to.xrivonet.info Open in urlscan Pro
2606:4700:3033::6815:2461  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://sportzonline.to/channels/hd/hd6.php HTTP 301
• https://sportsonline.to/channels/hd/hd6.php

Request Chain 32

• http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120 HTTP 301
• https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120

Request Chain 67

• https://whos.amung.us/cwidget/sportsonline/000000ffffff.png HTTP 307
• https://widgets.amung.us/draw/?w=colored&n=20100&c=000000ffffff&p=

Request Chain 94

• https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
• https://widgets.amung.us/draw/?w=colored&n=57000&c=000000ffffff&p=

Request Chain 113

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 116

• https://x.bidswitch.net/sync?dsp_id=303&user_id=labwvzBZqLhc HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=labwvzBZqLhc HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6ec5dabf-f572-477f-96a1-57b2556df922&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 117

• https://sync.crwdcntrl.net/map/c=14777/tp=MIGD/tpid=labwvzBZqLhc HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=14777/tp=MIGD/tpid=labwvzBZqLhc

Request Chain 118

• https://creativecdn.com/cm-notify?pi=mgid HTTP 302
• https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
• https://cm.mgid.com/m?cdsp=501037&c=llwJ0Yxrwu8h1veGrz9o&pi=mgid&tc=1

Request Chain 119

• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
• https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=6ec5dabf-f572-477f-96a1-57b2556df922 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=340&user_id=7d0b66ea-4988-4ffa-ac48-9a13942372bc&expires=10&ssp=mgid&bsw_param=6ec5dabf-f572-477f-96a1-57b2556df922 HTTP 302
• https://cm.mgid.com/m?cdsp=433145&c=6ec5dabf-f572-477f-96a1-57b2556df922&gdpr=&gdpr_consent=&us_privacy=

Request Chain 121

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://cm.mgid.com/m?cdsp=371158&c=a89e8adf-b0ed-4160-8021-67e377269dc1&ttl=1639253852

Request Chain 122

• https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=labwvzBZqLhc HTTP 302
• https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6717864296177844642&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 123

• https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://cm.mgid.com/m?cdsp=665953&c=3447be84-ab54-4820-821f-e20c3a4e8e43

Request Chain 125

• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFid3Z6QlpxTGhj&muidn=labwvzBZqLhc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFid3Z6QlpxTGhj&muidn=labwvzBZqLhc&google_tc= HTTP 302
• https://cm.mgid.com/google?muidn=labwvzBZqLhc&google_ula={guid},5&google_gid=CAESEIwn317N7OeOzzZKi1eMYlU&google_cver=1

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request aj6.html Show response to.xrivonet.info/	57 KB 16 KB	408ms 384ms	Document text/html	2606:4700:3033::6815:2461 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700:3033::6815:2461 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41aafe366e617fa0ced6ec96833f27f437437ad3b4332e14481f2d35616d23db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Response headers Date Thu, 11 Nov 2021 20:17:30 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Mon, 09 Nov 2020 18:02:30 GMT vary Accept-Encoding,User-Agent x-turbo-charged-by LiteSpeed CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLtueNruYR%2F6Nt8nCQNxJMFRRCTSbS0OeWpo6WVswzj0QxpD%2FazgAKLTMUle77PktiZ1CEEJ6Tn%2F%2FSF9GNKT4V9ZRAe02C6Bbppy4HmDq7IXNjNrkfMPPRehHX5ERP0wXsXOWKdNCpx%2FZDeSy7Ll"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6aca34556ccff927-MXP Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	109ms 43ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-153096092-1 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c5dc7a34ae72e0b20102d9d54e640b32c811a82af1dafbe6d3b121f2b7c560ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36125 x-xss-protection 0 last-modified Thu, 11 Nov 2021 19:09:41 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 11 Nov 2021 20:17:30 GMT
GET H2	200	16153472-css_bundle_v2.css www.blogger.com/static/v1/widgets/	42 KB 9 KB	128ms 37ms	Stylesheet text/css	2a00:1450:4001:827::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/16153472-css_bundle_v2.css Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 06:17:51 GMT content-encoding gzip x-content-type-options nosniff age 136779 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8912 x-xss-protection 0 last-modified Thu, 02 Jul 2015 01:50:07 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Thu, 10 Nov 2022 06:17:51 GMT
GET H2	200	authorization.css www.blogger.com/dyn-css/	1 B 684 B	237ms 147ms	Stylesheet text/css	2a00:1450:4001:827::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3127189521511558727&zx=d740d3e9-2abb-42bf-b18d-41c9a8d4501c Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport content-encoding gzip x-content-type-options nosniff last-modified Thu, 11 Nov 2021 20:17:31 GMT server GSE date Thu, 11 Nov 2021 20:17:31 GMT x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." cache-control no-cache, no-store, max-age=0, must-revalidate content-type text/css; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response d141wsrw9m4as6.cloudfront.net/	329 KB 110 KB	247ms 221ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash b33e39cec6c455279805d2e0c97ee10bfbbf26a82787574ac49b509ccc315749 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 111739 Via 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront) X-Amz-Cf-Id cSjxNlVkd9TDD_2XtDaIpAVBcoJNOUn4gYQz0RiFVfQXcO3EUFJ0eQ==
GET H/1.1	200 OK	/ Show response d141wsrw9m4as6.cloudfront.net/	163 KB 49 KB	246ms 220ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash c0e5b4110d5aaa0070bdf7d7ab665f75458845b0aac255e83d14650cd07d25b8 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 49300 Via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) X-Amz-Cf-Id mOHNg46by9C4HrEQmRlVD-zxJrqGVYWty4bdliOKgj_Di5itxHkLEA==
GET H/1.1	403 Forbidden	61b9671524e2ca246e7898cf092e4832.js pl164625.pvclouds.com/61/b9/67/	0 0	571ms 207ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://pl164625.pvclouds.com/61/b9/67/61b9671524e2ca246e7898cf092e4832.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:31 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET		6507 latheendsmoo.com/ra3bOSAfVZZG/	0 0
GET H/1.1	200 OK	icon18_wrench_allbkg.png img1.blogblog.com/img/	475 B 1 KB	90ms 46ms	Image image/png	2a00:1450:4001:827::2009 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://img1.blogblog.com/img/icon18_wrench_allbkg.png Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 00:29:35 GMT X-Content-Type-Options nosniff Last-Modified Wed, 10 Nov 2021 20:57:00 GMT Server sffe Age 71275 Report-To {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Type image/png Cache-Control public, max-age=604800 Cross-Origin-Resource-Policy cross-origin Accept-Ranges bytes Content-Length 475 X-XSS-Protection 0 Cross-Origin-Opener-Policy-Report-Only same-origin; report-to="blogger-tech" Expires Thu, 18 Nov 2021 00:29:35 GMT
GET H/1.1	200 OK	display.php Show response www.adnetworkperformance.com/a/	6 KB 3 KB	180ms 144ms	Script application/javascript	130.211.17.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.adnetworkperformance.com/a/display.php?r=404241 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 130.211.17.196 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 196.17.211.130.bc.googleusercontent.com Software openresty / Resource Hash b634ab29481b5aeadf796efcf28ed5b5e5baf0e45ee5d8ed07f90689544eb82b Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:30 GMT Content-Encoding gzip Transfer-Encoding chunked Server openresty Via 1.1 google Content-Type application/javascript; charset=utf-8
GET		emb.js st.chatango.com/js/gz/	0 0
GET H2	200	3190386002-widgets.js Show response www.blogger.com/static/v1/widgets/	91 KB 91 KB	130ms 42ms	Script text/javascript	2a00:1450:4001:827::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/3190386002-widgets.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 14:27:57 GMT x-content-type-options nosniff age 366573 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93271 x-xss-protection 0 last-modified Thu, 02 Jul 2015 01:50:07 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Mon, 07 Nov 2022 14:27:57 GMT
GET H2	200	plusone.js Show response apis.google.com/js/	52 KB 21 KB	137ms 71ms	Script application/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 511f8561b603e4f56ab12288e6a49f64f8485dc6b65d113012a870b9876e0fdd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-KxCW/I+nxS3YaaZfrl0+IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:30 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "bb7c0aabb9111968180ffe6965bd80fc" x-frame-options SAMEORIGIN report-to {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-KxCW/I+nxS3YaaZfrl0+IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS" expires Thu, 11 Nov 2021 20:17:30 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	87ms 26ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153096092-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1017 date Thu, 11 Nov 2021 20:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 11 Nov 2021 22:00:34 GMT
GET H/1.1	403 Forbidden	invoke.js www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/	0 0	261ms 209ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:31 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 206 B	35ms 34ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=580988002&t=pageview&_s=1&dl=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&ul=en-us&de=UTF-8&dt=RivoRD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1933752235&gjid=1595820317&cid=336353601.1636661851&tid=UA-153096092-1&_gid=104875156.1636661851&_r=1&gtm=2ouba1&z=1352039184 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://to.xrivonet.info cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	utx Show response withexdcel.biz/	0 415 B	219ms 130ms	XHR text/plain	13.225.78.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://withexdcel.biz/utx?cb=pWQkolafrEiT&top=to.xrivonet.info&tid=622073 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-21.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:31 GMT via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://to.xrivonet.info cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id q-IrZKVIpxO-fvO6z40WuhgWnIpz-C6VQwYyHjyALu0qN92S6RfFvQ==
GET H/1.1	200 OK	FzgmGDJBExgZCRdEJx9eBj5TMjZV Show response withexdcel.biz/Z2d5a3YGBRoGSQZaG00DFQtETkQhQkstElZTSBwFFRBABkIGFE9FFQsIDA8QFQgXH1gJAg1ORCEjIwASLioSHDAsJCM+FR8uDCc3XlEvIyBTJSFSNyszDQ8/Dz1PKTATVjscNBADEVojPjMBIj0hE0oJGlMTOig0ViE6AD8tLywvFwAEEyARXl... Frame C2D5	3 KB 2 KB	161ms 146ms	Document text/html	13.225.78.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://withexdcel.biz/Z2d5a3YGBRoGSQZaG00DFQtETkQhQkstElZTSBwFFRBABkIGFE9FFQsIDA8QFQgXH1gJAg1ORCEjIwASLioSHDAsJCM+FR8uDCc3XlEvIyBTJSFSNyszDQ8/Dz1PKTATVjscNBADEVojPjMBIj0hE0oJGlMTOig0ViE6AD8tLywvFwAEEyARXlMoLztTPyoPFCsOCQk4NghLITAqVT1ZM14ySi46LCMzCT8mCBQJJyYsLFkaUyFKXiEFHUAJPwAuFjtGIRcvIxUKNRQHIwNUEigvCz0QDkUlFy8jFUJVPzwPLTYaWUYlIxIlRwIiCV0jClINKj4QLzcRWw8CMjkzDiwVABoiCjNdEi8LLwgxPiUcADhWAjsEGCMNNAcuCgssKTFXJh8qGRIuSA8GMS8aHSAeXzcgMSI/HwcvDC48KhwkHjMfNyYXHwgbPiQgBzwfAg4bHzJUNx83LxAvIR9SMykMTw4CFzlDMT87Bjc/FzgmGDJBExgZCRdEJx9eBj5TMjZV Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol HTTP/1.1 Server 13.225.78.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-21.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash f53eca4ab5e2463981555864533dd20d38e56efd0a935137054b0ffbe721f8f9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Content-Type text/html Content-Length 1226 Connection keep-alive Date Thu, 11 Nov 2021 20:17:31 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id MVe5FZUMtaYdFRX6fUgSkSlhAj3XhXtNUlC9nKSGZEhoSx92scLmqA==
GET H/1.1	200 OK	AzoaNnwADDEnXBA1ARlXBCcFJHcOFxE5ZDouFTJxFCABMHIOPREnYxA5AUNkOi4VNGJmKQIwYhI9LR14FwMNPGgANg4gAAwNFUFxASgVRWYAPgUXcT42Aid0HAoBIB0yJgZAAR4uOCtTFy4kNHMuBxskeBgrBh1DGTgFQWICAxUwcQQqHTJmbz8BJ1wFOiNFdxQub... Show response sitecham.xyz/VHEwVm81E1M7UDVMUnAaJh0Nc10SVAIQC2VFASEcJgYJO1s1AgZ4DDgeRTIJJh5eIkE6FERzXRJGUWQmIyteByYQJwQXPCxJfAApIDJlZzYdJGUAIRc0fRwoPAVWBAgRCWgFABA9YxMKEjRYFy4WNHcSOQ4iciEhMTBlOiEWQAQQPAIBdQM+HSZm... Frame FDD7	3 KB 2 KB	162ms 136ms	Document text/html	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://sitecham.xyz/VHEwVm81E1M7UDVMUnAaJh0Nc10SVAIQC2VFASEcJgYJO1s1AgZ4DDgeRTIJJh5eIkE6FERzXRJGUWQmIyteByYQJwQXPCxJfAApIDJlZzYdJGUAIRc0fRwoPAVWBAgRCWgFABA9YxMKEjRYFy4WNHcSOQ4iciEhMTBlOiEWQAQQPAIBdQM+HSZmOjYDNEgAOBBACDUnBRJ/AzoaNnwADDEnXBA1ARlXBCcFJHcOFxE5ZDouFTJxFCABMHIOPREnYxA5AUNkOi4VNGJmKQIwYhI9LR14FwMNPGgANg4gAAwNFUFxASgVRWYAPgUXcT42Aid0HAoBIB0yJgZAAR4uOCtTFy4kNHMuBxskeBgrBh1DGTgFQWICAxUwcQQqHTJmbz8BJ1wFOiNFdxQubSdhZjYgJkcAJgY0ZgEtOCd9BDk3NGFmNTY0ZhMuEiNbGikCIEkOAxE5YxMLMCN1AA1yG0M5ASRMRjEqYjkDHTohB0g Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol HTTP/1.1 Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 3e6a2b413903a3d33ce97d1328c43be2ec0ab0cc21a3f72c1aa90ebceb0a55c9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Content-Type text/html Content-Length 1208 Connection keep-alive Date Thu, 11 Nov 2021 20:17:31 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id OlfEQNExnbORAS-5KFvA1z6pgBlijjg-IufDiXpqmL7PtNUp7GaBvw==
GET H/1.1	200 OK	JQY4OGgBWxBwAAYzZCEkDwgiMQ Show response sitecham.xyz/VmlWSFU3CzUlajdUNG4gJAVrbWcQTGQOMWddZz8mJB5vJWE3GmBmNjoGIywzJAY4PHs4DCJtZxADGB1kJD0CJAIfDgM6Fz0sPQxmFyYXAAc1DCEvARwRMSEDZj8hGB1vTGQOEQQOYQ4iIgoGDBwlPQMwJx4TMiwWHlgYAQM+Cx0kDyQxEDsgAAch... Frame 91B7	3 KB 2 KB	154ms 135ms	Document text/html	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://sitecham.xyz/VmlWSFU3CzUlajdUNG4gJAVrbWcQTGQOMWddZz8mJB5vJWE3GmBmNjoGIywzJAY4PHs4DCJtZxADGB1kJD0CJAIfDgM6Fz0sPQxmFyYXAAc1DCEvARwRMSEDZj8hGB1vTGQOEQQOYQ4iIgoGDBwlPQMwJx4TMiwWHlgYAQM+Cx0kDyQxEDsgAAchLgMVAhwrFGY9GQklIT8QJ2YXABAeAxEBDAsiIQswHWBzWxALB2ZfFyEbMj48Jww3KCUOHC5QOQsiAFEBehgcLB58JTcoJQ4aMSA8DCIQBgEJbTUrZXgBMx5mKzQQBW8fEANQFDE9GTwVcBQcLGYZMy9EZ3wWMSM8Hx0lChR7ZBIjOg4XHygyJxZlMzkfDWc/DgsMGQgXOxMdDmI9ADoZPRw7biMAIQAMIDoaBDcvPQQUFys8H2cbJxd7YAIwIT8XNy86cQY6OCQLP284EwBtIgwXJxYPWD5/HWYrIW4/JQY4OGgBWxBwAAYzZCEkDwgiMQ Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol HTTP/1.1 Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 32f4598471919602554417d6e662e52281ae1c6bd54e1dc8811e98eb14bfad67 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Content-Type text/html Content-Length 1218 Connection keep-alive Date Thu, 11 Nov 2021 20:17:31 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id 8DokT5JXikZC_EktomNPLtyFUgYN07b7Ze0dX8MPI7k035Sxva7_DA==
GET H2	204	utx Show response sitecham.xyz/	0 414 B	174ms 116ms	XHR text/plain	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sitecham.xyz/utx?cb=BxUYAvyRAeWK&top=to.xrivonet.info&tid=712339 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:31 GMT via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://to.xrivonet.info cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id ejB85ijf-m_POV_GoS8IMJa-VGRkWfWi_eYMoTuGOMhQgipG852eLA==
GET H/1.1	200 OK	BQMjMy59IA Show response sitecham.xyz/eWwxVmoYDlI7VRhRU3AfCwAMc1g/SQMQDkhYACEZCxsIO14YHwd4CRUDRDIMCwNfIkQXCUVzWD8UZDoOEw93ORI2LQEBMCo1FGQoO1wAIjNLOmAHWDdcYQQrHyJyHBs0FgEDOjtYfh9YTSR5PwEAKlgEEj8bXnNYOw4DMiwxKEJuJz9ZZgYQDlxp... Frame A54B	3 KB 2 KB	155ms 140ms	Document text/html	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://sitecham.xyz/eWwxVmoYDlI7VRhRU3AfCwAMc1g/SQMQDkhYACEZCxsIO14YHwd4CRUDRDIMCwNfIkQXCUVzWD8UZDoOEw93ORI2LQEBMCo1FGQoO1wAIjNLOmAHWDdcYQQrHyJyHBs0FgEDOjtYfh9YTSR5PwEAKlgEEj8bXnNYOw4DMiwxKEJuJz9ZZgYQDlxpPSxBIUsbKC07BGYjASFXGz1BSQMUKysHWwYDIDx0BStOD2MPOCMWCWItKwcDBgAjK2A+EhcJZxg8GCt7c1g/KnM9WjcGVgMrSlVWDB1JKVdkKBc5WhRaIAJ7BycXVVYMEig2fxE4Ez5aGzMdXmcCKT4UXDABVDZyNwA0AnQuHVxedxw+MC52LCcUD10TWBtedzE+LCJCMlgvOGYSL08lRmIJH15wAzgSJkAGAE0ldw5THjZGBzw2OFpiORU6Xg8AKCBwPD9cXncbASMveREeEDhkFFojAXcHOTE+Xw9aIy9QPy9LLmMTBTZfewQkFFVZDy9IKFMeOxA0VnAACgNfJlcpIX84IxQ/BQMjMy59IA Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol HTTP/1.1 Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 6764cef3c915ec4059020a2a4094f24c67f6ce2ee2d500916f70aff93f388361 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Content-Type text/html Content-Length 1240 Connection keep-alive Date Thu, 11 Nov 2021 20:17:31 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id VsZJy3aUweqmiQboFHrXWEmMs49MKL1ZSFqUbIauPyXp3QF3r8TZTw==
GET H2	204	ZgVXAnhjDFo sdebatical.one/NG83SVAbUFQ6bWcofR8Kci1PHD1yPm4BIGI2WxsgUgNDJQZZPhE9OVBSAXtiBFgEbyBdCwp4dkcbVj0lR1IGbzlaCVh0dkJSBmdjAEEFen4CSUM5MVNSBm8gQBtbdGECXAF/	0 263 B	217ms 167ms	Image text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sdebatical.one/NG83SVAbUFQ6bWcofR8Kci1PHD1yPm4BIGI2WxsgUgNDJQZZPhE9OVBSAXtiBFgEbyBdCwp4dkcbVj0lR1IGbzlaCVh0dkJSBmdjAEEFen4CSUM5MVNSBm8gQBtbdGECXAF/ZgVXAnhjDFo Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN84F4g8lwkGhimtxyUw4cDdS3qXmBzgoBGIeQ9D%2FWmxqztPLmFS704gj7Dy%2FXIhEhFvQPParXCJsWIy80TVUp8UO%2F0aS9%2Bub4od0St6UkTxIVdBSLcnJeLBrOp8CaVGTo9t6M6KcVD9nPPOFw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca345bcc443747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	177ms 110ms	Image text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	190ms 104ms	Image text/html	2a00:1450:4001:830::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	220ms 134ms	Image text/html	2a00:1450:4001:830::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	204	eGNFc3lXXCYARDUNDEM0FQQNIA49KBIyKz0hFAMcOSYqOzg+EGMHEBxeckJLS1B8VQkRB3hBQF4QMRINDRB4Ql8RDSMcRF4VeEJXSE1wR1dIRTEDGB9edFUJDBcpTkhOUHNFT0lbcEJNSlE sdebatical.one/	0 263 B	193ms 145ms	Image text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sdebatical.one/eGNFc3lXXCYARDUNDEM0FQQNIA49KBIyKz0hFAMcOSYqOzg+EGMHEBxeckJLS1B8VQkRB3hBQF4QMRINDRB4Ql8RDSMcRF4VeEJXSE1wR1dIRTEDGB9edFUJDBcpTkhOUHNFT0lbcEJNSlE Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVj2aLitNY2snYSXhQBgyGBH%2FYeglp5gJDIJOcYNIRQzwITOa3usMo52qZ2a9H2rBWnj6IL%2BP9jVnSSFnc6SlU2rSH%2FXYDMifiqhWZUEHtMHXXVsdCZfQrSZSj1PKJn4DpUEZBMEEnOGOcGQYw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca345bcc473747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	utx Show response sitecham.xyz/	0 416 B	165ms 118ms	XHR text/plain	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sitecham.xyz/utx?cb=ivlfG8xfBrXU&top=to.xrivonet.info&tid=826383 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:31 GMT via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://to.xrivonet.info cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id Kd-8MMpjFGnq68zxCGAmOcrFLSYPp_Xq3zJefCgad_jPvPx9m_DFmA==
GET H/1.1	200 OK	Oz03Dg Show response sitecham.xyz/eEpVY0wZKDYOcxl3N0U5CiZoRn4+b2clKEl+ZBQ/Cj1sDngZOWNNLxQlIAcqCiU7F2IWLyFGfj4jAFAWExtlUzs/GzoPLxEpMyIETXsMNg4gL2ZWfTAINhAFAQQZKysxfBMUGRYEFltpSggAIQ1NAQJWCykjbRAcKgwPOR8fcxM1IAErLyofOiRg... Frame AC4F	3 KB 2 KB	143ms 127ms	Document text/html	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://sitecham.xyz/eEpVY0wZKDYOcxl3N0U5CiZoRn4+b2clKEl+ZBQ/Cj1sDngZOWNNLxQlIAcqCiU7F2IWLyFGfj4jAFAWExtlUzs/GzoPLxEpMyIETXsMNg4gL2ZWfTAINhAFAQQZKysxfBMUGRYEFltpSggAIQ1NAQJWCykjbRAcKgwPOR8fcxM1IAErLyofOiRgVigpAwAvDyI/FBQjFgERNio7IwwTKCkHEwUlOXIRInwOAwEpGC4tA1cqLRAXABRJfRQyfAwBARQOPngPRn4+Ey0EHSIkbAkeSRghBRQiDB8OFl14Ezo7PQQZOzgWH2QADhkNEyQEMBxgBiA2HTYaOxIIMk4rFQU/Ohk8MzpWKBMbPAciTSECJShJKxIlCywJMg8GADkcOSJAGwBSFgIDAQwoOR0PRn4+Ey0mDjEJDFsUSAwtBRg5LxMKOx8EOS0bOhIHDhs+GCEGGy4MDSR9TBBkLRsbMGEaCTkfLSkEIg8cDRZdeBc5ChASMTQ/FRkiRSYLJTsTcQILIic/Oz03Dg Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol HTTP/1.1 Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash efedccb919334c333b28458c57722dddd82e0be2bfae29e874bf54d86962dade Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Content-Type text/html Content-Length 1226 Connection keep-alive Date Thu, 11 Nov 2021 20:17:31 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id tnuwKDBm9I4jXhR7vHSKmU1Nn2USJHHE5k89EKwVJON2lIXzxxn6dA==
GET H2	204	bFdQZWhDaDMWVQkCI1YlAScAAx9UFQUOXVkWATMxOB9kKikAMHYRAQhqaFdeX29jQxgFM21WWkokJAQcGSRtVE4FOTYKVUohbVVGVHllS1hKIyAED1FmdhUcGDttVF5fYWZTWVRiYVFbXw sdebatical.one/	0 538 B	176ms 142ms	Image text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sdebatical.one/bFdQZWhDaDMWVQkCI1YlAScAAx9UFQUOXVkWATMxOB9kKikAMHYRAQhqaFdeX29jQxgFM21WWkokJAQcGSRtVE4FOTYKVUohbVVGVHllS1hKIyAED1FmdhUcGDttVF5fYWZTWVRiYVFbXw Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGj90%2B4Cqqf%2FiuWyLK1NkTH%2F3yiSU4jniVAosF9%2BixVnhP%2FKz3Bi%2BK2dL6cBYjh5wwdvH7BDW0lp2V%2FiP1FisHMaj2cMKMwBfZe9m2Dlmey7BAXMk5u12xLhBb3irXlJd7urD%2FKDwgb1fT62bQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca345bcc493747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	bBgsPCd3Q2QsdXpfenR9ZEFkLjgrFn9rbjoFNjZ1e0dxbH58QHpveX5Cdg sdebatical.one/cUJaSEpefTk7dyYvEH4eNBApHiE7Z2gOLDZzCxwCBXA4eS41JBIRbAUrPnVyQ3RpcHlXMjMsd0JwfDs+EDYvO3dDcmp/	0 257 B	178ms 143ms	Image text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sdebatical.one/cUJaSEpefTk7dyYvEH4eNBApHiE7Z2gOLDZzCxwCBXA4eS41JBIRbAUrPnVyQ3RpcHlXMjMsd0JwfDs+EDYvO3dDcmp/bBgsPCd3Q2QsdXpfenR9ZEFkLjgrFn9rbjoFNjZ1e0dxbH58QHpveX5Cdg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K15PnkApsYDzD%2BvIZNJqnySN1lNgGHPDRZAMqSsuAuhR20X9u9WYdOzma5T6e5r1UiOos2taBPesST3REw6z9635REah17JL2h5oVYNt5QJvr9BXWFQ8lERC11D9zl4h9Ep5RChpvHUryCvP1A%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca345bcc453747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	compatibility.js Show response celeritascdn.com/script/	20 KB 8 KB	67ms 43ms	Script application/javascript	2606:4700::6810:5b06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://celeritascdn.com/script/compatibility.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2261 X-GUploader-UploadID ABg5-UzqqR1jO3VuJXBc8ioy1uremslRgbUcRQAUURfZJMkPOuwogl5w90FWKiXgFNbxexI7H90u5eyGzAAVWfiyy7s x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server cloudflare ETag W/"c2bbc1e2544049cb035c321919bef2bc" Vary Accept-Encoding x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 20647 CF-RAY 6aca345bbfdbf92f-MXP Expires Fri, 12 Nov 2021 00:17:31 GMT
GET H2	200	hd6.php Show response sportsonline.to/channels/hd/ Frame DADE Redirect Chain https://sportzonline.to/channels/hd/hd6.php https://sportsonline.to/channels/hd/hd6.php	2 KB 2 KB	363ms 308ms	Document text/html	2606:4700:3033::6815:4b45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sportsonline.to/channels/hd/hd6.php Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4b45 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 737a3f8206a8522d110da995d2ac6e11ab140a7323762ba5283208c7c32e43f4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-type text/html x-powered-by PHP/5.4.16 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj3hm9Jnw5y2EZVEcw8%2B6k3OIDuHD4b%2BJqWQsOniM3Xr2IYPfR3DEcH%2FYS0Qher%2Bz6B2kHynwgQMYCi6Ty66hCHv%2BoxhsEcAkDsWjY0wFK3Ap%2BP7viN%2FIhwftEoGofisdTacJ05jDUMDlg5ybE0%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6aca345c78f9374f-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Thu, 11 Nov 2021 20:17:31 GMT cache-control max-age=3600 expires Thu, 11 Nov 2021 21:17:31 GMT location https://sportsonline.to/channels/hd/hd6.php expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPNJeLhqxvtShpkgxj80A6dUn0NkLaZfN54NUP9EVuHS0hhx92KdQAG6HZ%2B0ro4VxRpzpzK7Kv8x2wHsLevlj8V8VwYNT%2FepJ6Cg149TfmWRfUWkudQFNPnIKE4LNu8NdUpENBa6dJOF8Szd0zQ%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6aca345bfc5f0e26-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	xrivonet.info.266699.js Show response jsc.mgid.com/x/r/ Frame 729A Redirect Chain http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120 https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120	2 KB 1 KB	74ms 35ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e18f64de02617aaeaa15c377b53904baa26536d6fdd5dd319ba1794bd18c27c1 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br cf-cache-status HIT age 1629 last-modified Wed, 03 Nov 2021 11:33:15 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id PTYCFZBD7ZTFM84Y x-amz-id-2 eV5Lm1jFOrJml3s/6zFi2WZPolbphRk0get0sm61WoUUu2WiJpyLf769Yrpu+slJjIYOOVOV8i4= cf-bgj minify server cloudflare etag W/"9fc19cc9130fad65d8bd9f443a85f99d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6aca345c5c2f0e1e-MXP expires Thu, 11 Nov 2021 23:17:31 GMT Redirect headers Date Thu, 11 Nov 2021 20:17:31 GMT Server cloudflare Vary Accept-Encoding Location https://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120 Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 6aca345bdff059e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Expires Thu, 11 Nov 2021 21:17:31 GMT
GET H/1.1	200 OK	display.php Show response www.adnetworkperformance.com/ad/ Frame E232	4 KB 2 KB	168ms 167ms	Document text/html	130.211.17.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.adnetworkperformance.com/ad/display.php?stamat=m%257C%252C4d3d3IidrB1dAN0dEdHP3xP.908%252CZMkKdRAQlkuDbgTABrav5CmTL57v_Qh2faTVgfvVz5RzW7cn2g0ntQubSueAs6EjLhFKhwlzLdrjK8LkMxBXWsO453vgPvBVBZwq_VnOhs4%252C&cbur=0.9680853487762582&cbtitle=RivoRD&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= Requested by Host: www.adnetworkperformance.com URL: http://www.adnetworkperformance.com/a/display.php?r=404241 Protocol HTTP/1.1 Server 130.211.17.196 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 196.17.211.130.bc.googleusercontent.com Software openresty / Resource Hash eded9fcb4baabf5d46ef569425897fc62f4a4a951e1ba32de6e696bea3dff8a8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Server openresty Date Thu, 11 Nov 2021 20:17:31 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Access-Control-Allow-Origin * Link <//www.adnetworkperformance.com>; rel=dns-prefetch,<//www.adnetworkperformance.com>; rel=preconnect,<//trftopp.biz>; rel=dns-prefetch,<//trftopp.biz>; rel=preconnect Content-Encoding gzip Via 1.1 google
GET H/1.1	200 OK	pop.js Show response c1.popads.net/	30 KB 10 KB	67ms 42ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL http://c1.popads.net/pop.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2c1d923947d609eee480c2ab3d67e58e7ed8c9d329aaa6fda21b30cb14e44dbe Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers X-77-POP frankfurtDE Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-77-NZT-Ray JcCKbRmm19E= Transfer-Encoding chunked X-77-Cache HIT X-Cache HIT Connection keep-alive alt-svc quic="195.181.175.53:443"; ma=2592000; v="44,43,39" X-77-NZT AcO1rzWYR4P/lQcHAA== X-Accel-Expires @1637237958 Last-Modified Thu, 03 Jun 2021 12:12:03 GMT Server CDN77-Turbo ETag W/"60b8c713-78c7" Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Age 460693
GET H/1.1	403 Forbidden	invoke.js www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/	0 0	113ms 113ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:31 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	/ Show response freychang.fun/	16 B 729 B	176ms 128ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/?f=d56b345256d487a765c8e19bc3389dc2 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2641c5f76fdc33d99978f2c6d436ed990c482fff7ea088edba53df50b22fedde Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin http://to.xrivonet.info report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZJ6mXZ06vy6Ra4MdXgtxTq6QVG8NLTT%2B4c2eI4%2FVLm0hUw3KtCiM7zYxvaUTEDQlSYCJ8HkFZTxl2N%2BuV3Hq1gxOhuBEhcNSaQpba5ALtAsMRsz3RLkHfS7bULvSVyugN%2Ftj8U5p5Up6uAj"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6aca345c9e193756-MXP access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	identify.html Show response ufpcdn.com/script/ Frame 7889	2 KB 2 KB	173ms 148ms	Document text/html	2606:4700:3030::6815:2ed2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0a4uFxIFV%2BFBlHH%2BDpsy22fbsKq80eFQL4gjgSQww1W4wL5wZgoLSCglTztkQVCepjLL4w0aKsgMTpy%2B0Cb0FGPqzZ6atCqHNZxQBntboRYFcQQ%2B7SZNJZTBO2kkEcQWx3fy22An%2Flj"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6aca345c7aa23749-MXP Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response freychang.fun/	16 B 330 B	167ms 135ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/?f=d56b345256d487a765c8e19bc3389dc2 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02192fedcf989184560b02db17a24d67f45691bda38e2d5efa3757d60f8e4528 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin http://to.xrivonet.info report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpL9G0N3sWCmWp%2BWA9yt244UJbfALlHRnp8yn5Yk3Y1043DTkgeaZU%2B1Plj3wG9lkIwXTQolzGzHdyiml%2FASLCkhA1sMgN3Q4aCPMk1FL1%2BeUnHUuWOSaogQNZ2moCnArsZxDBmFca5KxJwz"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6aca345c9e1c3756-MXP access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	colored.js Show response widgets.amung.us/	8 KB 3 KB	95ms 49ms	Script application/x-javascript	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://widgets.amung.us/colored.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b957ea339d35a0f04ef914c475611606e5b3b326cf08cb9d68bf78bca23a6521 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT content-encoding gzip CF-Cache-Status HIT last-modified Mon, 03 May 2021 17:48:53 GMT Server cloudflare Age 1717 etag W/"60903785-1ee4" Vary Accept-Encoding Content-Type application/x-javascript access-control-allow-origin * cache-control max-age=86400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6aca345ccdf10e0e-MXP expires Fri, 12 Nov 2021 19:48:54 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.mYc-uYVYA9I.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNWbOGHtqYKMKb9Nu3Ee72oEvs7XQ/	147 KB 51 KB	42ms 39ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.mYc-uYVYA9I.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNWbOGHtqYKMKb9Nu3Ee72oEvs7XQ/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 08:45:26 GMT content-encoding gzip x-content-type-options nosniff age 559925 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51558 x-xss-protection 0 last-modified Sat, 02 Oct 2021 17:21:04 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Sat, 05 Nov 2022 08:45:26 GMT
GET H/1.1	200 OK	WyJQc20BDkN1eEp6Um5tAHwHNz-heKREiKlklEmJ6dHlVcGYBekN1eBonDjMlXmlUBG0AfAouI1dpVHcvVy8NKGEXflYkIEAjCyJtAApfcmYCYlJxewpiU3NtAHwVJi5TPg9ienR5VXBmAXpAMnU Show response d141wsrw9m4as6.cloudfront.net/DZkdIMkwFKCZUcxIuLA96VHV4BX9ALTtdIhZ6BFt1BwBwdh1UYTxIKFt3bl4tCCB1FCkIJHUDagcjKg94QDM4XSdbLipbNQo2JFM2D2E9U3ELKDJbIAombQAKU2l4F35Wbz9bIgIoP0FpVHcmRmlUd3kCYlZie3BpVHc/ Frame C2D5	653 B 872 B	190ms 190ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/DZkdIMkwFKCZUcxIuLA96VHV4BX9ALTtdIhZ6BFt1BwBwdh1UYTxIKFt3bl4tCCB1FCkIJHUDagcjKg94QDM4XSdbLipbNQo2JFM2D2E9U3ELKDJbIAombQAKU2l4F35Wbz9bIgIoP0FpVHcmRmlUd3kCYlZie3BpVHc/WyJQc20BDkN1eEp6Um5tAHwHNz-heKREiKlklEmJ6dHlVcGYBekN1eBonDjMlXmlUBG0AfAouI1dpVHcvVy8NKGEXflYkIEAjCyJtAApfcmYCYlJxewpiU3NtAHwVJi5TPg9ienR5VXBmAXpAMnU Requested by Host: withexdcel.biz URL: http://withexdcel.biz/Z2d5a3YGBRoGSQZaG00DFQtETkQhQkstElZTSBwFFRBABkIGFE9FFQsIDA8QFQgXH1gJAg1ORCEjIwASLioSHDAsJCM+FR8uDCc3XlEvIyBTJSFSNyszDQ8/Dz1PKTATVjscNBADEVojPjMBIj0hE0oJGlMTOig0ViE6AD8tLywvFwAEEyARXlMoLztTPyoPFCsOCQk4NghLITAqVT1ZM14ySi46LCMzCT8mCBQJJyYsLFkaUyFKXiEFHUAJPwAuFjtGIRcvIxUKNRQHIwNUEigvCz0QDkUlFy8jFUJVPzwPLTYaWUYlIxIlRwIiCV0jClINKj4QLzcRWw8CMjkzDiwVABoiCjNdEi8LLwgxPiUcADhWAjsEGCMNNAcuCgssKTFXJh8qGRIuSA8GMS8aHSAeXzcgMSI/HwcvDC48KhwkHjMfNyYXHwgbPiQgBzwfAg4bHzJUNx83LxAvIR9SMykMTw4CFzlDMT87Bjc/FzgmGDJBExgZCRdEJx9eBj5TMjZV Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash f8d2eed8c9eb23c0dbc57218bfe71effb26b775e7077f17d4460254009723451 Request headers Accept-Language it-IT,it;q=0.9 Referer http://withexdcel.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control max-age=31556926 Connection keep-alive Content-Length 486 Via 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront) X-Amz-Cf-Id OhzgncvGT4dBM5bHyqgWOBtodVizBErA19VaLmgOKN9Eckypk6IuIw==
GET H/1.1	200 OK	CR06AiNdWjoYaAsFIx9oCwV8W2MJEH4paAsFOgIjDwFoWA8cB30Tew0caFl9WEU9ByhOUC8AJE0Qfy-14CgJjWHscB31DJlFBIAdoC3ZoWX1VXCYOaAsFKg4uUlpkTn8JViUZIlRQaFkLAABjW2MNA35TYwwBaFl9SlQrCj9QEH8teAoCY1h7H0Bw Show response d141wsrw9m4as6.cloudfront.net/jNU1rTTlWIgUrBkEkD3AOAHRcewgTJxgiV0VwPH9/DRg7FwtcPDIsTUxrHzddCH1NIVhbKlZrXFsuVnwfVCkJcA0TOApwVFo3AiFVVGhZCwwbfU5/ Frame 91B7	178 B 568 B	187ms 187ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/jNU1rTTlWIgUrBkEkD3AOAHRcewgTJxgiV0VwPH9/DRg7FwtcPDIsTUxrHzddCH1NIVhbKlZrXFsuVnwfVCkJcA0TOApwVFo3AiFVVGhZCwwbfU5/CR06AiNdWjoYaAsFIx9oCwV8W2MJEH4paAsFOgIjDwFoWA8cB30Tew0caFl9WEU9ByhOUC8AJE0Qfy-14CgJjWHscB31DJlFBIAdoC3ZoWX1VXCYOaAsFKg4uUlpkTn8JViUZIlRQaFkLAABjW2MNA35TYwwBaFl9SlQrCj9QEH8teAoCY1h7H0Bw Requested by Host: sitecham.xyz URL: http://sitecham.xyz/VmlWSFU3CzUlajdUNG4gJAVrbWcQTGQOMWddZz8mJB5vJWE3GmBmNjoGIywzJAY4PHs4DCJtZxADGB1kJD0CJAIfDgM6Fz0sPQxmFyYXAAc1DCEvARwRMSEDZj8hGB1vTGQOEQQOYQ4iIgoGDBwlPQMwJx4TMiwWHlgYAQM+Cx0kDyQxEDsgAAchLgMVAhwrFGY9GQklIT8QJ2YXABAeAxEBDAsiIQswHWBzWxALB2ZfFyEbMj48Jww3KCUOHC5QOQsiAFEBehgcLB58JTcoJQ4aMSA8DCIQBgEJbTUrZXgBMx5mKzQQBW8fEANQFDE9GTwVcBQcLGYZMy9EZ3wWMSM8Hx0lChR7ZBIjOg4XHygyJxZlMzkfDWc/DgsMGQgXOxMdDmI9ADoZPRw7biMAIQAMIDoaBDcvPQQUFys8H2cbJxd7YAIwIT8XNy86cQY6OCQLP284EwBtIgwXJxYPWD5/HWYrIW4/JQY4OGgBWxBwAAYzZCEkDwgiMQ Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash 7ab582ab494819374698aa52cbd38a26e8c8ba1741009edf5979e7fa286b019a Request headers Accept-Language it-IT,it;q=0.9 Referer http://sitecham.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control max-age=31556926 Connection keep-alive Content-Length 182 Via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) X-Amz-Cf-Id 4Fo1pTSeJzuil7VRjWBIFjns0FkI0jMWvP21bsD0Y-IyPhh9sKTO8A==
GET H/1.1	200 OK	7a2IwZnQIDV4ASx8LVFtCU1YIUUVNCEMJGhtfRgExXSoDLSEeFEhAABEGDVZSBwNeAUlNB14FSVpEUQIWVlYWExVWD18cHQcOUUNGLVceVlFZUhgRHQUGXxEHTlAACABOUABXREVSFVU2TlAAER0FVARDRylHAlYMXVYZQ0ZbA0AWGA4VVQQfAhYVVDJeUQ-dIR11... Show response d141wsrw9m4as6.cloudfront.net/ Frame FDD7	275 B 635 B	219ms 204ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/7a2IwZnQIDV4ASx8LVFtCU1YIUUVNCEMJGhtfRgExXSoDLSEeFEhAABEGDVZSBwNeAUlNB14FSVpEUQIWVlYWExVWD18cHQcOUUNGLVceVlFZUhgRHQUGXxEHTlAACABOUABXREVSFVU2TlAAER0FVARDRylHAlYMXVYZQ0ZbA0AWGA4VVQQfAhYVVDJeUQ-dIR11HAlZcAApECxhOUHNDRlsOWQ0RTlAAAREICV9PUVlSUw4GBA9VQ0YtWwVIREVWBlVMRVcEQ0ZbEVEAFRkLFVQyXlEHSEddREVb Requested by Host: sitecham.xyz URL: http://sitecham.xyz/VHEwVm81E1M7UDVMUnAaJh0Nc10SVAIQC2VFASEcJgYJO1s1AgZ4DDgeRTIJJh5eIkE6FERzXRJGUWQmIyteByYQJwQXPCxJfAApIDJlZzYdJGUAIRc0fRwoPAVWBAgRCWgFABA9YxMKEjRYFy4WNHcSOQ4iciEhMTBlOiEWQAQQPAIBdQM+HSZmOjYDNEgAOBBACDUnBRJ/AzoaNnwADDEnXBA1ARlXBCcFJHcOFxE5ZDouFTJxFCABMHIOPREnYxA5AUNkOi4VNGJmKQIwYhI9LR14FwMNPGgANg4gAAwNFUFxASgVRWYAPgUXcT42Aid0HAoBIB0yJgZAAR4uOCtTFy4kNHMuBxskeBgrBh1DGTgFQWICAxUwcQQqHTJmbz8BJ1wFOiNFdxQubSdhZjYgJkcAJgY0ZgEtOCd9BDk3NGFmNTY0ZhMuEiNbGikCIEkOAxE5YxMLMCN1AA1yG0M5ASRMRjEqYjkDHTohB0g Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash 8e23489369323e6f246ae724a1719dc15b88d4f9d47887ddc676a382ce3cf85a Request headers Accept-Language it-IT,it;q=0.9 Referer http://sitecham.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control max-age=31556926 Connection keep-alive Content-Length 249 Via 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront) X-Amz-Cf-Id NSqJVvFFKk5KJblWRUhzEeV01_8TrKkPQbXXdqwpeuDOnQ8a8Avb2g==
GET H/1.1	200 OK	MkZCHGtiTUB0ZmFQSHRnY0ZCaiE2BREoO3JRNm9hYE1DbHQiXg Show response d141wsrw9m4as6.cloudfront.net/xUldjcFoxOA0WZSY+B01tY2VQQ2N0PRAfNCJqMz0UPB4OI24HHikyFiRxFwo+b2dFHDs8MF5WPzw0XkF8MzMBTW50IxMfMW8+ARkjPiYPESA7cRYRZz84GRk2PjZGQhxneVNVaGJ/FBk0NjgUA39gZw0Ef2BnUkB0YnJQMn... Frame A54B	574 B 831 B	207ms 191ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/xUldjcFoxOA0WZSY+B01tY2VQQ2N0PRAfNCJqMz0UPB4OI24HHikyFiRxFwo+b2dFHDs8MF5WPzw0XkF8MzMBTW50IxMfMW8+ARkjPiYPESA7cRYRZz84GRk2PjZGQhxneVNVaGJ/FBk0NjgUA39gZw0Ef2BnUkB0YnJQMn9gZxQZNGRjRkMYd2VTCGxmfk-ZCajMnExw/JTIBGzMmclE2b2FgTUNsd2VTWDE6Iw4cf2AURkJqPj4IFX9gZwQVOTk4SlVoYjQLAjU/MkZCHGtiTUB0ZmFQSHRnY0ZCaiE2BREoO3JRNm9hYE1DbHQiXg Requested by Host: sitecham.xyz URL: http://sitecham.xyz/eWwxVmoYDlI7VRhRU3AfCwAMc1g/SQMQDkhYACEZCxsIO14YHwd4CRUDRDIMCwNfIkQXCUVzWD8UZDoOEw93ORI2LQEBMCo1FGQoO1wAIjNLOmAHWDdcYQQrHyJyHBs0FgEDOjtYfh9YTSR5PwEAKlgEEj8bXnNYOw4DMiwxKEJuJz9ZZgYQDlxpPSxBIUsbKC07BGYjASFXGz1BSQMUKysHWwYDIDx0BStOD2MPOCMWCWItKwcDBgAjK2A+EhcJZxg8GCt7c1g/KnM9WjcGVgMrSlVWDB1JKVdkKBc5WhRaIAJ7BycXVVYMEig2fxE4Ez5aGzMdXmcCKT4UXDABVDZyNwA0AnQuHVxedxw+MC52LCcUD10TWBtedzE+LCJCMlgvOGYSL08lRmIJH15wAzgSJkAGAE0ldw5THjZGBzw2OFpiORU6Xg8AKCBwPD9cXncbASMveREeEDhkFFojAXcHOTE+Xw9aIy9QPy9LLmMTBTZfewQkFFVZDy9IKFMeOxA0VnAACgNfJlcpIX84IxQ/BQMjMy59IA Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash 40d4948eb39b95f79c460c13cc5cec270ed66b108c37b1636da8927ec5a603c9 Request headers Accept-Language it-IT,it;q=0.9 Referer http://sitecham.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control max-age=31556926 Connection keep-alive Content-Length 445 Via 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront) X-Amz-Cf-Id BBnf6yqfcaL5cVd0Y7ylv6rT1FuUpqEgr914Ao4xVotW7oczXNKBiQ==
GET H/1.1	200 OK	YxEBICY8X0FxfTAeFiwgNlNWBXRmWFRteWVFXG14Z1NWcz4yEAUxJHZEInZ+ZFhXdWsmSw Show response d141wsrw9m4as6.cloudfront.net/iU3ZkQ00wGQolcicfAH51YUBXe351HBcsIyNLHgI6FwUnNC8+UBA5KW5GQi8sPRFZZSg9FVlyazISBn55dQIULCZuAwonKDUfCiYpdQMFfiA8DA0vITJTVgV4fUZBcX17AQ0tKTwBF2Z/YxgQZn9jR1RtfXZFJmZ/YwENLX... Frame AC4F	437 B 727 B	202ms 187ms	Script text/plain	13.225.84.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d141wsrw9m4as6.cloudfront.net/iU3ZkQ00wGQolcicfAH51YUBXe351HBcsIyNLHgI6FwUnNC8+UBA5KW5GQi8sPRFZZSg9FVlyazISBn55dQIULCZuAwonKDUfCiYpdQMFfiA8DA0vITJTVgV4fUZBcX17AQ0tKTwBF2Z/YxgQZn9jR1RtfXZFJmZ/YwENLXtnU1cBaGFGHHV5elNWcywjBg-gmOjYUDyo5dkQidn5kWFd1aGFGTCglJxsIZn8QU1ZzITodAWZ/YxEBICY8X0FxfTAeFiwgNlNWBXRmWFRteWVFXG14Z1NWcz4yEAUxJHZEInZ+ZFhXdWsmSw Requested by Host: sitecham.xyz URL: http://sitecham.xyz/eEpVY0wZKDYOcxl3N0U5CiZoRn4+b2clKEl+ZBQ/Cj1sDngZOWNNLxQlIAcqCiU7F2IWLyFGfj4jAFAWExtlUzs/GzoPLxEpMyIETXsMNg4gL2ZWfTAINhAFAQQZKysxfBMUGRYEFltpSggAIQ1NAQJWCykjbRAcKgwPOR8fcxM1IAErLyofOiRgVigpAwAvDyI/FBQjFgERNio7IwwTKCkHEwUlOXIRInwOAwEpGC4tA1cqLRAXABRJfRQyfAwBARQOPngPRn4+Ey0EHSIkbAkeSRghBRQiDB8OFl14Ezo7PQQZOzgWH2QADhkNEyQEMBxgBiA2HTYaOxIIMk4rFQU/Ohk8MzpWKBMbPAciTSECJShJKxIlCywJMg8GADkcOSJAGwBSFgIDAQwoOR0PRn4+Ey0mDjEJDFsUSAwtBRg5LxMKOx8EOS0bOhIHDhs+GCEGGy4MDSR9TBBkLRsbMGEaCTkfLSkEIg8cDRZdeBc5ChASMTQ/FRkiRSYLJTsTcQILIic/Oz03Dg Protocol HTTP/1.1 Server 13.225.84.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-23.fra2.r.cloudfront.net Software / Resource Hash e358fa07ed98d980f5686a4c45479d3631da4a7be3a2e2826202a0ccfd7fab26 Request headers Accept-Language it-IT,it;q=0.9 Referer http://sitecham.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control max-age=31556926 Connection keep-alive Content-Length 341 Via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) X-Amz-Cf-Id XxqsJV6VCyiypx-E29u4Eyg_cPe4M_SJxsRyLd2GTc2feVhJCjclww==
GET H2	200	xrivonet.info.266699.es6.js Show response jsc.mgid.com/x/r/ Frame 729A	237 KB 66 KB	41ms 41ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121101120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c0d8e7197ff3140ce35f52d9ed6e533fced979c19c2f5edadf2d3389dcae547 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br cf-cache-status HIT age 1629 last-modified Wed, 03 Nov 2021 11:33:15 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id HYX882R9NENCTBZ4 x-amz-id-2 5kO+bn/I5YFDf52gAiAcxmh1b+CQf+sNIPJwtdFWKgjWKadHYlLru7VYpifjbb3OdsrdfKk8bDI= cf-bgj minify server cloudflare etag W/"808926a94a26c7e8471023b8ba65cabb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 6aca345cacc00e1e-MXP expires Thu, 11 Nov 2021 23:17:31 GMT
GET H/1.1	200 OK	5e9bd01eb72f8e627d7f3e2abb1e3b7b_5115.jpg crrepo.com/extban/278601420/creatives/23373622/ Frame E232	38 KB 39 KB	51ms 35ms	Image image/jpeg	2606:4700:3038::6815:eb72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://crrepo.com/extban/278601420/creatives/23373622/5e9bd01eb72f8e627d7f3e2abb1e3b7b_5115.jpg Requested by Host: www.adnetworkperformance.com URL: http://www.adnetworkperformance.com/ad/display.php?stamat=m%257C%252C4d3d3IidrB1dAN0dEdHP3xP.908%252CZMkKdRAQlkuDbgTABrav5CmTL57v_Qh2faTVgfvVz5RzW7cn2g0ntQubSueAs6EjLhFKhwlzLdrjK8LkMxBXWsO453vgPvBVBZwq_VnOhs4%252C&cbur=0.9680853487762582&cbtitle=RivoRD&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= Protocol HTTP/1.1 Server 2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 652858040c98ec145413469eb850c36d620cfaef16525b8b62e36ba00527a890 Request headers Accept-Language it-IT,it;q=0.9 Referer http://www.adnetworkperformance.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT via 1.1 google CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2949 Transfer-Encoding chunked Connection keep-alive content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Wed, 10 Nov 2021 20:35:44 GMT Server cloudflare etag W/"618c2d20-98fe" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNL28Pey1fmue3%2Fg9ReJqZhxW9TIGSNC20XedtaDd6HprYxz896fez%2B1Qdfsvr2fkAkpKDppK79DtuznoKWS4AlcRJhGPjohTpWYiKyHhSqiAjy4eP7OcbeNTvkDyxvMoHmekGWeJB8S"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 CF-RAY 6aca345ce87b374b-MXP
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	83ms 29ms	Script text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br cf-cache-status HIT server cloudflare age 686800 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 6aca345d382f374c-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Sun, 12 Dec 2021 20:17:31 GMT
GET H/1.1	500 Internal Server Error	/ t.dtscout.com/i/	0 0	349ms 112ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&j= Requested by Host: widgets.amung.us URL: http://widgets.amung.us/colored.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Server nginx/1.10.3 (Ubuntu) Connection close X-S mtl1 Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	32 B 216 B	269ms 241ms	Script text/javascript	67.202.94.93 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=rtnlniviutns&t=RivoRD&c=u&x=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&y=&a=0&d=1.172&v=27&r=5545 Requested by Host: widgets.amung.us URL: http://widgets.amung.us/colored.js Protocol HTTP/1.1 Server 67.202.94.93 , United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 66f6aa4606f9bc5a25cc5c544f21ea194b9d0116927cd8f988ce0129b8b2d1b8 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding gzip transfer-encoding chunked content-type text/javascript;charset=UTF-8
GET H2	200	/ 6.adsco.re/	0 453 B	83ms 34ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin http://to.xrivonet.info access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 6aca345dbb4b5a37-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/	0 462 B	160ms 38ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 424 B	84ms 58ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK lon224 Access-Control-Allow-Origin http://to.xrivonet.info Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 462 B	74ms 58ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash bdb6fffeb2e071f54a63f74e63dd5bd0fd48dcd18169c2b94785200004c499a5 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	/ Show response 6.adsco.re/	54 B 643 B	64ms 48ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c86ea3258316327ad89004c4b51452010abd153f05b4aaff51ea205ac2eba5f8 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 6aca345dbbae5a01-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H/1.1	200 OK	/ 9isesi1uvz1h.l4.adsco.re/	0 464 B	174ms 49ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://9isesi1uvz1h.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ 9isesi1uvz1h.n4.adsco.re/	0 464 B	543ms 118ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://9isesi1uvz1h.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 11 Nov 2021 20:17:32 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ 9isesi1uvz1h.s4.adsco.re/	0 464 B	1265ms 210ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://9isesi1uvz1h.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 11 Nov 2021 20:17:32 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H/1.1	200 OK	/ Show response c.adsco.re/ Frame 029F	62 KB 25 KB	47ms 31ms	Document text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control public, max-age=2678400 Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Expires Sun, 12 Dec 2021 20:17:31 GMT ETag W/"2Ma3006J78KgzL0RD+7gUg==" Content-Encoding gzip CF-Cache-Status HIT Age 686800 Vary Accept-Encoding Server cloudflare CF-RAY 6aca345db838375e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 6.adsco.re/ Frame 029F	0 637 B	37ms 36ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://c.adsco.re/ Origin http://c.adsco.re Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://c.adsco.re Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 6aca345e5dbd5a01-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 029F	0 456 B	37ms 37ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://4.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://c.adsco.re/ Origin http://c.adsco.re Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	suurl.php Show response onclickgenius.com/script/	5 KB 2 KB	232ms 208ms	Script application/javascript	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2059055&cbrandom=0.5616947774856278&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=RivoRD&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash 9988f6d04500baf89470f0f37dc350b1b5abbcb10c08a7393604e0c168ab2d16 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:32 GMT Content-Encoding gzip Transfer-Encoding chunked Server openresty Via 1.1 google Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	chrome.js Show response celeritascdn.com/script/	36 KB 12 KB	41ms 41ms	Script application/javascript	2606:4700::6810:5b06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://celeritascdn.com/script/chrome.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip CF-Cache-Status HIT Age 547 X-GUploader-UploadID ABg5-Uwy2KgMfwRh5Sy4tJaRNrRgSaRiJ4L604o09TUqfv8VT3Pk1OJPbGXpnbgwmBjuRcn4gexGkvf1MhD-n7IYrcE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server cloudflare ETag W/"ef6565ab259dafbc08468b4d0bb46762" Vary Accept-Encoding x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 37300 CF-RAY 6aca345e6cc6f92f-MXP Expires Fri, 12 Nov 2021 00:17:31 GMT
GET H/1.1	200 OK	/ c.adsco.re/ Frame 029F	10 KB 0	23ms 22ms	XHR text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language it-IT,it;q=0.9 Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT Content-Encoding gzip CF-Cache-Status HIT Server cloudflare Age 686800 ETag W/"2Ma3006J78KgzL0RD+7gUg==" Vary Accept-Encoding Content-Type text/html Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Cache-Control public, max-age=2678400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6aca345e8a17375e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Expires Sun, 12 Dec 2021 20:17:31 GMT
GET H2	200	su.js Show response cdnondemand.org/script/ Frame DADE	24 KB 8 KB	86ms 35ms	Script text/javascript	2606:4700::6810:a610 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnondemand.org/script/su.js Requested by Host: sportsonline.to URL: https://sportsonline.to/channels/hd/hd6.php Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0a97a9799bba7cbaca2ff35b43daaef3ac0c679ba39a90df166c39aad65bea3 Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:31 GMT content-encoding gzip cf-cache-status HIT age 2978 x-guploader-uploadid ADPycdthyya1gaVRjmeslXKNoZsGJZbDMX3LHadSzmo0uyFpdqz9jSdC0IYOyGixw6qAeJOYHoN2wOFIOmKqqUnDgg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity content-type text/javascript last-modified Thu, 28 Oct 2021 10:36:10 GMT server cloudflare etag W/"765a50e18db5bdc3badf43040834c22a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=ZIf5+A==, md5=dlpQ4Y21vcO630MECDTCKg== x-goog-generation 1635417370397478 access-control-allow-origin * cache-control public, max-age=14400 x-goog-stored-content-length 24244 cf-ray 6aca345eda950e0e-MXP expires Fri, 12 Nov 2021 00:17:31 GMT
GET H2	200	SCCfwxq.png sportsonline.to/channels/hd/ Frame DADE	1 KB 2 KB	326ms 25ms	Image image/png	2606:4700:3033::6815:4b45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sportsonline.to/channels/hd/SCCfwxq.png Requested by Host: sportsonline.to URL: https://sportsonline.to/channels/hd/hd6.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4b45 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7 Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/channels/hd/hd6.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2588 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1220 last-modified Fri, 03 Sep 2021 00:38:37 GMT server cloudflare etag "61316e8d-4c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FgC8E%2Fp%2BAVnNUqCWktKmZFSQdNI0UEbCBI3yloscbcMXKkQRQ9mLPnFFSnii1abxCxvDrkTXCOEul09IVolwL1IvKw%2B0MG8XCNHwMH9P2sJfp08Fo00NOEtkqzoTD%2B9glijrnz89jJsEyyjDmE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6aca34606a7e374f-MXP
GET H2	200	/ widgets.amung.us/draw/ Frame DADE Redirect Chain https://whos.amung.us/cwidget/sportsonline/000000ffffff.png https://widgets.amung.us/draw/?w=colored&n=20100&c=000000ffffff&p=	1 KB 2 KB	98ms 43ms	Image image/png	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=20100&c=000000ffffff&p= Requested by Host: sportsonline.to URL: https://sportsonline.to/channels/hd/hd6.php Protocol H2 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3fc1641027ceca73eae722221962ea45f2d2b84dc957607f0c5857e2c696a4b Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Wed, 10 Nov 2021 23:41:19 GMT server cloudflare age 74173 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 content-disposition filename=wau-widget.png cf-ray 6aca3461584ee8f3-MXP expires Thu, 11 Nov 2021 23:41:19 GMT Redirect headers location https://widgets.amung.us/draw/?w=colored&n=20100&c=000000ffffff&p= date Thu, 11 Nov 2021 20:17:32 GMT cache-control max-age=295 content-type text/html; charset=UTF-8
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame DADE	90 KB 35 KB	339ms 38ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-202511892-1 Requested by Host: sportsonline.to URL: https://sportsonline.to/channels/hd/hd6.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d0c4e27f4110c3c5eeed71f9461a5a13d53911d52e362a976766b5edc3f0197 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36129 x-xss-protection 0 last-modified Thu, 11 Nov 2021 19:09:41 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 11 Nov 2021 20:17:32 GMT
GET		/ 6.adsco.re/ Frame 029F	0 0
GET		/ 4.adsco.re/ Frame 029F	0 0
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	87ms 29ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: widgets.amung.us URL: http://widgets.amung.us/colored.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:45 GMT server cloudflare age 99982 etag W/"61295205-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 6aca345f3b8b5a07-MXP expires Sun, 14 Nov 2021 20:17:32 GMT
GET H/1.1	200 OK	/ widgets.amung.us/colwid/	3 KB 4 KB	30ms 30ms	Image image/png	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://widgets.amung.us/colwid/?c=ffc20e000000 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 661c696659df6d576a75b9f65e11a05995760c8bc0e4aeec85e00a977bc7d2e7 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:31 GMT CF-Cache-Status HIT Last-Modified Thu, 11 Nov 2021 15:40:09 GMT Server cloudflare Age 16642 Vary Accept-Encoding Content-Type image/png access-control-allow-origin * cache-control max-age=432000 Transfer-Encoding chunked content-disposition filename=wau-widget.png Connection keep-alive CF-RAY 6aca345edaac0e0e-MXP expires Fri, 12 Nov 2021 15:40:09 GMT
GET H2	200	ut.js Show response cdnondemand.org/script/ Frame DADE	15 KB 5 KB	31ms 31ms	Script text/javascript	2606:4700::6810:a610 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnondemand.org/script/ut.js?cb=1636661852009 Requested by Host: cdnondemand.org URL: https://cdnondemand.org/script/su.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25 Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip cf-cache-status HIT age 2674 x-guploader-uploadid ADPycdtdlKmOGiiGe5CjQ6k3TyubRhJEXtUTlZ6_2ewN--QjhwLazu02WYvH0Jx6rLBxGP-dnB0ul8-e3ZscmT9mQrFtYEAD7Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity content-type text/javascript last-modified Thu, 28 Oct 2021 10:36:11 GMT server cloudflare etag W/"920480645047c2b282a048acb85f9df3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=pSNYBg==, md5=kgSAZFBHwrKCoEisuF+d8w== x-goog-generation 1635417371100027 access-control-allow-origin * cache-control public, max-age=14400 x-goog-stored-content-length 15242 cf-ray 6aca345f1b390e0e-MXP expires Fri, 12 Nov 2021 00:17:32 GMT
GET H2	200	suurl4.php Show response youradexchange.com/script/ Frame DADE	816 B 790 B	232ms 185ms	Fetch application/json	35.190.41.116 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://youradexchange.com/script/suurl4.php?r=4827899&cbur=0.026921251433225546&cbiframe=1&cbWidth=730&cbHeight=460&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0 Requested by Host: cdnondemand.org URL: https://cdnondemand.org/script/su.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 116.41.190.35.bc.googleusercontent.com Software openresty / Resource Hash 366d30d037607aa53ed063da4ae759f917dc17ef89352ac228f0bae268fb238c Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers access-control-allow-origin * date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/json; charset=utf-8
GET H2	200	eviy3tp9sa8v04t Show response 789ve725uklxrm5.sastreaming.net/embed/ Frame C24E	9 KB 5 KB	286ms 227ms	Document text/html	104.21.36.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Requested by Host: sportsonline.to URL: https://sportsonline.to/channels/hd/hd6.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.36.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2721c728eecb6a6de28c42842cceb0acb426965977018297f178f4027381b332 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek7AUWxMDIEhK6DIVGzlX30ZD43yT8mKnlkMfPCCEbQQNiCSQ93Mm7P8qaVlZbV91r4tJPqy%2BecfHwLd%2FEshtGNLRyKBsZS1YFs%2BqEMOE3xxfS%2Bp%2BHYon88bW0uk6mNvk9t1rDtknvWm3KBcH2NZOgra"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6aca345f8e0b3746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	popunder.gif sdebatical.one/	35 B 927 B	46ms 27ms	Image image/gif	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://sdebatical.one/popunder.gif Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 10883 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 58 pragma public Last-Modified Thu, 11 Nov 2021 17:16:09 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZSsRlnrQytFnYPDMLcp0kTIM48TOG%2FRe3bSJkUcYdrXOsEEPIZZrkOLPZ6pseCS442R25ZcVffntSM%2Fhn3ypyWTDZDUb3HEX2n%2ByOO4CRC5GGvYTDeUJZ%2FvCXeOH1mUgWeVlozQXcPwLejpxA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Accept-Ranges bytes CF-RAY 6aca345f4a220f76-MXP
GET H2	204	p ic.tynt.com/b/	0 227 B	392ms 127ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0&t=RivoRD&cu=http%3A%2F%2Fwrivz1.blogspot.com%2F Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	multi Show response sitecham.xyz/	3 KB 2 KB	128ms 128ms	XHR text/plain	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sitecham.xyz/multi?cs=Tk12bnp7dENWSnh7R1ZMfHVFXEk&abt=0&red=1&sm=76&k=&v=1.0.54.0&sts=0&prn=0&emb=0&tid=712339&u=2173080770197222&fs=1&ref=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F95.0.4638.54%20safari%2F537.36&tzd=0&uloc=&if=0&_qOMu=1636661852070&crc=1 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=622073 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 5e5f087d40384452a9af4fd5fcad653ab257d47dd08725b56d78c03e8a05d2f7 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://to.xrivonet.info cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-type text/plain content-length 1305 via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) x-amz-cf-id qYbyhFKSTghDK78r0KeH9MFHuxLMQBTxS6hNIDbeAm-uaYbdCkSsCw==
POST H2	204	YkJNaWZNfS4aWzEGAyA8Ki5oWyQgcQ8xNzp6Dw8KLA4rODwaFAgaQBYrKVReUHR+UVVEMiQNW1FwaxoSAzY4GltQcn1eQAssKwZbUGQ7VFZMemNcSFJkORkHBX98TxYWNiFUV1Rxe19QU3p4W1ZVcw sdebatical.one/	0 292 B	422ms 121ms	Ping text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdebatical.one/YkJNaWZNfS4aWzEGAyA8Ki5oWyQgcQ8xNzp6Dw8KLA4rODwaFAgaQBYrKVReUHR+UVVEMiQNW1FwaxoSAzY4GltQcn1eQAssKwZbUGQ7VFZMemNcSFJkORkHBX98TxYWNiFUV1Rxe19QU3p4W1ZVcw Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUDsKBBhq9WPBCxWc0%2BSSPFP9ffcEW7d%2BqiwhpVkabULelJiVKr0czCkSoDTA%2Fy2rYZl%2F3yTfVoZw4VZid1kluxRj1%2BiMp%2B09Kn4whsQgwpV49L%2FaoTn9eAePSCfovxaPYVNq%2BhJBVHL%2BWYJ4w%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca346159ca3747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	floater Show response sitecham.xyz/	2 KB 2 KB	618ms 618ms	XHR text/plain	143.204.98.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sitecham.xyz/floater?cs=R0RISEJxcHB7enB2fn9wcnFxeHA&abt=0&red=1&sm=83&k=&v=0.8.5.0&sts=0&prn=0&emb=0&tid=826383&u=2173080770197222&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F95.0.4638.54%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td6_oi1_&_Yn5V=1636661852072&crc=1 Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-43.fra50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 6894fa54ac6792c98731fd01dc82237721e762edcce61a95499ca868ffa8a85d Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://to.xrivonet.info cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-type text/plain content-length 1158 via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) x-amz-cf-id q0Yn6JM6uGd4CRrTerqxUsHM-2RpKsNxgtYoahBk0mmVBu61--szJA==
POST H/1.1	200 OK	p Show response adsco.re/	364 B 866 B	57ms 57ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 86a9246e921216ff45c0d9dadc5f996a312a73692e890cb2ca515cfdf68590b1 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers AS-P-G OK Date Thu, 11 Nov 2021 20:17:32 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK lon224 Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET DATA	200 OK	truncated / Frame AE1F	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response c.mgid.com/pv/	0 280 B	166ms 157ms	Script text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?pv=5&cbuster=1636661852238179099392&uspString=&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fwrivz1.blogspot.com%2F&lu=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&sessionId=618d7a5c-02339&pageView=1&pvid=17d10a5f84e9d609f0c&site=356366&implVersion=10&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6aca34609d8b0e1e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	MGID_plus.svg cdn.mgid.com/images/logos/	2 KB 1 KB	34ms 24ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/MGID_plus.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT age 3001 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id B9201827F81D32DC x-amz-id-2 oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs= last-modified Tue, 23 Feb 2021 16:22:15 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root etag W/"f7525f3a5f32c6f4a8e9867e9f57ab45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6aca3460bdd20e1e-MXP expires Fri, 12 Nov 2021 20:17:32 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 814 B	61ms 51ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT age 934 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 1D76EA8A206ECCA7 x-amz-id-2 lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6aca3460bdd30e1e-MXP expires Fri, 12 Nov 2021 20:17:32 GMT
GET H2	200	int_exchange_wages_ad.svg cdn.mgid.com/images/mgid/	1 KB 763 B	51ms 41ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT age 1173 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id A6EC37B2A7BDE00B x-amz-id-2 PwXuLK/xbxwm8Hf3CE9lBqGE5I1x8jZ+3dC6/axU5ZbcSWyTHkWZUyetDT5gQlgZpKn8sbHG1f0= last-modified Mon, 04 May 2020 12:16:53 GMT server cloudflare etag W/"37346cd2daeeec771e8ffe3a34ef43ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 6aca3460bdd00e1e-MXP expires Fri, 12 Nov 2021 20:17:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame DADE	49 KB 20 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-202511892-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9 Referer https://sportsonline.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1018 date Thu, 11 Nov 2021 20:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 11 Nov 2021 22:00:34 GMT
GET H3	200	embed.min.css 789ve725uklxrm5.sastreaming.net/css/ Frame C24E	1 KB 1 KB	88ms 49ms	Stylesheet text/css	104.21.36.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://789ve725uklxrm5.sastreaming.net/css/embed.min.css?v=0.3 Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.36.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT last-modified Mon, 09 Nov 2020 18:05:02 GMT server cloudflare age 160 etag W/"5fa984ce-484" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jE0mB8eDNfzSM4Igc7vlOhrfvI8TXONo7r%2FEqt56QHUHbKotZKhB0EnwtN10ATW6gxq2hcw46zmHLAASm11RCVt7gcrJR0UJ%2BQgJ06VWgjXADRyBeNwxkcNcHbKwnovyAjHywOP3jOEQyRitjnfde19"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6aca34614bcd3743-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	jquery.min.js Show response 789ve725uklxrm5.sastreaming.net/js/ Frame C24E	85 KB 31 KB	69ms 31ms	Script application/javascript	104.21.36.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://789ve725uklxrm5.sastreaming.net/js/jquery.min.js Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.36.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT last-modified Mon, 09 Nov 2020 18:05:02 GMT server cloudflare age 160 etag W/"5fa984ce-15283" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WGPnjqfLE1IkKEkhnGXRYEwUfb8ziJPe0AXc0ipFYCZxy9dvFAOx1i2TUchimgcDKUscCHGLwEwx9jMPJBQSrVoj69pJQbaLi3tN%2FJeazm1UtTvKmUvPo%2FTuHw%2B22mUhS1p8OrBmVsVwLJGZ6TWDW3m"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6aca34613bc93743-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	wigistream.js Show response swarm.video/ Frame C24E	506 KB 128 KB	88ms 39ms	Script application/javascript	2606:4700:3031::6815:33a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://swarm.video/wigistream.js?version=0.0.80 Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:33a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 668015 x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 28 Jun 2021 22:53:29 GMT server cloudflare etag W/"7ee26-17a54d3e20c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4JB%2FnY2oaBhoencfuImTZZF%2BHCQ%2FzJwGae%2FVR9HyeSzkSsN979TTfQoYl8dWAT%2B8QY05sgjbdbfajdIuKnryAKWbz0tAcn6LBr66qYaqFu0xu9uxO4aFapGFUXoXTzf7mgtxjI2UNNopg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-polished origSize=519718 cf-ray 6aca346148240e26-MXP cf-bgj minify
GET H2	200	clappr.min.js Show response cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame C24E	513 KB 139 KB	86ms 44ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 41359 x-jsd-version 0.3.13 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19151-FRA, cache-mxp6934-MXP timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6aca34614831375d-MXP
GET H2	200	su.js Show response cdnondemand.org/script/ Frame C24E	24 KB 7 KB	27ms 26ms	Script text/javascript	2606:4700::6810:a610 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnondemand.org/script/su.js Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0a97a9799bba7cbaca2ff35b43daaef3ac0c679ba39a90df166c39aad65bea3 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip cf-cache-status HIT age 2979 x-guploader-uploadid ADPycdthyya1gaVRjmeslXKNoZsGJZbDMX3LHadSzmo0uyFpdqz9jSdC0IYOyGixw6qAeJOYHoN2wOFIOmKqqUnDgg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity content-type text/javascript last-modified Thu, 28 Oct 2021 10:36:10 GMT server cloudflare etag W/"765a50e18db5bdc3badf43040834c22a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=ZIf5+A==, md5=dlpQ4Y21vcO630MECDTCKg== x-goog-generation 1635417370397478 access-control-allow-origin * cache-control public, max-age=14400 x-goog-stored-content-length 24244 cf-ray 6aca34610f500e0e-MXP expires Fri, 12 Nov 2021 00:17:32 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame C24E	90 KB 35 KB	44ms 43ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-184968220-1 Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14e4f8d32e7dbd33c78e6d9b83209b2daca85f7785474afa58a920dc197dc2a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36128 x-xss-protection 0 last-modified Thu, 11 Nov 2021 19:09:41 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 11 Nov 2021 20:17:32 GMT
GET H2	200	/ widgets.amung.us/draw/ Frame C24E Redirect Chain https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png https://widgets.amung.us/draw/?w=colored&n=57000&c=000000ffffff&p=	1 KB 1 KB	40ms 39ms	Image image/png	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=57000&c=000000ffffff&p= Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/embed/eviy3tp9sa8v04t Protocol H2 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63e1a366300fc10b85eaa7e420f5c0366619f8f2f327ae418c07e7909a5ca405 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 20:16:13 GMT server cloudflare age 79 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 content-disposition filename=wau-widget.png cf-ray 6aca3461d959e8f3-MXP expires Fri, 12 Nov 2021 20:16:13 GMT Redirect headers location https://widgets.amung.us/draw/?w=colored&n=57000&c=000000ffffff&p= date Thu, 11 Nov 2021 20:17:32 GMT cache-control max-age=295 content-type text/html; charset=UTF-8
GET H2	200	1 Show response servicer.mgid.com/266699/	5 KB 2 KB	105ms 96ms	Script application/x-javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/266699/1?pv=5&cbuster=1636661852316595113867&uspString=&niet=4g&nisd=false&jsv=es6&w=726&h=519&cols=3&ref=&cxurl=http%3A%2F%2Fwrivz1.blogspot.com%2F&lu=http%3A%2F%2Fto.xrivonet.info%2Faj6.html%3Fm%3D1&sessionId=618d7a5c-02339&pageView=1&pvid=17d10a5f84e9d609f0c&implVersion=10&dpr=1 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f674086461e56f123a452f270ba00f9f2d8805df7fa0bd924d9d2b2ad991d397 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6aca34611e7c0e1e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	c Show response serve.popads.net/	44 B 277 B	191ms 167ms	Script text/javascript	216.21.13.11 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://serve.popads.net/c?_=BAoAYY16XAFhjXpcgAGBAsAAIKLRYoKkqNApMvZYGGzrMLsfDnHui-KsoefYEeAL6MTOwQBIMEYCIQCXLXrWNasC0Pq0Uhfdr23WGncT9Qq_nHAunROiOOxmZQIhALi8zygwMpAN3E-_0hrYGBJFdv8DblslpQBGpv5SqSEnwgAgxcIhBD1LrxGdvK_utrwavHkleUFqnGqVxFbgj7qFAGXEABAgAQrIACQARQLmAAAAAAABxQAQxwPWnf2UZiqozYrzQejrEMMARzBFAiEA_B6yibOkmphZzCg-TbDFQJxCtEBUG9VZNy8Ehme-Kc4CIAuu1d_XIAj81gOGkVrYMswI6pcGhv9UCj6Wx4wINHqC&v=4&siteId=2082502&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol HTTP/1.1 Server 216.21.13.11 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT asf 9 access-control-allow-origin * content-type text/javascript;charset=UTF-8 popads-ec ASB Connection Keep-Alive Keep-Alive timeout=5, max=100 content-length 44
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	135ms 127ms	Script application/javascript	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!rtnlniviutns&dn=TC&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Fri, 12 Nov 2021 20:17:32 GMT
GET H2	200	css fonts.googleapis.com/ Frame C24E	1 KB 860 B	104ms 41ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700 Requested by Host: 789ve725uklxrm5.sastreaming.net URL: https://789ve725uklxrm5.sastreaming.net/css/embed.min.css?v=0.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Nov 2021 20:07:28 GMT server ESF date Thu, 11 Nov 2021 20:17:32 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Nov 2021 20:17:32 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp s-img.mgid.com/g/8052388/492x328/0x0x672x448/	22 KB 23 KB	397ms 345ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1636661852-_b-ircx0ZOeouDesrst0TeZ8pvfebSaXR1KSmpCgzuo Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:23:17 GMT x-mg-request-uuid 122935d1-737b-43fa-9407-753d9a858916 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462197e59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 23018 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp s-img.mgid.com/g/5097651/492x328/0x15x820x546/	30 KB 30 KB	263ms 211ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/5097651/492x328/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp?v=1636661852--p4g_82ENPObgcbc3_MIqnswNjbKisgIMGkHfWJAvek Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4bc51dd1031eccaf38a0943a5cb489175672def80568391d00bbcfb46842a34 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:23:23 GMT x-mg-request-uuid 00481a87-970e-4189-9f07-b065501a62bf expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462198159e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 30276 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFiY2M2ZTBkN2Q0ZDM3NjRhODFkZDg1M2YxYzQ4M2FhLmpwZWc.webp s-img.mgid.com/g/3835481/492x328/50x0x758x505/	15 KB 15 KB	351ms 300ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3835481/492x328/50x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFiY2M2ZTBkN2Q0ZDM3NjRhODFkZDg1M2YxYzQ4M2FhLmpwZWc.webp?v=1636661852-ePuZK1Zc9ZiwKZmvtP1IQYajS_pCRf_85FZPjlg6vu0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35c02cd689dae63703a64db4e843d722fa24617eab9d0ad189dc6df5b9f07479 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:55:57 GMT x-mg-request-uuid ec88ef8a-6be5-4f6d-be85-a6ff9a61a26d expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462198459e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 15238 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp s-img.mgid.com/g/8193526/492x328/0x26x798x532/	19 KB 19 KB	334ms 283ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1636661852-pZHFCfeuZxFOeVjPRgA8BaMvdjstmHqlRpqILo_phII Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17454cb48d2d77ca6eab7729fc4ec95d681a31aff56c6dade8e79ae8b550d7c5 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 05 Nov 2021 10:51:58 GMT x-mg-request-uuid 33658779-38a2-4e1d-b838-3accbf3a21b9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462198759e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 19400 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp s-img.mgid.com/g/3859212/492x328/0x0x1001x667/	33 KB 33 KB	283ms 232ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1636661852-FJQXrfa0wGb-bq6YqL4CCXU2uwNz1L2RyvEAg9uBBm4 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5185c247c2ff9ecf5174874bd331e688155cdada5094eb9f66f305fa779a049f Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:53:31 GMT x-mg-request-uuid f211cb6c-1e82-460c-a0be-c6623b9f42bf expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462198a59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 33692 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp s-img.mgid.com/g/4060554/492x328/96x0x866x577/	14 KB 15 KB	350ms 299ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4060554/492x328/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1636661852-i3VqFH1xi-C0JaRrX3I57tfBfN0VrwIgdNevZLNWNic Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 239229aa66d65cbb988013e6b7f3d4ae8f82a87674970a0699ae1039a799b113 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:56:30 GMT x-mg-request-uuid 6ae5b8eb-5d55-4f02-9a5f-f835c96c15c3 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462198f59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14812 server cloudflare
GET H2	204	p ic.tynt.com/b/	0 227 B	127ms 127ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0&t=RivoRD&cu=http%3A%2F%2Fwrivz1.blogspot.com%2F Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	i.js Show response cm.mgid.com/	2 KB 1 KB	96ms 87ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1636661852480666985310 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea174a062116a18a17411ee4e9ab8d4daa77fa43b66ab43dcd17294403a44ad6 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca346218a20e1e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame 62E5	19 B 146 B	82ms 82ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1636661852497750652427 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca346228b90e1e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	ut.js Show response cdnondemand.org/script/ Frame C24E	15 KB 5 KB	29ms 29ms	Script text/javascript	2606:4700::6810:a610 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnondemand.org/script/ut.js?cb=1636661852551 Requested by Host: cdnondemand.org URL: https://cdnondemand.org/script/su.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25 Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip cf-cache-status HIT age 2674 x-guploader-uploadid ADPycdtdlKmOGiiGe5CjQ6k3TyubRhJEXtUTlZ6_2ewN--QjhwLazu02WYvH0Jx6rLBxGP-dnB0ul8-e3ZscmT9mQrFtYEAD7Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity content-type text/javascript last-modified Thu, 28 Oct 2021 10:36:11 GMT server cloudflare etag W/"920480645047c2b282a048acb85f9df3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=pSNYBg==, md5=kgSAZFBHwrKCoEisuF+d8w== x-goog-generation 1635417371100027 access-control-allow-origin * cache-control public, max-age=14400 x-goog-stored-content-length 15242 cf-ray 6aca34627b0e0e0e-MXP expires Fri, 12 Nov 2021 00:17:32 GMT
GET H2	200	suurl4.php Show response youradexchange.com/script/ Frame C24E	816 B 731 B	182ms 182ms	Fetch application/json	35.190.41.116 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.7960462469398077&cbiframe=1&cbWidth=730&cbHeight=460&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0 Requested by Host: cdnondemand.org URL: https://cdnondemand.org/script/su.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 116.41.190.35.bc.googleusercontent.com Software openresty / Resource Hash 5e07be2de6dde89070db719b01bd77ca92170933cc61991e9a65f5019806ca6e Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers access-control-allow-origin * date Thu, 11 Nov 2021 20:17:32 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/json; charset=utf-8
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/ Frame C24E	22 KB 23 KB	100ms 37ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://789ve725uklxrm5.sastreaming.net Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 10:51:57 GMT x-content-type-options nosniff age 379535 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 07 Nov 2022 10:51:57 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v20/ Frame C24E	23 KB 23 KB	123ms 61ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://789ve725uklxrm5.sastreaming.net Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 12:11:32 GMT x-content-type-options nosniff age 29160 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:01 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 11 Nov 2022 12:11:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame C24E	49 KB 20 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9 Referer https://789ve725uklxrm5.sastreaming.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1018 date Thu, 11 Nov 2021 20:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 11 Nov 2021 22:00:34 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 82FC Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu	281 B 554 B	98ms 29ms	Document text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1636661852480666985310 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 26 Oct 2021 17:01:05 GMT ETag "40019-119-5cf446c48f640" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Thu, 11 Nov 2021 20:17:32 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Date Thu, 11 Nov 2021 20:17:32 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	200 OK	sync.html Show response s.adtelligent.com/ Frame FC79	1 KB 883 B	222ms 43ms	Document text/html	2a0c:5c81:5139::2 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://s.adtelligent.com/sync.html?aid=658327 Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1636661852480666985310 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ Response headers Server VertaMedia 1.0 Date Thu, 11 Nov 2021 20:17:32 GMT Content-Type text/html; charset=UTF-8 Content-Length 600 Access-Control-Allow-Origin http://to.xrivonet.info Access-Control-Allow-Credentials true Connection Keep-Alive Content-Encoding gzip
GET H2	200	/ cm.lentainform.com/setmuidn/	0 495 B	149ms 100ms	Image image/gif	104.19.217.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.lentainform.com/setmuidn/?muidf=labwvzBZqLhc Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6aca3462ff213744-MXP p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	v1 match.sharethrough.com/sync/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=labwvzBZqLhc https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=labwvzBZqLhc https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6ec5dabf-f572-477f-96a1-57b2556df922&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=	68 B 263 B	120ms 27ms	Image image/png	54.93.151.69 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6ec5dabf-f572-477f-96a1-57b2556df922&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Server 54.93.151.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-151-69.eu-central-1.compute.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT content-length 68 content-type image/png Redirect headers Location //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=6ec5dabf-f572-477f-96a1-57b2556df922&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= Date Thu, 11 Nov 2021 20:17:32 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	tpid=labwvzBZqLhc sync.crwdcntrl.net/map/ct=y/c=14777/tp=MIGD/ Redirect Chain https://sync.crwdcntrl.net/map/c=14777/tp=MIGD/tpid=labwvzBZqLhc https://sync.crwdcntrl.net/map/ct=y/c=14777/tp=MIGD/tpid=labwvzBZqLhc	49 B 737 B	66ms 66ms	Image image/gif	52.208.103.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/ct=y/c=14777/tp=MIGD/tpid=labwvzBZqLhc Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Server 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-103-128.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.14.124 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/map/ct=y/c=14777/tp=MIGD/tpid=labwvzBZqLhc cache-control no-cache x-server 10.45.16.104 content-length 0 expires 0
GET H3	200	m cm.mgid.com/ Redirect Chain https://creativecdn.com/cm-notify?pi=mgid https://creativecdn.com/cm-notify?pi=mgid&tc=1 https://cm.mgid.com/m?cdsp=501037&c=llwJ0Yxrwu8h1veGrz9o&pi=mgid&tc=1	43 B 500 B	85ms 85ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=501037&c=llwJ0Yxrwu8h1veGrz9o&pi=mgid&tc=1 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca3463af145a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers location https://cm.mgid.com/m?cdsp=501037&c=llwJ0Yxrwu8h1veGrz9o&pi=mgid&tc=1 pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT, Thu, 11 Nov 2021 20:17:32 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	m cm.mgid.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=6ec5dabf-f572-477f-96a1-57b2556df922 https://x.bidswitch.net/sync?dsp_id=340&user_id=7d0b66ea-4988-4ffa-ac48-9a13942372bc&expires=10&ssp=mgid&bsw_param=6ec5dabf-f572-477f-96a1-57b2556df922 https://cm.mgid.com/m?cdsp=433145&c=6ec5dabf-f572-477f-96a1-57b2556df922&gdpr=&gdpr_consent=&us_privacy=	43 B 480 B	101ms 101ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=433145&c=6ec5dabf-f572-477f-96a1-57b2556df922&gdpr=&gdpr_consent=&us_privacy= Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:33 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca3465ce285a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Location //cm.mgid.com/m?cdsp=433145&c=6ec5dabf-f572-477f-96a1-57b2556df922&gdpr=&gdpr_consent=&us_privacy= Date Thu, 11 Nov 2021 20:17:33 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	/ cm.idealmedia.io/setmuidn/	0 413 B	147ms 91ms	Image image/gif	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.idealmedia.io/setmuidn/?muidf=labwvzBZqLhc Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6aca346308cf374f-MXP p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif
GET H3	200	m cm.mgid.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 https://cm.mgid.com/m?cdsp=371158&c=a89e8adf-b0ed-4160-8021-67e377269dc1&ttl=1639253852	43 B 464 B	78ms 78ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=371158&c=a89e8adf-b0ed-4160-8021-67e377269dc1&ttl=1639253852 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca346428c55a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.mgid.com/m?cdsp=371158&c=a89e8adf-b0ed-4160-8021-67e377269dc1&ttl=1639253852 cache-control private,no-cache, must-revalidate content-type text/html content-length 205
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Redirect Chain https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=labwvzBZqLhc https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6717864296177844642&gdpr=0&gdpr_consent= https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=	0 239 B	107ms 26ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif Redirect headers Pragma no-cache Date Thu, 11 Nov 2021 20:17:32 GMT Server nginx Transfer-Encoding chunked Location https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H3	200	m cm.mgid.com/ Redirect Chain https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://cm.mgid.com/m?cdsp=665953&c=3447be84-ab54-4820-821f-e20c3a4e8e43	43 B 464 B	81ms 80ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=665953&c=3447be84-ab54-4820-821f-e20c3a4e8e43 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6aca346418ad5a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers location https://cm.mgid.com/m?cdsp=665953&c=3447be84-ab54-4820-821f-e20c3a4e8e43 date Thu, 11 Nov 2021 20:17:32 GMT access-control-allow-origin * content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	mw mwzeom.zeotap.com/	95 B 455 B	92ms 50ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=labwvzBZqLhc&zpartnerid=1532&zdid=1532 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin http://to.xrivonet.info access-control-allow-credentials true cf-ray 6aca3463daa55a2b-MXP access-control-allow-headers * content-length 95
GET H3	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFid3Z6QlpxTGhj&muidn=labwvzBZqLhc https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFid3Z6QlpxTGhj&muidn=labwvzBZqLhc&google_tc= https://cm.mgid.com/google?muidn=labwvzBZqLhc&google_ula={guid},5&google_gid=CAESEIwn317N7OeOzzZKi1eMYlU&google_cver=1	0 376 B	79ms 79ms	Image text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=labwvzBZqLhc&google_ula={guid},5&google_gid=CAESEIwn317N7OeOzzZKi1eMYlU&google_cver=1 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:33 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type text/plain cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6aca3464db4c5a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers pragma no-cache date Thu, 11 Nov 2021 20:17:32 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.mgid.com/google?muidn=labwvzBZqLhc&google_ula={guid},5&google_gid=CAESEIwn317N7OeOzzZKi1eMYlU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	127ms 127ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0&t=RivoRD Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp s-img.mgid.com/g/8052388/492x328/0x0x672x448/ Frame 729A	22 KB 23 KB	238ms 238ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1636661852-_b-ircx0ZOeouDesrst0TeZ8pvfebSaXR1KSmpCgzuo Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:23:17 GMT x-mg-request-uuid 122935d1-737b-43fa-9407-753d9a858916 age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462dba259e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 23018 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp s-img.mgid.com/g/5097651/492x328/0x15x820x546/ Frame 729A	30 KB 30 KB	130ms 129ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/5097651/492x328/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp?v=1636661852--p4g_82ENPObgcbc3_MIqnswNjbKisgIMGkHfWJAvek Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4bc51dd1031eccaf38a0943a5cb489175672def80568391d00bbcfb46842a34 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 01 Oct 2021 14:23:23 GMT x-mg-request-uuid 00481a87-970e-4189-9f07-b065501a62bf age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462dba759e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 30276 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFiY2M2ZTBkN2Q0ZDM3NjRhODFkZDg1M2YxYzQ4M2FhLmpwZWc.webp s-img.mgid.com/g/3835481/492x328/50x0x758x505/ Frame 729A	15 KB 15 KB	216ms 216ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3835481/492x328/50x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFiY2M2ZTBkN2Q0ZDM3NjRhODFkZDg1M2YxYzQ4M2FhLmpwZWc.webp?v=1636661852-ePuZK1Zc9ZiwKZmvtP1IQYajS_pCRf_85FZPjlg6vu0 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35c02cd689dae63703a64db4e843d722fa24617eab9d0ad189dc6df5b9f07479 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:55:57 GMT x-mg-request-uuid ec88ef8a-6be5-4f6d-be85-a6ff9a61a26d age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462dba959e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 15238 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp s-img.mgid.com/g/8193526/492x328/0x26x798x532/ Frame 729A	19 KB 19 KB	263ms 262ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1636661852-pZHFCfeuZxFOeVjPRgA8BaMvdjstmHqlRpqILo_phII Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17454cb48d2d77ca6eab7729fc4ec95d681a31aff56c6dade8e79ae8b550d7c5 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Fri, 05 Nov 2021 10:51:58 GMT x-mg-request-uuid 33658779-38a2-4e1d-b838-3accbf3a21b9 age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462ebab59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 19400 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp s-img.mgid.com/g/3859212/492x328/0x0x1001x667/ Frame 729A	33 KB 33 KB	121ms 120ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1636661852-FJQXrfa0wGb-bq6YqL4CCXU2uwNz1L2RyvEAg9uBBm4 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5185c247c2ff9ecf5174874bd331e688155cdada5094eb9f66f305fa779a049f Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:53:31 GMT x-mg-request-uuid f211cb6c-1e82-460c-a0be-c6623b9f42bf age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462ebaf59e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 33692 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp s-img.mgid.com/g/4060554/492x328/96x0x866x577/ Frame 729A	14 KB 15 KB	261ms 261ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4060554/492x328/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1636661852-i3VqFH1xi-C0JaRrX3I57tfBfN0VrwIgdNevZLNWNic Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 239229aa66d65cbb988013e6b7f3d4ae8f82a87674970a0699ae1039a799b113 Request headers Referer http://to.xrivonet.info/ Origin http://to.xrivonet.info Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:56:30 GMT x-mg-request-uuid 6ae5b8eb-5d55-4f02-9a5f-f835c96c15c3 age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6aca3462ebb059e9-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14812 server cloudflare
GET H2	204	p ic.tynt.com/b/	0 227 B	128ms 127ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 82FC	32 KB 10 KB	32ms 32ms	Script text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e Request headers Accept-Language it-IT,it;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:32 GMT Content-Encoding gzip Last-Modified Wed, 10 Nov 2021 00:01:00 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=22821 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9510 Expires Fri, 12 Nov 2021 02:37:53 GMT
GET		csync sync.adtelligent.com/ Frame FC79	0 0
GET		khaos.jpg token.rubiconproject.com/ Frame 82FC	0 0
GET H2	204	p ic.tynt.com/b/	0 227 B	128ms 127ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:32 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	129ms 129ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:33 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	128ms 128ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1636661852066&dn=TC&iso=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://to.xrivonet.info/aj6.html?m=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 11 Nov 2021 20:17:33 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H/1.1	204 No Content	i.php www.adnetworkperformance.com/script/ Frame E232	0 162 B	163ms 163ms	Image text/plain	130.211.17.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.adnetworkperformance.com/script/i.php?stamat=m%257C%252C%252Cwifrt3JitGU3Bv-GH0dEdHP3xP.ec2%252C2381Mq-T6RF8GoC7s6vXz-9SFScA4l--rW4gMuVbRwPAESEEnAuzLfLEqbwF7Ty-7RTJLZEmYF4o_KwqS8BnGhNLLKDSCw3PG-E6yDuIi2YwjvMEXREdNgCIqw67ONKafKAfu8yR0ZahvtWXmVFGOps1m4S8_O7AE72NA91Wr3W_Q6MKPaOCSGWptxXkfOuHjM2FlJ-O8j9XB4v6bcx-L3jdNcMgTPTMCwbt5zKZvHfgr6-cuF5v8heG6B6ZJiVpvxLk43WmtOJC1ZZSJLjH9v0mrlXM6wHIMEsVkNd3V1BC_LoxXaYUdPJVJ57xHY68ELSpvgwvZiqtYac8EhEH9j-5sjLXJAGEkURnq8snYTH0X3aIMRpqo_MSG6AeTZHJB2Z5mvf_B6alKa3hm8l91q19nLG1HOoadTtqJENmva-71-jh_JyN7kmtsfmqhwP_UYz0--tHAWHWYuUY1BIcb5ipIXfdP4NrJ9pL6zhGPqz4bA2MyXB8xJb7y1ED3D7O Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/aj6.html?m=1 Protocol HTTP/1.1 Server 130.211.17.196 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 196.17.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer http://www.adnetworkperformance.com/ad/display.php?stamat=m%257C%252C4d3d3IidrB1dAN0dEdHP3xP.908%252CZMkKdRAQlkuDbgTABrav5CmTL57v_Qh2faTVgfvVz5RzW7cn2g0ntQubSueAs6EjLhFKhwlzLdrjK8LkMxBXWsO453vgPvBVBZwq_VnOhs4%252C&cbur=0.9680853487762582&cbtitle=RivoRD&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 11 Nov 2021 20:17:33 GMT Via 1.1 google Referrer-Policy no-referrer Server openresty
POST H3	200	c c.mgid.com/ Frame 729A	43 B 441 B	73ms 73ms	Ping image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/c?f=1&pv=3&v=235|259|12|B5m_lhdhvObxsp8ZALqGYxIBhbiA5CLe0rwPDynVRqIpJyLUoFgeSiXA-s1y4o3j&fw=1&extjs=66044&v=235|237|12|B5m_lhdhvObxsp8ZALqGYzClygLDuFgK1YRU0VRPEB-iB-uALMP3zr0LmnPJV0zc&v=235|237|12|B5m_lhdhvObxsp8ZALqGYyb8StQdG3PYnrmtYWC9vzAbNalGrumdGY9XSlh_lmot&v=235|237|12|B5m_lhdhvObxsp8ZALqGY81jNPOIafCFKlFJDYe3xu5X3dCoX4WnooE425JpQinx&v=235|259|12|B5m_lhdhvObxsp8ZALqGY2FgLKU4a39M0U7urL3aAO-js9K8pvDXiDTyGBYxRvXF&v=235|259|12|B5m_lhdhvObxsp8ZALqGYygtFzCuBeCy9iutwYi7KXJ_K7M22LTJDpSblCwn6ULX&cid=266699&h2=T3bUXLCVQyWhaYvs5qzy2xdt96y94ImlI-Tis5DkszA*&rid=66ca11d1-432c-11ec-98dd-d094662c24f7&tt=Direct&iv=10&pageImp=1&pvid=17d10a5f84e9d609f0c&cbuster=1636661853991204652354&tpl=0 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/r/xrivonet.info.266699.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 11 Nov 2021 20:17:34 GMT cf-cache-status DYNAMIC x-mg-request-uuid 94ca504d-8eee-4b9d-8226-4b80ab225ca8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6aca346b79e15a43-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare
POST H2	204	NjRzWDgZCxArBWUEFyFiYmJKOwhGYzcAQAdmNRFwUFo5FG5nV1UsUVIJS2oOBQxAfkhfUE5rChBHBzlMQ0dOaggGAVUxVlBbTmoIBgJDaA0DDFZve15AByhLEwcyfQpwEUEeT1NWAzFbXRkQPFYYR0B2TUUZBD1LQhlBdllbVQk3VldDAHZbWVlWan5RUQc0WV9QX... sdebatical.one/	0 284 B	121ms 121ms	Ping text/plain	2606:4700:3036::ac43:a0da CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdebatical.one/NjRzWDgZCxArBWUEFyFiYmJKOwhGYzcAQAdmNRFwUFo5FG5nV1UsUVIJS2oOBQxAfkhfUE5rChBHBzlMQ0dOaggGAVUxVlBbTmoIBgJDaA0DDFZve15AByhLEwcyfQpwEUEeT1NWAzFbXRkQPFYYR0B2TUUZBD1LQhlBdllbVQk3VldDAHZbWVlWan5RUQc0WV9QXTJIU1NWb3tYQR80HQF3RGALBAxDaA0FBUdtDAYNRWgBBBIFZQgYDF1tFgYSByhZUQlCfkhCQB9lCQAHRW4OBwxGbA8GAg Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a0da , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 11 Nov 2021 20:17:34 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDaBZQWVbQl6qhmL4ZVNgBh5B9xCY7umSj0ZV2I5KPQLTzAtU74QPjmkXfvuc6An5BUYEvEO6wiCXvqssIHUnHrqqj05McUw2nOrPGvj%2Fn9cFxML8YNekuPQfTDIJX22NbIGzw9Q9cmQf7zPdA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6aca346ffdd93747-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET		getlaid.jpeg webpick-cdn.s3.us-west-2.amazonaws.com/	0 0
GET H/1.1	200 OK	getlaid.jpeg webpick-cdn.s3.us-west-2.amazonaws.com/ Frame E0BB	9 KB 9 KB	678ms 198ms	Image image/jpeg	52.92.163.210 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg Requested by Host: d141wsrw9m4as6.cloudfront.net URL: http://d141wsrw9m4as6.cloudfront.net/?wrswd=826383 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.163.210 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 11 Nov 2021 20:17:36 GMT Last-Modified Thu, 25 Jun 2020 08:18:14 GMT Server AmazonS3 x-amz-request-id 88W0JBRJ03BR5YM4 ETag "e73bda30c82b74c32e5f03e4ed4e4bb1" Content-Type image/jpeg Accept-Ranges bytes Content-Length 9313 x-amz-id-2 SdWdvydN9DiKBTWF6h54Pkt4wNOcdeSKnr3lO3fkvq8mZ4x+gO0GdWfK+Jm3+F/RC+hDseMkDgg= x-amz-meta-s3b-last-modified 20200625T081632Z
GET DATA	200 OK	truncated / Frame E0BB	897 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be1f5cf222de390da64f302bda4ffb1b7e650b89ece430a6a08796fd64aad060 Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

latheendsmoo.com

URL

http://latheendsmoo.com/ra3bOSAfVZZG/6507

Domain

st.chatango.com

URL

http://st.chatango.com/js/gz/emb.js

Domain

6.adsco.re

URL

http://6.adsco.re/

Domain

4.adsco.re

URL

http://4.adsco.re/

Domain

sync.adtelligent.com

URL

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Domain

token.rubiconproject.com

URL

https://token.rubiconproject.com/khaos.jpg?

Domain

webpick-cdn.s3.us-west-2.amazonaws.com

URL

https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg