP7MXk1EhieCLYD%2BRE76f3yAiZT6lxK%2BthSwHydxn8R%2BRRcLQ6txkErt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
analytics.js
www.google-analytics.com/ Frame 5782 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202511892-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Sep 2022 07:01:59 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
2092
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 29 Sep 2022 09:01:59 GMT
embed.min.css
l94kq6peamppjk.smokelearned.net/css/ Frame CF3C 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l94kq6peamppjk.smokelearned.net/css/embed.min.css?v=0.4
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3653
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11O786S%2Ft3W0sedvPNuJMdagruzcwNkvRcQAFypPkiKwfp2HDn7DmY73hTrnbJVqigbqN2Ew%2BJSj%2B0%2FGiU9AlAj3VWmLv5wkjaXVMhRa3GcJ6RAJAt6riQ1%2B6qXa6Oe5VXpdzrI99Lm%2FAj0UmY5D9EHb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75230cd949409180-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
l94kq6peamppjk.smokelearned.net/js/ Frame CF3C 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l94kq6peamppjk.smokelearned.net/js/jquery.min.js
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3647
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jfYBkHC7EZ5%2FASPGGBLkvWsjJU3%2BFjLnSjwGNoEFuNBT3RZZKWwdy4wDMl75RcyXkSYbPnzlGq2e%2BiPwFO5QykvXok5VpbDnVObO2TW6DlzqgK7rlAjoEkvRIjWxuqeHsAyviXoelgis8dCeBQwdFwZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75230cd9493d9180-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsns.js
swarm.video/ Frame CF3C 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/nsns.js
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:af62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50712
cf-polished
origSize=519718
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Jun 2022 16:38:50 GMT
server
cloudflare
etag
W/"7ee26-1814955381e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3rhqZwfX%2FbbTyRwWF4WAW3d3jRIp36r9lCdAjuf1cCUn2RVafx7OIFuN0LwsR1fBgvqmz0YuhhqcRPmy3Ps8%2F943hOZpy8bWQJO7OFocD3MZTDXSWe3sAAHGCCBxDgH5SnJrp8SXGO2jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
75230cd988d99267-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame CF3C 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Sep 2022 07:36:51 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
25371
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra19182-FRA, cache-hhn4055-HHN
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
widgets.amung.us/draw/ Frame CF3C
Redirect Chain
  • https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=1343&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=1343&c=000000ffffff&p=left
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaa3a9d1063dc9f103ff5f6410a9011ce04840085f1e0cb91bb06e641ba928a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 04:32:07 GMT
server
cloudflare
age
529484
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
75230cd9d8ca5bf1-FRA
expires
Sat, 24 Sep 2022 04:32:07 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=1343&c=000000ffffff&p=left
date
Thu, 29 Sep 2022 07:36:51 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75230cd91f385bf1-FRA
content-type
text/html; charset=UTF-8
plausible.js
awstats.cloud/js/ Frame CF3C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awstats.cloud/js/plausible.js
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqcbMbAr7nx%2Bc0PxuAza52IZQvU2%2FSszDkyWbYRQOkIrX9M4QcJxURtc87sQTJ7hXJ4DBb2vV9AqPt3jYzW3mSPy2bvnbCIJdwRwaJvjhxuFNd%2BAzqAz2XLTwr%2FD8b4IWriX5Hg5DDheuUmw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
cf-ray
75230cd9aef29974-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame CF3C 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/css/embed.min.css?v=0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 06:16:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 07:36:51 GMT
bootstrap.js
cdnondemand.org/script/ Frame CF3C 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/bootstrap.js
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
796
x-guploader-uploadid
ADPycduI37KEPlpa7dhAN4STX9m-ZBO4Y32gaR3L6T8kNSA9aGUTdsjejcQNb213CG0L3bKHfuueOJtQ0XijxlZrTxbkBD5eMsBy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
100523
cf-ray
75230cdb097a691f-FRA
expires
Thu, 29 Sep 2022 11:36:51 GMT
deb.html
l94kq6peamppjk.smokelearned.net/ Frame 19BC 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l94kq6peamppjk.smokelearned.net/deb.html
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f

Request headers

Referer
https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75230cdb1d6b9180-FRA
content-encoding
br
content-type
text/html
date
Thu, 29 Sep 2022 07:36:51 GMT
last-modified
Sat, 18 Jun 2022 16:00:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJhvQxgsyT0MdyHYSDaXbi%2Fn0O8dfj%2FAEyzr7CLUeB5LzOFng9gxtgXBUu%2FZX2uTYM2Yk4i%2BmyMxD%2FfAdzotz0E2tUYSNlLHq%2FdwycM25GHjkEB6YyWdm29Dfm7LSURC27SAKdepLZyNH0SqCh8bi7v1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame CF3C 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://l94kq6peamppjk.smokelearned.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:23:17 GMT
x-content-type-options
nosniff
age
162814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 10:23:17 GMT
event
awstats.cloud/api/ Frame CF3C 		2 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awstats.cloud/api/event
Requested by
Host: awstats.cloud
URL: https://awstats.cloud/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://l94kq6peamppjk.smokelearned.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMEc4m9hcSuvNpozdGmHQWH273sZYWHzLqM9OeHDh6VleapBRGTIdgwH5ATfYrwIoOY9I2ws4usb46y50V78lL4XtShTrwAq5ApGeHhRN%2B41cAxpA6AOytWuQxerLwBctqk32u%2FKGdkas5bX"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
75230cdb39c99034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-request-id
FxlEpMPPRZpX4MoBHgCB
ut.js
cdnondemand.org/script/ Frame CF3C 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/ut.js?cb=1664437011743
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1326
x-guploader-uploadid
ADPycduxBPe-xxn4RWgYhI8ZBbwGkkDW65tffK9iwT646mBzOol8wC088X1fbXvF85-KLQD9Syel9VjaPVj8rZDZIVkfbA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
71356
cf-ray
75230cdb6a73691f-FRA
expires
Thu, 29 Sep 2022 11:36:51 GMT
suurl4.php
youradexchange.com/script/ Frame CF3C 		957 B
766 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5954546&cbur=0.610135785703086&cbiframe=1&cbWidth=700&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Fv3.sportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0&chmob=?0
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
1ce875371c3f1addd8b69c3a592b2cca7659607bec588244c3358c89abe26319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Sep 2022 07:36:51 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
6y5l8ujvxr.m3u8
4c5hu8z6jsdre2gt.cdnexpress11.net/hls/ Frame CF3C 		864 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4c5hu8z6jsdre2gt.cdnexpress11.net:8443/hls/6y5l8ujvxr.m3u8?s=kHvdD-ZYVl1FkOzk2uG2Gw&e=1664458611
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.22 , Isle Of Man, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e9506ef10ef93168a5f851c36b79f16f3dfafed751cf0e8a4ab9403a05aab0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:36:51 GMT
Last-Modified
Thu, 29 Sep 2022 07:36:50 GMT
Server
nginx/1.18.0
ETag
"63354b12-360"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
864
6y5l8ujvxr.m3u8
4c5hu8z6jsdre2gt.cdnexpress11.net/hls/ Frame CF3C 		864 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4c5hu8z6jsdre2gt.cdnexpress11.net:8443/hls/6y5l8ujvxr.m3u8?s=kHvdD-ZYVl1FkOzk2uG2Gw&e=1664458611
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.22 , Isle Of Man, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e9506ef10ef93168a5f851c36b79f16f3dfafed751cf0e8a4ab9403a05aab0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:36:51 GMT
Last-Modified
Thu, 29 Sep 2022 07:36:50 GMT
Server
nginx/1.18.0
ETag
"63354b12-360"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
864
6y5l8ujvxr-705872340.ts
4c5hu8z6jsdre2gt.cdnexpress11.net/hls/ Frame CF3C 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4c5hu8z6jsdre2gt.cdnexpress11.net:8443/hls/6y5l8ujvxr-705872340.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.22 , Isle Of Man, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ecdd0e93ac15e89f355bbc35f32a8371107741aea5210407e6e87a818dd4f914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:36:51 GMT
Last-Modified
Thu, 29 Sep 2022 07:36:28 GMT
Server
nginx/1.18.0
ETag
"63354afc-2d918c"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
2986380
9d26aa3f-46ec-4696-ba67-6257cff48c25
https://l94kq6peamppjk.smokelearned.net/ Frame CF3C 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://l94kq6peamppjk.smokelearned.net/9d26aa3f-46ec-4696-ba67-6257cff48c25
Requested by
Host: l94kq6peamppjk.smokelearned.net
URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
6y5l8ujvxr-707360400.ts
4c5hu8z6jsdre2gt.cdnexpress11.net/hls/ Frame CF3C 		538 KB
539 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4c5hu8z6jsdre2gt.cdnexpress11.net:8443/hls/6y5l8ujvxr-707360400.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.22 , Isle Of Man, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f8e3385785ce00caea0a5cbd8346911849ef31bc8cbcc81b487c9f7a182e2d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l94kq6peamppjk.smokelearned.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 07:36:52 GMT
Last-Modified
Thu, 29 Sep 2022 07:36:29 GMT
Server
nginx/1.18.0
ETag
"63354afd-86930"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
551216

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime boolean| s2ss929 function| s2ss929ff function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| user_engagement929 string| utsid-send object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.fifaworldcup.world/ Name: _ga
Value: GA1.2.1235283606.1664437011
.fifaworldcup.world/ Name: _gid
Value: GA1.2.958117457.1664437011
.fifaworldcup.world/ Name: _gat_gtag_UA_137358395_1
Value: 1
l94kq6peamppjk.smokelearned.net/ Name: hf1
Value: 1
l94kq6peamppjk.smokelearned.net/ Name: hf2
Value: 1
l94kq6peamppjk.smokelearned.net/ Name: hf4
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://l94kq6peamppjk.smokelearned.net/embed/6y5l8ujvxr(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c5hu8z6jsdre2gt.cdnexpress11.net
acdcdn.com
awstats.cloud
cdn.jsdelivr.net
cdnondemand.org
fifaworldcup.world
fonts.googleapis.com
fonts.gstatic.com
l94kq6peamppjk.smokelearned.net
swarm.video
v3.sportsonline.to
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
188.114.96.3
192.64.117.118
2001:4860:4802:38::178
2606:4700:10::ac43:88d
2606:4700:3033::ac43:af62
2606:4700:3035::ac43:a822
2606:4700::6810:a710
2a00:1450:4001:829::2008
2a00:1450:400d:805::200a
2a00:1450:400d:80a::2003
2a04:4e42::485
2a06:98c1:3121::3
2a06:98c1:3121::c
35.190.41.116
45.154.206.22
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d
13f16241a04905b188cad509b30bdc49fa3d179c34efdbdb2cdc1e23f315bb52
1ce875371c3f1addd8b69c3a592b2cca7659607bec588244c3358c89abe26319
2069503982c188d4d38c352bb60fa008046b9f3cfbbe674ba7f2ca7bba5a707f
22097935687039462ef3329c661ca56c30f6062c347839a1883caf910527cc23
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2e9506ef10ef93168a5f851c36b79f16f3dfafed751cf0e8a4ab9403a05aab0a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7e98968a0278317c0effd07cc74e022f3e8fbcf4092031da8a45b3852070b0bf
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
ba25433cd0d60e2234fd8a6bb4fdea1acb331ce5dfa29b8ccec1785446d42535
bfaa3a9d1063dc9f103ff5f6410a9011ce04840085f1e0cb91bb06e641ba928a
c51cb7649bd61765f9e0ce1b063b8cbaa90f34bf03b373ab6e2e337cb80a3455
d03353b454c82196b48e9ac505deb9930e1aa6a9b166bdcfe15ee6f180a5a519
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
eaa3f9d212e89d1784dd49c1c8b6e31f99ea76dc92597992624ccca14e189d36
ecdd0e93ac15e89f355bbc35f32a8371107741aea5210407e6e87a818dd4f914
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f8e3385785ce00caea0a5cbd8346911849ef31bc8cbcc81b487c9f7a182e2d23