newsoccer.store Open in urlscan Pro
199.188.200.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newsoccer.store/
Submission: On March 24 via manual (March 24th 2024, 8:36:23 am UTC) from QA — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 32 HTTP transactions. The main IP is 199.188.200.140, located in United States and belongs to NAMECHEAP-NET, US. The main domain is newsoccer.store.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 6th 2023. Valid for: a year.

This is the only time newsoccer.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.188.200.140 199.188.200.140	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
2	77.247.108.96 77.247.108.96	215845 (TECHOSERVERS) (TECHOSERVERS)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:10:... 2606:4700:10::6814:4373	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	149.56.240.129 149.56.240.129	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3036::ac43:a055	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:b1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:555c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:4a1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	62.182.85.222 62.182.85.222	30860 (YURTEH-AS) (YURTEH-AS)
32	17

1 199.188.200.140 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium43-1.web-hosting.com

newsoccer.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

pl21685906.toprevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.247.108.96 (Amsterdam, Netherlands)

ASN215845 (TECHOSERVERS, GB)

v3.sportsonline.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:4373 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:a055 (United States)

ASN13335 (CLOUDFLARENET, US)

xdgelyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:b1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

xglpk2pks34we7g.harmquantity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4bab (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:555c (United States)

ASN13335 (CLOUDFLARENET, US)

ctrtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4a1b (United States)

ASN13335 (CLOUDFLARENET, US)

swarm.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

awistats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 62.182.85.222 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: host-222.dedicated.vsys.host

xmvtakdywcbqsrju.cdnorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	histats.com s10.histats.com — Cisco Umbrella Rank: 9091 s4.histats.com — Cisco Umbrella Rank: 9069	15 KB
4	cdnorange.net xmvtakdywcbqsrju.cdnorange.net — Cisco Umbrella Rank: 881460	524 KB
4	amung.us 2 redirects whos.amung.us — Cisco Umbrella Rank: 11675 widgets.amung.us — Cisco Umbrella Rank: 21905	4 KB
4	harmquantity.net xglpk2pks34we7g.harmquantity.net	103 KB
2	awistats.com awistats.com — Cisco Umbrella Rank: 122345	2 KB
2	ctrtrk.com ctrtrk.com — Cisco Umbrella Rank: 22766	1 KB
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 19862	815 B
2	xdgelyt.com xdgelyt.com	74 KB
2	sportsonline.so v3.sportsonline.so	76 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	139 KB
1	swarm.video swarm.video — Cisco Umbrella Rank: 99547	134 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	818 B
1	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 73293
1	toprevenuegate.com pl21685906.toprevenuegate.com
1	newsoccer.store newsoccer.store	844 B
32	15

	Domain	Requested by
4	xmvtakdywcbqsrju.cdnorange.net	swarm.video
4	xglpk2pks34we7g.harmquantity.net	v3.sportsonline.so xglpk2pks34we7g.harmquantity.net
3	s10.histats.com	newsoccer.store v3.sportsonline.so s10.histats.com
2	awistats.com	xglpk2pks34we7g.harmquantity.net awistats.com
2	ctrtrk.com	xdgelyt.com
2	widgets.amung.us	v3.sportsonline.so xglpk2pks34we7g.harmquantity.net
2	whos.amung.us	2 redirects
2	youradexchange.com	v3.sportsonline.so xglpk2pks34we7g.harmquantity.net
2	xdgelyt.com	v3.sportsonline.so xglpk2pks34we7g.harmquantity.net
2	s4.histats.com	s10.histats.com
2	v3.sportsonline.so	newsoccer.store v3.sportsonline.so
1	cdn.jsdelivr.net	xglpk2pks34we7g.harmquantity.net
1	swarm.video	xglpk2pks34we7g.harmquantity.net
1	fonts.googleapis.com	xglpk2pks34we7g.harmquantity.net
1	www.topcreativeformat.com	newsoccer.store
1	pl21685906.toprevenuegate.com	newsoccer.store
1	newsoccer.store
32	17

This site contains links to these domains. Also see Links.

Domain
www.histats.com

Subject Issuer	Validity	Valid
newsoccer.store Sectigo RSA Domain Validation Secure Server CA	`2023-12-06` - `2024-12-06`	a year	crt.sh
toprevenuegate.com R3	`2024-02-18` - `2024-05-18`	3 months	crt.sh
sportsonline.so R3	`2024-02-18` - `2024-05-18`	3 months	crt.sh
topcreativeformat.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
histats.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
xdgelyt.com GTS CA 1P5	`2024-03-14` - `2024-06-12`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
harmquantity.net GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
ctrtrk.com GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
swarm.video GTS CA 1P5	`2024-01-26` - `2024-04-25`	3 months	crt.sh
awistats.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
xmvtakdywcbqsrju.cdnorange.net R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://newsoccer.store/
Frame ID: 07B9A1584AB0CB4AA4C2FA9774BCA332
Requests: 7 HTTP requests in this frame

Frame: https://v3.sportsonline.so/channels/hd/hd1.php
Frame ID: 4639BB0A167A9BEC32BB462AD7589D3F
Requests: 7 HTTP requests in this frame

Frame: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Frame ID: 716F7182B037D4D9675C9CF23A81B259
Requests: 17 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: C73316AD06DA88ABF4496A86FBA56483
Requests: 1 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: F89C8B7F927FC3D57F1B6213762C7204
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

32
Requests

91 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

17
IPs

5
Countries

1073 kB
Transfer

2456 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.histats.com/viewstats/?sid=4604282&ccid=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://whos.amung.us/cwidget/jshxn22oq/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=942&c=000000ffffff&p=left

Request Chain 20

https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=3121&c=000000ffffff&p=left

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsoccer.store/ 2 KB
844 B 504ms
178ms Document
text/html 199.188.200.140
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsoccer.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.140 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium43-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: ade119e82e9fe37b9977eb568476f8459f983538be7121a52542b1c5f894cb4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 677
content-type: text/html
date: Sun, 24 Mar 2024 08:36:18 GMT
last-modified: Mon, 29 Jan 2024 04:57:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H/1.1 403
Forbidden 8f5258d996a2cb582de4ae222da7ab6b.js
pl21685906.toprevenuegate.com/8f/52/58/ 0
0 722ms
99ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl21685906.toprevenuegate.com/8f/52/58/8f5258d996a2cb582de4ae222da7ab6b.js
Requested by: Host: newsoccer.store
URL: https://newsoccer.store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsoccer.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:18 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 hd1.php Show response
v3.sportsonline.so/channels/hd/ Frame 4639 224 KB
74 KB 504ms
411ms Document
text/html 77.247.108.96
TECHOSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://v3.sportsonline.so/channels/hd/hd1.php
Requested by: Host: newsoccer.store
URL: https://newsoccer.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.247.108.96 Amsterdam, Netherlands, ASN215845 (TECHOSERVERS, GB),
Reverse DNS
Software: openresty / PHP/7.2.34
Resource Hash: 80dc5670eb4340efb4c15cce80a7c6a65665ee8b935aa3f56133d27b645c00ed

Request headers

Referer: https://newsoccer.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 08:34:43 GMT
server: openresty
x-powered-by: PHP/7.2.34
x-served-by: v3.sportsonline.so

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/827a06f337bbd0e0ce1a286c849a998f/ 0
0 300ms
102ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/827a06f337bbd0e0ce1a286c849a998f/invoke.js
Requested by: Host: newsoccer.store
URL: https://newsoccer.store/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://newsoccer.store/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 24 Mar 2024 08:36:18 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 49ms
23ms Script
text/javascript 2606:4700:10::6814:4373
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: newsoccer.store
URL: https://newsoccer.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsoccer.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 57207
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 86955531d9ee4d5e-FRA
content-length: 4547

GET
H/1.1 200
OK 4604282.php Show response
s4.histats.com/stats/ 51 B
185 B 310ms
100ms Script
text/html 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4604282.php?4604282&@f16&@g1&@h1&@i1&@j1711269378885&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s1&@ten-US&@u1600&@b1:-128050119&@b3:1711269379&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fnewsoccer.store%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: 3d68cfb68c4b5eb4e0826027bb9a21c20b06b418f259e8ad55fa93a59f411502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsoccer.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:19 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 ut.js Show response
xdgelyt.com/script/ Frame 4639 108 KB
37 KB 63ms
21ms Script
text/javascript 2606:4700:3036::ac43:a055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xdgelyt.com/script/ut.js?cb=1711269379057
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c49cde3f7ebb118f96fab52bdb8431e57b555bdd1bd2d8108248198164b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1250
x-guploader-uploadid: ABPtcPpP2jfuUJU17TJKyzPPOvC3V4Hf_51oOUCr4G3K0HnbziBg-43iQ16jZjNt4rj64-P6puRMw0TmMw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Mar 2024 14:20:01 GMT
server: cloudflare
etag: W/"03f9193f8ff0e93b5e00ff84e38a6acc"
vary: Accept-Encoding
x-goog-hash: crc32c=iNCt1A==, md5=A/kZP4/w6TteAP+E44pqzA==
x-goog-generation: 1709821201050042
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FKP3UPRd7MzonoCdaO9NjqJrv5S5CVnkDQWzMQsxyeWCGsXNrMHZyK2SVoJNi1WSXAnJX7g0qBu09C3eKLy9EL37nRWoL57sLZ2Ne8d1juWm4jLNz4Sti%2BgP%2FL2TEmcXkNYdsfwGmLP8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110498
cf-ray: 869555336f3e35e1-FRA
expires: Sun, 24 Mar 2024 08:37:48 GMT

GET
H2 203 suurl5.php Show response
youradexchange.com/script/ Frame 4639 1 B
526 B 178ms
140ms Fetch
text/html 2606:4700:3033::ac43:b1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=7793978&chmob=%3F0&cbur=0.8140097765923535&cbiframe=1&cbWidth=720&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fnewsoccer.store%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=xdgelyt.com&ts=1711269379078&srs=8ca3054f2ec4054e83e8205c9a57a728&atv=45.3&abtg=1
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPnK8iYkhTdIUI0q5KFdSdhxbg5I%2Br4f7iLIw0enIBk2f3Ydf4jaGMX3OCGaP6cJ%2Fyp1t1LbnVVERFNj%2BcYOsGmv1oKJb0DE65ql85n9193to0L9AyhJTD2e%2Bpu6HfcbHUUK3AiELCMikR7US8wyP6M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 869555338aff2c7e-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 61i6q3jvgok Show response
xglpk2pks34we7g.harmquantity.net/embed/ Frame 716F 231 KB
65 KB 185ms
153ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226852bfe8e06e67797efae044bc0a379838a32c91b377a09487d6989739f9e7

Request headers

Referer: https://v3.sportsonline.so/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 869555337dbd4d76-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 08:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM0GGrPYDlSK8O3HO1Nw5WcSmkTIHEUk5wv6RGO4WFkwnpcJrayI%2BoNokqrV7Eb%2FZbBXv3YrYtF10h8tIND0z82CJUcLQb8a%2BLJ9xY7imjUXHs2Ok1qQRqdTkk%2BHB6df%2F%2FXXaWZ7FurAx%2FrIC0w5uinYDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 SCCfwxq.png
v3.sportsonline.so/channels/hd/ Frame 4639 1 KB
1 KB 35ms
34ms Image
image/png 77.247.108.96
TECHOSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v3.sportsonline.so/channels/hd/SCCfwxq.png
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.247.108.96 Amsterdam, Netherlands, ASN215845 (TECHOSERVERS, GB),
Reverse DNS
Software: openresty /
Resource Hash: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/channels/hd/hd1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 25 Mar 2024 00:30:00 GMT
date: Sun, 24 Mar 2024 08:34:43 GMT
server: openresty
etag: "61af7432-4c4"
content-type: image/png
cache-control: max-age=57317
accept-ranges: bytes
content-length: 1220
x-served-by: v3.sportsonline.so

GET
H2

200

/
widgets.amung.us/draw/ Frame 4639
Redirect Chain

https://whos.amung.us/cwidget/jshxn22oq/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=942&c=000000ffffff&p=left

2 KB
2 KB

46ms
20ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=942&c=000000ffffff&p=left
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8bdded194a1f0bf8dc12e604fea76e42f4d384fb389db97844561bae739efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Mar 2024 16:18:16 GMT
server: cloudflare
age: 922683
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 869555357c539188-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Mar 2024 16:18:16 GMT

Redirect headers

date: Sun, 24 Mar 2024 08:36:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=colored&n=942&c=000000ffffff&p=left
cache-control: no-cache, no-store, must-revalidate
cf-ray: 869555338aae9188-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4639 11 KB
5 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4373
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: v3.sportsonline.so
URL: https://v3.sportsonline.so/channels/hd/hd1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 57208
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 869555334b4b4d5e-FRA
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 4639 53 B
187 B 286ms
94ms Script
text/html 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fnewsoccer.store%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-86108191&@b3:1711269379&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fv3.sportsonline.so%2Fchannels%2Fhd%2Fhd1.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: 0c25518e85ab5791fa4e98d69365f8140c65c18f0b796ea742e3cea7f8ba8ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3.sportsonline.so/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:19 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H2 200 ctr.php Show response
ctrtrk.com/ut/ Frame C733 166 B
654 B 180ms
140ms Document
text/html 2606:4700:3036::6815:555c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrtrk.com/ut/ctr.php
Requested by: Host: xdgelyt.com
URL: https://xdgelyt.com/script/ut.js?cb=1711269379057
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:555c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe12272f376e569117a6c051c70571ee96b855abc69f2e43feffa6deb49e204

Request headers

Referer: https://v3.sportsonline.so/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86955533fbf72c04-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 24 Mar 2024 08:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoC7EoSKTDgiqy5ZARIjlBW0iZmh7K4Hyk%2BezLhyiFI3pV7PBO%2FUnAKhfD7aopEaCtm5wQSimqPNgB%2B7DJ2eS8kdB0xdmGZvxn0fDFI2hDo3YdGkbAKaGdLZJClPC8WFT7DwyJN0iM5T"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

GET
H2 200 cc_1.js Show response
s10.histats.com/counters/ 14 KB
6 KB 23ms
22ms Script
text/javascript 2606:4700:10::6814:4373
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_1.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8006c7f7acf4297d74c1f112349ed89db365fd9e6ab528af70a96468892d32fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsoccer.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
server: cloudflare
age: 47686
etag: "1622539968"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 869555341c304d5e-FRA
content-length: 5751

GET
DATA 200
OK truncated
/ 999 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ab67c484ea20fba6ff30029b55fc05a95ed7213bac772a59e5352c9a5819043

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 embed.min.css
xglpk2pks34we7g.harmquantity.net/css/ Frame 716F 1 KB
844 B 22ms
20ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglpk2pks34we7g.harmquantity.net/css/embed.min.css?v=0.5
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8374
etag: W/"62a1c21c-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cDpz8iUmwfglFv9XZ%2B%2FP3iJO2bjdzte5GvjsA99LznLacY5tPpyJ2OaearoCjVAUIJY4oOntk79CUCG4qA2l6o4cmhhNuXc7m9qDy7kySTNGneQHhwXZiOc71NDJ6ERpDpDGKDGMx1LltxQvQNWScYw6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=608400
cf-ray: 869555347e9b4d76-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Mar 2024 07:16:45 GMT

GET
H2 200 jquery.min.js Show response
xglpk2pks34we7g.harmquantity.net/js/ Frame 716F 85 KB
31 KB 19ms
19ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglpk2pks34we7g.harmquantity.net/js/jquery.min.js
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8374
etag: W/"5fa984ce-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsbMGgHTt3WmnPFuRYP%2BLPLpQ6GCn5HEOlJlV9RfMvRgIUbWaujxfCasuRDWx1HJ7AHvG2DpoNroqV8IHvDlUoml%2FMYA3nNAvzoE82p5m7xdyQfhf%2FdlMesaTDJPtxVKX75a2zPHzPcrk%2BikI8mvGCZM6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=608400
cf-ray: 869555347e9c4d76-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Mar 2024 07:16:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 716F 1 KB
818 B 48ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/css/embed.min.css?v=0.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 07:12:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 08:36:19 GMT

GET
H2 200 j79z9kzty.js Show response
swarm.video/ Frame 716F 532 KB
134 KB 78ms
34ms Script
application/javascript 2606:4700:3031::6815:4a1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/j79z9kzty.js?v=1.1
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126799
cf-polished: origSize=545594
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Jul 2023 00:04:26 GMT
server: cloudflare
etag: W/"8533a-1893d1d213a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NURF1d1Oo6mhJby0nzYIdTryxxgPAKBRP8hdcML6%2B0t25V5Gq0MrJl%2FApVmXEd%2FKWuLqUerHpKKwCuD4vU0tnM%2FTQUazZBA%2B4NHA02%2BwYt1d%2BhRPPz3oP2BJ7mpHUg3ea2ScNzbClOlQUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86955534ffb79b2d-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 716F 513 KB
139 KB 71ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9334
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220029-FRA, cache-lga21925-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXycYJ%2BcOQdqeQfDD4JWaLlZyjJpBzx8Hajvtuupr4gPxSqrD%2FwOBe%2F%2B32g4R%2FOwuuf0su2mb5mxFf6Sd0rC6XFwMfkSpBizb7leRRlpb%2FUWLQ6inubiQBa%2BCmsgG%2BQuzqlQ4m7yUwqBJI4VO5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 86955534ed6e6add-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 716F
Redirect Chain

https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=3121&c=000000ffffff&p=left

2 KB
2 KB

23ms
22ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=3121&c=000000ffffff&p=left
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da688330e2983c606206a01cdb1f741302cb1c9ebc6733ae0575f18e772fcbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Mar 2024 18:01:01 GMT
server: cloudflare
age: 916518
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 869555361ce59188-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Mar 2024 18:01:01 GMT

Redirect headers

date: Sun, 24 Mar 2024 08:36:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=colored&n=3121&c=000000ffffff&p=left
cache-control: no-cache, no-store, must-revalidate
cf-ray: 86955534bbb29188-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
awistats.com/js/ Frame 716F 1 KB
1 KB 53ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awistats.com/js/script.js

Requested by

Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 23 Mar 2024 22:27:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjtRviNv4udXKYRyCRP0PnMRZgj%2BSCLBkUuDl5WSvADEmbCvI1C7OacHGxf3xEudxGcXdDTSa8NaJy9bYTgGQP1z4kUKKxOM5oEx7X0XJ6aM7dO%2BBWUfKNuhI8bBYPcZtrBvqUc0WSCRfWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 86955534eaa937da-FRA

GET
H3 200 deb.js Show response
xglpk2pks34we7g.harmquantity.net/ Frame 716F 25 KB
6 KB 20ms
20ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglpk2pks34we7g.harmquantity.net/deb.js
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 13:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8390
etag: W/"63f61f52-6450"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMVYe%2B3BAAbwBJ6qr9wQuWxfuefAeCaFZxINoIPwyTREpcZnUgvFa0%2BBaCik%2FWqQFqyL%2FV2WDC32wqN3J%2FG%2BNdrj0brDXrPs3816vOLVIiPK2OAJ0I6EnfOpy6lbtyoIdmUN%2Fcg36qSasrBRxcwBFTrL4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=608400
cf-ray: 86955534bc8637f5-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Mar 2024 07:16:29 GMT

GET
H2 200 ut.js Show response
xdgelyt.com/script/ Frame 716F 108 KB
37 KB 21ms
20ms Script
text/javascript 2606:4700:3036::ac43:a055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xdgelyt.com/script/ut.js?cb=1711269379401
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c49cde3f7ebb118f96fab52bdb8431e57b555bdd1bd2d8108248198164b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1250
x-guploader-uploadid: ABPtcPpP2jfuUJU17TJKyzPPOvC3V4Hf_51oOUCr4G3K0HnbziBg-43iQ16jZjNt4rj64-P6puRMw0TmMw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Mar 2024 14:20:01 GMT
server: cloudflare
etag: W/"03f9193f8ff0e93b5e00ff84e38a6acc"
vary: Accept-Encoding
x-goog-hash: crc32c=iNCt1A==, md5=A/kZP4/w6TteAP+E44pqzA==
x-goog-generation: 1709821201050042
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLQ%2BntbpCByiwPWMRl0kW86nXZTbqaDaMu1GpRKF3KoRJ8CYFy6WLOIBB1Dsma2QFaxmiBZYpovl9wJLye9kR5vTAUMrJFlDsk2370KIBypy2XXxBjtVkHITEH0TvzkfrBPna4IyvVeEPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110498
cf-ray: 86955535494d35e1-FRA
expires: Sun, 24 Mar 2024 08:37:48 GMT

GET
H2 203 suurl5.php Show response
youradexchange.com/script/ Frame 716F 1 B
289 B 139ms
139ms Fetch
text/html 2606:4700:3033::ac43:b1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=7108866&chmob=%3F0&cbur=0.175598973376486&cbiframe=1&cbWidth=720&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fv3.sportsonline.so%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=xdgelyt.com&ts=1711269379417&srs=3b8d97ac902d98485968e6b78afc3280&atv=45.3&abtg=1
Requested by: Host: xglpk2pks34we7g.harmquantity.net
URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lNisXimWZWCh9bPBoKv367y8To9pjDSLpkJIt5YoxEc0eJCpGBFb4PuybMqPAUvaJiOZMXNL0CwNBdgdutuiMgC%2BTNnTR%2BxL6%2B4Fo3PsJGksP3pdRN%2BRxuCCWG8bF68f7eeGbRnhdX0QBcPenL%2F%2F14%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 869555356c9e2c7e-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 ctr.php Show response
ctrtrk.com/ut/ Frame F89C 166 B
408 B 137ms
134ms Document
text/html 2606:4700:3036::6815:555c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrtrk.com/ut/ctr.php
Requested by: Host: xdgelyt.com
URL: https://xdgelyt.com/script/ut.js?cb=1711269379401
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:555c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe12272f376e569117a6c051c70571ee96b855abc69f2e43feffa6deb49e204

Request headers

Referer: https://xglpk2pks34we7g.harmquantity.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86955535bdd22c04-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 24 Mar 2024 08:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uDc2yH%2Fe717V7sdWdkihWGOlp4sILK5wocEQiyVSDzXSOnSaxA7kEHRKlJxHBR503GVZww%2Bbpn8%2BlLkE1%2FVGqCeka%2F4OUMdoY04HO%2FnZ9JHe%2Bcr2jW6zuPYK2HPASoekEQASgNfXNmQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

POST
H3 202 event Show response
awistats.com/api/ Frame 716F 2 B
522 B 221ms
200ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://awistats.com/api/event
Requested by: Host: awistats.com
URL: https://awistats.com/js/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://xglpk2pks34we7g.harmquantity.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 08:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mamztMxyJq6WIED8dqE7iQkJjHM%2BqKNf1yKKklkGIbSdEE6PlraLbeg3Nf7up4QpR74jtZTTmEjDMWpZZmQd1uQGJBgc1nDAOS%2BJr6h%2B6AxVCRA%2FkQecH8GYt9HuPOgM4YXIGr7ZqoE9jIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 869555367dd592a5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F7-mbx-Wv7Jh7h-RLKoD

GET
H/1.1 200
OK 61i6q3jvgok.m3u8 Show response
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame 716F 1 KB
2 KB 119ms
32ms XHR
application/vnd.apple.mpegurl 62.182.85.222
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/61i6q3jvgok.m3u8?s=8sMPuIV-H-GSroHKz8yzIg&e=1711290979
Requested by: Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: host-222.dedicated.vsys.host
Software: nginx/1.24.0 /
Resource Hash: cc520d066359a74bc74c26a61dfd1171871da9d0044c37d86e3c08f3b29d1f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:19 GMT
Last-Modified: Sun, 24 Mar 2024 08:36:16 GMT
Server: nginx/1.24.0
ETag: "65ffe600-4ac"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1196

GET
H/1.1 200
OK 61i6q3jvgok.m3u8 Show response
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame 716F 1 KB
2 KB 33ms
32ms XHR
application/vnd.apple.mpegurl 62.182.85.222
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/61i6q3jvgok.m3u8?s=8sMPuIV-H-GSroHKz8yzIg&e=1711290979
Requested by: Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: host-222.dedicated.vsys.host
Software: nginx/1.24.0 /
Resource Hash: cc520d066359a74bc74c26a61dfd1171871da9d0044c37d86e3c08f3b29d1f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:19 GMT
Last-Modified: Sun, 24 Mar 2024 08:36:16 GMT
Server: nginx/1.24.0
ETag: "65ffe600-4ac"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1196

GET
BLOB 200
OK a915b9e0-79e7-48d3-866e-3a70f4d42a74
https://xglpk2pks34we7g.harmquantity.net/ Frame 716F 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xglpk2pks34we7g.harmquantity.net/a915b9e0-79e7-48d3-866e-3a70f4d42a74
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H/1.1 404
Not Found 61i6q3jvgok-699404580.ts Show response
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame 716F 555 B
742 B 33ms
32ms XHR
text/html 62.182.85.222
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/61i6q3jvgok-699404580.ts
Requested by: Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: host-222.dedicated.vsys.host
Software: nginx/1.24.0 /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Mar 2024 08:36:20 GMT
Server: nginx/1.24.0
Connection: keep-alive
Content-Length: 555
Content-Type: text/html

GET
H/1.1 200
OK 61i6q3jvgok-902340.ts Show response
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame 716F 519 KB
520 KB 98ms
65ms XHR
video/mp2t 62.182.85.222
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/61i6q3jvgok-902340.ts
Requested by: Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: host-222.dedicated.vsys.host
Software: nginx/1.24.0 /
Resource Hash: 54182686f33a8148bc154078aa30022fbbada081df69886fb3e48ba8d8ad9b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xglpk2pks34we7g.harmquantity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 08:36:20 GMT
Last-Modified: Sun, 24 Mar 2024 08:35:25 GMT
Server: nginx/1.24.0
ETag: "65ffe5cd-81d8c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 531852

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newsoccer.store/	1970-01-21 04:06:45	Name: HstCfa4604282 Value: 1711269378885
newsoccer.store/	1970-01-21 04:06:45	Name: HstCla4604282 Value: 1711269378885
newsoccer.store/	1970-01-21 04:06:45	Name: HstCmu4604282 Value: 1711269378885
newsoccer.store/	1970-01-21 04:06:45	Name: HstPn4604282 Value: 1
newsoccer.store/	1970-01-21 04:06:45	Name: HstPt4604282 Value: 1
newsoccer.store/	1970-01-21 04:06:45	Name: HstCnv4604282 Value: 1
newsoccer.store/	1970-01-21 04:06:45	Name: HstCns4604282 Value: 1
xglpk2pks34we7g.harmquantity.net/	1970-01-20 19:21:11	Name: hf1 Value: 1
ctrtrk.com/	1970-01-21 04:57:09	Name: uniqid Value: 5256f811-26d7-469b-a6db-f9de30a0c3f4

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://newsoccer.store/(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/827a06f337bbd0e0ce1a286c849a998f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://newsoccer.store/(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/827a06f337bbd0e0ce1a286c849a998f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.topcreativeformat.com/827a06f337bbd0e0ce1a286c849a998f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl21685906.toprevenuegate.com/8f/52/58/8f5258d996a2cb582de4ae222da7ab6b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://xglpk2pks34we7g.harmquantity.net/embed/61i6q3jvgok(Line 6) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsoccer.store/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/61i6q3jvgok-699404580.ts Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awistats.com
cdn.jsdelivr.net
ctrtrk.com
fonts.googleapis.com
newsoccer.store
pl21685906.toprevenuegate.com
s10.histats.com
s4.histats.com
swarm.video
v3.sportsonline.so
whos.amung.us
widgets.amung.us
www.topcreativeformat.com
xdgelyt.com
xglpk2pks34we7g.harmquantity.net
xmvtakdywcbqsrju.cdnorange.net
youradexchange.com
149.56.240.129
172.240.108.76
188.114.96.3
192.243.59.20
199.188.200.140
2606:4700:10::6814:4373
2606:4700:10::6816:4bab
2606:4700:3031::6815:4a1b
2606:4700:3033::ac43:b1d6
2606:4700:3036::6815:555c
2606:4700:3036::ac43:a055
2606:4700::6810:5614
2a00:1450:4001:806::200a
2a06:98c1:3120::3
62.182.85.222
77.247.108.96
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0c25518e85ab5791fa4e98d69365f8140c65c18f0b796ea742e3cea7f8ba8ad0
17c49cde3f7ebb118f96fab52bdb8431e57b555bdd1bd2d8108248198164b0e6
1ab67c484ea20fba6ff30029b55fc05a95ed7213bac772a59e5352c9a5819043
226852bfe8e06e67797efae044bc0a379838a32c91b377a09487d6989739f9e7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
3d68cfb68c4b5eb4e0826027bb9a21c20b06b418f259e8ad55fa93a59f411502
54182686f33a8148bc154078aa30022fbbada081df69886fb3e48ba8d8ad9b2f
6b8bdded194a1f0bf8dc12e604fea76e42f4d384fb389db97844561bae739efb
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
8006c7f7acf4297d74c1f112349ed89db365fd9e6ab528af70a96468892d32fb
80dc5670eb4340efb4c15cce80a7c6a65665ee8b935aa3f56133d27b645c00ed
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
ade119e82e9fe37b9977eb568476f8459f983538be7121a52542b1c5f894cb4e
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
cc520d066359a74bc74c26a61dfd1171871da9d0044c37d86e3c08f3b29d1f8d
da688330e2983c606206a01cdb1f741302cb1c9ebc6733ae0575f18e772fcbd5
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dfe12272f376e569117a6c051c70571ee96b855abc69f2e43feffa6deb49e204
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

newsoccer.store Open in urlscan Pro 199.188.200.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

91 %HTTPS

56 %IPv6

15 Domains

17 Subdomains

17 IPs

5 Countries

1073 kBTransfer

2456 kBSize

9 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsoccer.store Open in urlscan Pro
199.188.200.140 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

91 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

17
IPs

5
Countries

1073 kB
Transfer

2456 kB
Size

9
Cookies

32 HTTP transactions
1 data transactions