urlscan.io logo urlscan.io
SecurityTrails logo

elil.cc Open in urlscan Pro
104.21.60.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://elii.cc/a/KX6PFG?protocol=http&type=default&url=hentai.dl-zip.xyz/goto/turbo.to/8nCY5BwuZMtT.rar
Effective URL: http://elil.cc/tphd
Submission: On October 05 via manual from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 12 countries across 64 domains to perform 226 HTTP transactions. The main IP is 104.21.60.107, located in and belongs to CLOUDFLARENET, US. The main domain is elil.cc.
This is the only time elil.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.21.50.111 13335 (CLOUDFLAR...)
7 104.21.60.107 13335 (CLOUDFLAR...)
2 142.250.74.202 15169 (GOOGLE)
1 2 104.21.28.173 13335 (CLOUDFLAR...)
3 205.185.216.10 20446 (HIGHWINDS3)
1 195.181.175.45 60068 (CDN77 ^_^)
1 8 142.250.185.104 15169 (GOOGLE)
2 2 13.224.193.3 16509 (AMAZON-02)
1 1 192.243.58.123 39572 (ADVANCEDH...)
21 104.21.43.230 13335 (CLOUDFLAR...)
1 1 104.21.65.249 13335 (CLOUDFLAR...)
9 172.67.142.46 13335 (CLOUDFLAR...)
10 172.217.23.110 15169 (GOOGLE)
6 104.17.167.186 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
7 142.250.184.234 15169 (GOOGLE)
5 69.16.175.42 20446 (HIGHWINDS3)
2 104.16.19.94 13335 (CLOUDFLAR...)
3 142.250.74.195 15169 (GOOGLE)
4 4 67.202.114.212 32748 (STEADFAST)
4 104.22.74.171 13335 (CLOUDFLAR...)
10 10 172.67.171.45 13335 (CLOUDFLAR...)
37 104.21.42.126 13335 (CLOUDFLAR...)
4 151.101.65.176 54113 (FASTLY)
3 4 172.67.167.69 13335 (CLOUDFLAR...)
4 69.16.175.10 33438 (HIGHWINDS2)
1 185.172.148.128 44239 (PROINITY ...)
1 172.67.187.77 13335 (CLOUDFLAR...)
3 5 172.67.164.232 13335 (CLOUDFLAR...)
4 104.18.11.207 13335 (CLOUDFLAR...)
1 162.252.214.11 53334 (TUT-AS)
1 13 93.158.134.119 13238 (YANDEX)
5 5 95.211.229.247 60781 (LEASEWEB-...)
5 5 172.67.168.117 13335 (CLOUDFLAR...)
5 9 104.19.168.96 13335 (CLOUDFLAR...)
1 2 45.54.15.10 63911 (NETACTUAT...)
1 99.86.3.51 16509 (AMAZON-02)
7 8 13.224.193.24 16509 (AMAZON-02)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 1 3.70.16.242 16509 (AMAZON-02)
1 2 35.186.231.97 15169 (GOOGLE)
3 104.26.13.118 13335 (CLOUDFLAR...)
6 12 95.211.229.246 60781 (LEASEWEB-...)
3 139.45.197.234 9002 (RETN-AS)
2 139.45.197.243 9002 (RETN-AS)
4 4 172.67.194.47 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
6 6 83.147.204.132 202492 (SGHL1-AS)
6 6 178.253.54.48 202492 (SGHL1-AS)
12 18 45.135.122.42 56630 (MELBICOM-...)
3 13.32.121.102 16509 (AMAZON-02)
2 2 52.214.142.201 16509 (AMAZON-02)
1 1 185.26.99.58 44066 (DE-FIRSTC...)
1 1 5.150.170.4 31151 (PHG-AS)
1 104.16.104.92 13335 (CLOUDFLAR...)
1 18.66.112.110 16509 (AMAZON-02)
1 172.67.8.215 13335 (CLOUDFLAR...)
1 178.162.156.35 60781 (LEASEWEB-...)
1 46.105.201.240 16276 (OVH)
1 158.69.251.190 16276 (OVH)
1 158.69.139.238 16276 (OVH)
2 158.69.139.229 16276 (OVH)
1 52.222.214.95 16509 (AMAZON-02)
1 18.195.98.10 16509 (AMAZON-02)
1 13.225.87.78 16509 (AMAZON-02)
1 143.204.98.60 16509 (AMAZON-02)
1 159.203.161.83 14061 (DIGITALOC...)
1 2 52.208.103.128 16509 (AMAZON-02)
3 3 51.222.80.231 16276 (OVH)
2 2 76.223.111.131 16509 (AMAZON-02)
1 104.111.215.191 ()
226 57
2    104.21.50.111 (None, )

ASN13335 (CLOUDFLARENET, US)
elii.cc
7    104.21.60.107 (None, )

ASN13335 (CLOUDFLARENET, US)
elil.cc
2    142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net
ajax.googleapis.com
2    104.21.28.173 (None, )

ASN13335 (CLOUDFLARENET, US)
ezie.cc
3    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
a.exosrv.com
a.exdynsrv.com
1    195.181.175.45 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-44.cdn77.com
www.premiumvertising.com
8    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
2    13.224.193.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-3.fra2.r.cloudfront.net
mesucces.top
1    192.243.58.123 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
mgrwcm.com
21    104.21.43.230 (None, )

ASN13335 (CLOUDFLARENET, US)
xsportshd.com
www.xsportshd.com
1    104.21.65.249 (None, )

ASN13335 (CLOUDFLARENET, US)
get.tfiph.com
9    172.67.142.46 (United States)

ASN13335 (CLOUDFLARENET, US)
get.pdf-searchz.com
10    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net
www.google-analytics.com
6    104.17.167.186 (None, )

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
vh6clmlda24z.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
vh6clmlda24z.n4.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
vh6clmlda24z.s4.adsco.re
7    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
5    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
b6u2w2z4.ssl.hwcdn.net
2    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
4    67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
4    104.22.74.171 (None, )

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
10    172.67.171.45 (United States)

ASN13335 (CLOUDFLARENET, US)
live.batstream.tv
37    104.21.42.126 (None, )

ASN13335 (CLOUDFLARENET, US)
live.batstream.live
4    151.101.65.176 (United States)

ASN54113 (FASTLY, US)
free.timeanddate.com
4    172.67.167.69 (United States)

ASN13335 (CLOUDFLARENET, US)
whos-amung.com
4    69.16.175.10 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net
i3j3u3u9.ssl.hwcdn.net
1    185.172.148.128 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.okamata.site
1    172.67.187.77 (United States)

ASN13335 (CLOUDFLARENET, US)
sportsmix.net
5    172.67.164.232 (United States)

ASN13335 (CLOUDFLARENET, US)
livestotal.net
4    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    162.252.214.11 (United States)

ASN53334 (TUT-AS, US)
premiumvertising.com
13    93.158.134.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
5    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
5    172.67.168.117 (United States)

ASN13335 (CLOUDFLARENET, US)
abc.wwija.com
9    104.19.168.96 (None, )

ASN13335 (CLOUDFLARENET, US)
r.srvtrck.com
2    45.54.15.10 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 10.15.54.45.ptr.anycast.net
www.vintagetub.com
1    99.86.3.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-51.fra6.r.cloudfront.net
d1ev866ubw90c6.cloudfront.net
8    13.224.193.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-24.fra2.r.cloudfront.net
witalfieldt.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p203248.mybetterdl.com
1    3.70.16.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-16-242.eu-central-1.compute.amazonaws.com
global.yhit.top
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
3    104.26.13.118 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
12    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.optnx.com
3    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
2    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
4    172.67.194.47 (United States)

ASN13335 (CLOUDFLARENET, US)
whos-amung.us
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
6    83.147.204.132 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
refpasrasw.world
6    178.253.54.48 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
links22.com
18    45.135.122.42 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
22bet.com
3    13.32.121.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-102.fra60.r.cloudfront.net
go.lnkam.com
2    52.214.142.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-142-201.eu-west-1.compute.amazonaws.com
clk.omgt4.com
track.omguk.com
1    185.26.99.58 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde333-2.fornex.org
ad.admitad.com
1    5.150.170.4 (United Kingdom)

ASN31151 (PHG-AS, GB)
prf.hn
1    104.16.104.92 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ssense.com
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
vht.tradedoubler.com
1    172.67.8.215 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grover.com
1    178.162.156.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
perf.cdnads.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com
1    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
e.dtscout.com
2    158.69.139.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip229.ip-158-69-139.net
t.dtscout.com
1    52.222.214.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-95.fra56.r.cloudfront.net
get.s-onetag.com
1    18.195.98.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
pd.sharethis.com
1    13.225.87.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-78.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-60.fra50.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
1    159.203.161.83 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: lb4.ny1.dtscdn.com
t.dtscdn.com
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    104.111.215.191 (None, )

ASN- ()
tags.bluekai.com
Apex Domain
Subdomains		 Transfer
37 batstream.live
live.batstream.live
897 KB
21 xsportshd.com
xsportshd.com
www.xsportshd.com
425 KB
18 22bet.com
22bet.com
8 KB
14 adsco.re
c.adsco.re
6.adsco.re
4.adsco.re
adsco.re
vh6clmlda24z.l4.adsco.re
vh6clmlda24z.n4.adsco.re
vh6clmlda24z.s4.adsco.re
77 KB
12 optnx.com
s.optnx.com
13 KB
10 yandex.com
mc.yandex.com
3 KB
10 batstream.tv
live.batstream.tv
6 KB
10 google-analytics.com
www.google-analytics.com
136 KB
9 srvtrck.com
r.srvtrck.com
5 KB
9 hwcdn.net
b6u2w2z4.ssl.hwcdn.net
i3j3u3u9.ssl.hwcdn.net
157 KB
9 pdf-searchz.com
get.pdf-searchz.com
12 KB
9 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
66 KB
8 witalfieldt.com
witalfieldt.com
7 KB
8 amung.us
whos.amung.us
widgets.amung.us
7 KB
8 googletagmanager.com
www.googletagmanager.com
267 KB
7 elil.cc
elil.cc
50 KB
6 links22.com
links22.com
3 KB
6 refpasrasw.world
refpasrasw.world
1 KB
5 realsrv.com
syndication.realsrv.com
5 KB
5 livestotal.net
livestotal.net
4 KB
5 wwija.com
abc.wwija.com Failed
5 KB
4 whos-amung.us
whos-amung.us
1 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com
80 KB
4 whos-amung.com
whos-amung.com
3 KB
4 timeanddate.com
free.timeanddate.com
6 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
12 KB
3 dtscout.com
e.dtscout.com
t.dtscout.com
9 KB
3 lnkam.com
go.lnkam.com
3 KB
3 bedrapiona.com
bedrapiona.com
7 KB
3 iclickcdn.com
iclickcdn.com
66 KB
3 tradedoubler.com
clk.tradedoubler.com
vht.tradedoubler.com
6 KB
3 yandex.ru
mc.yandex.ru
195 KB
3 gstatic.com
fonts.gstatic.com
41 KB
2 adsrvr.org
match.adsrvr.org
906 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 histats.com
s10.histats.com
s4.histats.com
5 KB
2 exdynsrv.com
a.exdynsrv.com
79 KB
2 onmarshtompor.com
onmarshtompor.com
3 KB
2 mybetterdl.com
mybetterdl.com
p203248.mybetterdl.com
1 KB
2 vintagetub.com
www.vintagetub.com
204 B
2 cloudflare.com
cdnjs.cloudflare.com
29 KB
2 mesucces.top
mesucces.top
1 KB
2 premiumvertising.com
www.premiumvertising.com
premiumvertising.com
10 KB
2 ezie.cc
ezie.cc
1 KB
2 elii.cc
elii.cc
2 KB
1 bluekai.com
tags.bluekai.com
304 B
1 dtscdn.com
t.dtscdn.com
408 B
1 sharethis.com
pd.sharethis.com
88 B
1 cdnads.com
perf.cdnads.com
323 B
1 grover.com
www.grover.com
1 ssense.com
www.ssense.com
1 prf.hn
prf.hn
481 B
1 admitad.com
ad.admitad.com
592 B
1 omguk.com
track.omguk.com
844 B
1 omgt4.com
clk.omgt4.com
101 B
1 rtmark.net
my.rtmark.net
491 B
1 yhit.top
global.yhit.top
487 B
1 cloudfront.net
d1ev866ubw90c6.cloudfront.net
52 KB
1 sportsmix.net
sportsmix.net
998 B
1 okamata.site
cdn.okamata.site
8 KB
1 tfiph.com
get.tfiph.com
953 B
1 mgrwcm.com
mgrwcm.com
120 B
1 exosrv.com
a.exosrv.com
39 KB
226 64
Domain Requested by
37 live.batstream.live xsportshd.com
live.batstream.live
18 22bet.com 12 redirects s.optnx.com
18 xsportshd.com ajax.googleapis.com
xsportshd.com
whos-amung.com
12 s.optnx.com 6 redirects livestotal.net
xsportshd.com
10 mc.yandex.com 1 redirects live.batstream.live
mc.yandex.ru
10 live.batstream.tv 10 redirects
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
elil.cc
9 r.srvtrck.com 5 redirects xsportshd.com
livestotal.net
9 get.pdf-searchz.com ajax.googleapis.com
elil.cc
get.pdf-searchz.com
b6u2w2z4.ssl.hwcdn.net
8 witalfieldt.com 7 redirects sportsmix.net
8 www.googletagmanager.com 1 redirects elil.cc
xsportshd.com
live.batstream.live
7 fonts.googleapis.com get.pdf-searchz.com
b6u2w2z4.ssl.hwcdn.net
live.batstream.live
7 elil.cc elil.cc
6 links22.com 6 redirects
6 refpasrasw.world 6 redirects
5 syndication.realsrv.com 5 redirects
5 livestotal.net 3 redirects whos-amung.com
5 abc.wwija.com xsportshd.com
5 b6u2w2z4.ssl.hwcdn.net get.pdf-searchz.com
b6u2w2z4.ssl.hwcdn.net
4 whos-amung.us 4 redirects
4 maxcdn.bootstrapcdn.com live.batstream.live
maxcdn.bootstrapcdn.com
4 i3j3u3u9.ssl.hwcdn.net b6u2w2z4.ssl.hwcdn.net
4 whos-amung.com 3 redirects xsportshd.com
4 free.timeanddate.com xsportshd.com
free.timeanddate.com
4 widgets.amung.us xsportshd.com
whos-amung.com
4 whos.amung.us 4 redirects
3 pixel.onaudience.com 3 redirects
3 go.lnkam.com r.srvtrck.com
3 bedrapiona.com iclickcdn.com
3 iclickcdn.com live.batstream.live
3 mc.yandex.ru live.batstream.live
3 www.xsportshd.com xsportshd.com
3 fonts.gstatic.com fonts.googleapis.com
3 4.adsco.re elil.cc
c.adsco.re
3 6.adsco.re elil.cc
c.adsco.re
3 c.adsco.re www.premiumvertising.com
c.adsco.re
2 match.adsrvr.org 2 redirects
2 bcp.crwdcntrl.net 1 redirects
2 t.dtscout.com e.dtscout.com
2 a.exdynsrv.com elil.cc
2 onmarshtompor.com iclickcdn.com
2 clk.tradedoubler.com 1 redirects sportsmix.net
2 www.vintagetub.com 1 redirects xsportshd.com
2 cdnjs.cloudflare.com get.pdf-searchz.com
2 adsco.re c.adsco.re
2 mesucces.top 2 redirects
2 ezie.cc 1 redirects elil.cc
2 ajax.googleapis.com elil.cc
xsportshd.com
2 elii.cc 2 redirects
1 tags.bluekai.com
1 t.dtscdn.com e.dtscout.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 pd.sharethis.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com elil.cc
1 perf.cdnads.com xsportshd.com
1 www.grover.com sportsmix.net
1 vht.tradedoubler.com clk.tradedoubler.com
1 www.ssense.com r.srvtrck.com
1 prf.hn 1 redirects
1 ad.admitad.com 1 redirects
1 track.omguk.com 1 redirects
1 clk.omgt4.com 1 redirects
1 my.rtmark.net onmarshtompor.com
1 global.yhit.top 1 redirects
1 p203248.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
1 d1ev866ubw90c6.cloudfront.net xsportshd.com
1 premiumvertising.com www.premiumvertising.com
1 sportsmix.net whos-amung.com
1 cdn.okamata.site xsportshd.com
1 vh6clmlda24z.s4.adsco.re c.adsco.re
1 vh6clmlda24z.n4.adsco.re c.adsco.re
1 vh6clmlda24z.l4.adsco.re c.adsco.re
1 get.tfiph.com 1 redirects
1 mgrwcm.com 1 redirects
1 www.premiumvertising.com elil.cc
1 a.exosrv.com elil.cc
226 81

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
exosrv.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
1258267123.rsc.cdn77.org
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.l4.adsco.re
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.n4.adsco.re
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.s4.adsco.re
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2020-01-02 -
2022-01-19		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.timeanddate.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.whos-amung.com
R3		 2021-09-08 -
2021-12-07		 3 months crt.sh
cdn.okamata.site
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.sportsmix.net
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
www.vintagetub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-08 -
2021-11-08		 9 months crt.sh
*.srvtrck.com
Go Daddy Secure Certificate Authority - G2		 2020-12-21 -
2022-01-22		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.tradedoubler.com
R3		 2021-09-18 -
2021-12-17		 3 months crt.sh
witalfieldt.com
Amazon		 2021-07-09 -
2022-08-07		 a year crt.sh
optnx.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
bedrapiona.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
onmarshtompor.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-03 -
2022-11-03		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
*.22bet.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
lnkam.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
grover.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.cdnads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-07 -
2021-11-23		 a year crt.sh
exdynsrv.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-03		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sharethis.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh

This page contains 34 frames:

Primary Page: http://elil.cc/tphd
Frame ID: 831499E7A6F860AA87BC89209F2990DE
Requests: 27 HTTP requests in this frame

Frame: https://xsportshd.com/bundesliga-sports-stream.html
Frame ID: 8FC862E996BC8BF05A445DA556660753
Requests: 24 HTTP requests in this frame

Frame: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Frame ID: 44FF0917A3699F5832DDF8F7F734571D
Requests: 21 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: FB5F10673BE383E43D007D602C532300
Requests: 6 HTTP requests in this frame

Frame: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Frame ID: 3B83D0FB7570A12041D81A494EF895AA
Requests: 6 HTTP requests in this frame

Frame: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Frame ID: C6C1BE9A6D65C294E0AA79182DAE3C32
Requests: 38 HTTP requests in this frame

Frame: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Frame ID: E50D11FC49BC693A5658D5C83239F4EB
Requests: 2 HTTP requests in this frame

Frame: https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Frame ID: 1A6EBBCBE576C15F5FB5953E505D4965
Requests: 1 HTTP requests in this frame

Frame: https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Frame ID: 5976F46C6490C787DB411FA76286CC8F
Requests: 1 HTTP requests in this frame

Frame: https://whos-amung.com/83ltepewr7.html
Frame ID: 876A5710485DB978998C24433F6FC1A4
Requests: 2 HTTP requests in this frame

Frame: https://sportsmix.net/hd-streams.html
Frame ID: 7B1EACDFCEE2C998F0EB8DE1527E2C89
Requests: 1 HTTP requests in this frame

Frame: https://livestotal.net/test.html
Frame ID: F25BDB06F48390232735B4AAE0C12472
Requests: 1 HTTP requests in this frame

Frame: https://xsportshd.com/football-live.html
Frame ID: 927DA5BDB26F900AD98BC4984FE1DBAE
Requests: 10 HTTP requests in this frame

Frame: https://livestotal.net/football-livestream.html
Frame ID: 249D73B06D28944324FD1C6ACC9CA2EB
Requests: 1 HTTP requests in this frame

Frame: https://xsportshd.com/football-streaming-live.html
Frame ID: EB25FD3C463017296FD2FC1443EF6AB3
Requests: 12 HTTP requests in this frame

Frame: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Frame ID: A307325474AFCFE80667FF4B6E45149A
Requests: 17 HTTP requests in this frame

Frame: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Frame ID: AAB0EE060DAD8481EA7DC156C2DCF940
Requests: 1 HTTP requests in this frame

Frame: https://www.vintagetub.com/
Frame ID: 0431BD77105E019C91C670A9DBA9FFE5
Requests: 1 HTTP requests in this frame

Frame: https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.maurices.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684aa5524921b6344099871577c2c5a86c0&source=7add72c8711b449ea56ff14a1578bbe2
Frame ID: 908C4EC64F5082884C4E44365D41BA20
Requests: 2 HTTP requests in this frame

Frame: https://www.grover.com/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
Frame ID: 2FD1DABF6B67B68F8979EE43585A7663
Requests: 3 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=937674&ref=encodeURI
Frame ID: B39BC6B1E59D039FFC5DC6A9EECC85FE
Requests: 1 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: A6A9EB0BED2AFA48D2DD2521895F6FD2
Requests: 2 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: CE07E873944998ABA8C7869B2A6ECA82
Requests: 2 HTTP requests in this frame

Frame: https://www.ssense.com/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
Frame ID: 5621522172DCF004A659D4BF89A51B58
Requests: 2 HTTP requests in this frame

Frame: https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.macys.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684b3e41b2e2a8e449396b4a82b3c497a5b&source=7add72c8711b449ea56ff14a1578bbe2
Frame ID: 0FBFCBC58C7475CE99DB678762697A11
Requests: 2 HTTP requests in this frame

Frame: https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.brownells.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684e14af5972b0747f3a395393c2212d666&source=7add72c8711b449ea56ff14a1578bbe2
Frame ID: E03DC5D2C6BC1B390ABF25A1E2A01219
Requests: 2 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=0e0876085cfb4ed0a39c847fcf79bd5c&oaidts=1633449336
Frame ID: C806162DFFF18AA692BE9F565A5D6CCD
Requests: 2 HTTP requests in this frame

Frame: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Frame ID: AB09F9D1EA5A925566EEA82528B86628
Requests: 17 HTTP requests in this frame

Frame: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Frame ID: 17BF0E22C2C30C88D5E7503221C834EB
Requests: 1 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: 35CBE4A4FE917A09DBB4449EA7464682
Requests: 2 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: F1412225ACE03FD476F34C856AD87096
Requests: 2 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: F516A4A4DABE8FB282348E99F2F8D1C9
Requests: 2 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Frame ID: 231E755977834D8BAE2EE6360B0BF413
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401633449339B04A798EC9BCF83F37
Frame ID: 77425FCE80A3C11F7EE3E638493A721B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best url shortener and highest paying url shortener | Ezie.CC

Page URL History Show full URLs

  1. https://elii.cc/a/KX6PFG?protocol=http&type=default&url=hentai.dl-zip.xyz/goto/turbo.to/8nCY... HTTP 302
    http://elii.cc/tphd HTTP 302
    http://elil.cc/tphd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

226
Requests

86 %
HTTPS

0 %
IPv6

64
Domains

81
Subdomains

57
IPs

12
Countries

2760 kB
Transfer

6186 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://elii.cc/a/KX6PFG?protocol=http&type=default&url=hentai.dl-zip.xyz/goto/turbo.to/8nCY5BwuZMtT.rar HTTP 302
    http://elii.cc/tphd HTTP 302
    http://elil.cc/tphd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://ezie.cc/wp-content/plugins/agreeable-button/e.js HTTP 301
  • https://ezie.cc/wp-content/plugins/agreeable-button/e.js
Request Chain 10
  • http://www.googletagmanager.com/gtag/js?id=UA-58048569-8 HTTP 302
  • https://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Request Chain 11
  • http://mesucces.top/?tid=716641&ref=elil.cc HTTP 302
  • https://mgrwcm.com/dsp/cu/clc?aid=11097574876971682619&t=1633449335&s=486960&sid=1421 HTTP 302
  • https://xsportshd.com/bundesliga-sports-stream.html
Request Chain 12
  • http://mesucces.top/?tid=836701&ref=elil.cc HTTP 302
  • https://get.tfiph.com/?pid=58485&subid=836701&clickid=8674090294287367344 HTTP 302
  • https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
Request Chain 56
  • https://whos.amung.us/cwidget/2i67odvjt3uu/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=106&c=000000ffffff&p=
Request Chain 58
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333 HTTP 301
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Request Chain 60
  • https://whos-amung.com/mghs2021 HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427830&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Request Chain 61
  • https://whos-amung.com/mghs2021 HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427830&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Request Chain 62
  • https://whos-amung.com/83ltepewr7 HTTP 301
  • https://whos-amung.com/83ltepewr7.html
Request Chain 74
  • https://whos.amung.us/cwidget/8qxnu1d28l/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=309&c=000000ffffff&p=
Request Chain 87
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css HTTP 301
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
Request Chain 88
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js HTTP 301
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
Request Chain 95
  • https://whos.amung.us/cwidget/8i0gplj0il/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=269&c=000000ffffff&p=
Request Chain 97
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333 HTTP 301
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Request Chain 99
  • https://whos-amung.com/man99adxo HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4448972&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaabbrJ3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4448972&catid=496&country=DEU&format= HTTP 302
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=03581eba294c4178af16188ac599d059&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=e1311vc7vfva2fee7b HTTP 302
  • http://www.vintagetub.com/ HTTP 301
  • https://www.vintagetub.com/
Request Chain 100
  • https://whos-amung.com/man99adxo HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4448972&p=https://xsportshd.com&tested=2/ HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaabbrJ3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4448972&catid=496&country=DEU&format= HTTP 302
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=d02a4259361147c29b43b61ccbc5834f&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=14dc1vc7vfva2vrc0f HTTP 302
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=4509d5aaa339472fa7d38681f94f2fc0&sct=0&ct=1633449337503&cu=aa5524921b6344099871577c2c5a86c0&ykuid=10b5608279a14690839e1d3addf99267&sc=1&cs=291543c279b5a35513d6dffe607928dd
Request Chain 106
  • https://whos.amung.us/cwidget/8i06wpj0il/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=244&c=000000ffffff&p=
Request Chain 110
  • https://witalfieldt.com/redirect?tid=937674&ref=encodeURI HTTP 302
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMK7hEs7ky1egIQw7qySCN0E7EcH_5IZLpRWDBmXZRGaxQos_5qWMelctIX7PSFWu1BkOe1swRdnM5VVHjKeOEMWEWEatjQH0OkolJzChtcb99a-hz6nOf0-XZySSQK_wpE8sk593LVzcvsI9nisY4r8pEMWSePUpsblL9G8kIDG26sr03HKGhW-E3jfE8z5Ych7EFGmU8ZZQXLP2P-BXxPXryzPol4flDv4wb5634iWNCKSTNki8TEozsS8oV55OZjl5-HkG8oOrEKAxP6hFFj2lu1mXufz-hVEXobOz_td3TOIejpcCFVUmyFZCcu3vSfmsDEtEyLzqHJ3NoHWp9hEDn2PtegDKWi2OrfJTUKsITDKU0g6zclnR-rcM0THb3dYXREilEIyDqvRty7xed9tYG97zE38Si2LpuW8PnNiNLxFRxveKlC-OgEdBQdmsEFqnJWH1dxpQvNS_x7tQlee9msTN020b5J8Lx_uAdQ_WH7gJ0i706yLpXmxGeplAwoHtY0Ikwesosr8T2_tU5gf2hKaDoMX4DWBqazdFHShQxLYaS7c5VANmcuEy-2QnushTuA_qBT12kkvPyRoDwDxE4oDAMmKqICs8-vtwqXJb6UHFeM-O0H-g9pYgIxE4E9HL2unj7mCNwyW2VtjEOAQJsFSYTBtZsx_FhFTKTggiah_JsEhEikUx3pDAkukSg2L5ntdLLYEykg7rd1BgYpACQH8DtTwyTVEe-Ml5xzRCEG6PC3LQzaxf3mNB_PFxeeqgejVIrehRGC0Wy4qwZ9KXvjw6CtHbvZ-r9lIauCLNRfGhhx4CwxKZpR_1AxLBL1yOPWlBh2eC7MOU_APbRDHzuZh0qJZTfP0f7e7Plm3cdolvMisrk30SaUNoHu1KPvWfEFlu4-m5-BjEgSgHYVPENlbqDXjUnQVQw4K1E-HTs-Feat60ijNzUBtLQ9JdmnRXHs3m32_EEaT9y8U6NjsKzLcKOpAXCSBvdsJ7R80MV3nwHYUkLsnZR2mrokr7bOO1sATOyxe_2Gb046BWFbYrfOkXrihRT2g9y825n_D7p-xweZweym0jOd3BX6_7Yt9cnS2WRusm-If8h0pjy6v1C9IGP53SHVBMZOuaAOEa6GjSCQzzuZx-bEPrWyjGokG5b7pbaYnI2elICos3U3_OvP4S6465I4tm-PpnpJU1uPMZFDVi-bv7mh6y2RNxf5w HTTP 302
  • https://p203248.mybetterdl.com/adServe/adClick?ai=IMh5EoW_2OrTzvKh2qDWIiIC3qCm-kdhlx_im4QKWF8G6oyxoFy0vfZNlMvdlRc-dRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2KczI1ZKzU38pW3aR3gvW4R7i5Y678SJ3VmshdVdwFbNPg334K4aOHhI7wU4sz2rYXd-O5n4YDW8Wbgyvg5NtHkJVURRJLUAVgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=w_Wj54-Mm6TV7tX4V9JMK-ZxIFpUrODF5BqBrDJxXOEkKX8VfMaRTTqj9CD5U_9gDoVYfZnF_bbh3NtrIlAl7m4v7yPunPfkaghWqXIpbPeTA8xa4umFYQ&si=1&oref=340f22b73036a304cde7be989a231b88&optunit=YV70-YRSgPHxFaDopTJ88w&rb=O6baiaLhyk4&rr=0&isco=t&abtg=0 HTTP 302
  • https://global.yhit.top/go/553af299-3b05-4f3c-914d-d73d2bcf203e?bid=0.0012&subid=87230488007&source=439841629&campaignname=TD34+-+Grover+DE&geo=DE&device=Desktop&os=Windows+10&browser={browser}&carrier=UNKNOWN HTTP 302
  • https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
Request Chain 117
  • https://witalfieldt.com/redirect?tid=936129&ref=livestotal.net HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-
Request Chain 118
  • https://witalfieldt.com/redirect?tid=936129&ref=livestotal.net HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-
Request Chain 119
  • https://livestotal.net/bu1sh65i HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2 HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58Ubb3a02Zy7T13Old92jcpgmz.jBuZznSuldK66h0rpXSuldK4PsA-&cost=0.000365&source=livestotal.net&varid=42147572&campid=3945856&siteid=916316&zoneid=4427876&catid=496&country=DEU&format= HTTP 302
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=9cd4e25cc7184c60b36468b6f865f992&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=b6560vc7vfva28ne7d HTTP 302
  • https://r.srvtrck.com/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b
Request Chain 120
  • https://livestotal.net/bu1sh65i HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2 HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58Ubb3a02Zy7T13Old92jcpgmz.jBuZznSuldK66h0rpXSuldK4PsA-&cost=0.000365&source=livestotal.net&varid=42147572&campid=3945856&siteid=916316&zoneid=4427876&catid=496&country=DEU&format= HTTP 302
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=d4d5e32ebce247a3bd65b43f46a9097f&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=61ee9vc7vfva23y8ad HTTP 302
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=7631256ad64447aaba5a464e617df142&sct=0&ct=1633449337497&cu=b3e41b2e2a8e449396b4a82b3c497a5b&ykuid=12d90dbb67034bee892f76b26546fa13&sc=1&cs=df60ffb5916cbcda6f42dd00a1467111
Request Chain 121
  • https://livestotal.net/bu1sh65i HTTP 301
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2 HTTP 302
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58Ubb3a02Zy7T13Old92jcpgmz.jBuZznSuldK66h0rpXSuldK4PsA-&cost=0.000365&source=livestotal.net&varid=42147572&campid=3945856&siteid=916316&zoneid=4427876&catid=496&country=DEU&format= HTTP 302
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=240a7713fde148fdba01de22674b5ee9&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=17828vc7vfva302f5 HTTP 302
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=6fbae516cc764398b90dca68131a4812&sct=0&ct=1633449337358&cu=e14af5972b0747f3a395393c2212d666&ykuid=e940d49c6c81420cbcabcaa20a9f992f&sc=1&cs=a5d9e5a6f622656db439f203db7af1ab
Request Chain 124
  • https://live.batstream.tv/images/st_icons.png HTTP 301
  • https://live.batstream.live/images/st_icons.png
Request Chain 145
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css HTTP 301
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
Request Chain 146
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js HTTP 301
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
Request Chain 149
  • https://mc.yandex.com/watch/55348681?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&page-ref=https%3A%2F%2Fxsportshd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A316%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A667404850004%3Ahid%3A455532316%3Az%3A0%3Ai%3A202101005155536%3Aet%3A1633449337%3Ac%3A1%3Arn%3A442256823%3Arqn%3A1%3Au%3A1633449337230160154%3Aw%3A1057x4000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336424%3Ads%3A12%2C34%2C57%2C1%2C69%2C0%2C%2C95%2C14%2C%2C%2C%2C271%3Adsn%3A13%2C34%2C57%2C1%2C69%2C0%2C%2C96%2C15%2C%2C%2C%2C270%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream HTTP 302
  • https://mc.yandex.com/watch/55348681/1?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&page-ref=https%3A%2F%2Fxsportshd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A316%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A667404850004%3Ahid%3A455532316%3Az%3A0%3Ai%3A202101005155536%3Aet%3A1633449337%3Ac%3A1%3Arn%3A442256823%3Arqn%3A1%3Au%3A1633449337230160154%3Aw%3A1057x4000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336424%3Ads%3A12%2C34%2C57%2C1%2C69%2C0%2C%2C95%2C14%2C%2C%2C%2C271%3Adsn%3A13%2C34%2C57%2C1%2C69%2C0%2C%2C96%2C15%2C%2C%2C%2C270%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream
Request Chain 154
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333 HTTP 301
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Request Chain 156
  • https://whos-amung.us/m4v11nok HTTP 301
  • https://witalfieldt.com/redirect?tid=931727&tz=8&ref=xsportshd.com HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--
Request Chain 157
  • https://whos-amung.us/m4v11nok HTTP 301
  • https://witalfieldt.com/redirect?tid=931727&tz=8&ref=xsportshd.com HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk
Request Chain 158
  • https://whos-amung.us/kadmvn2l HTTP 301
  • https://witalfieldt.com/redirect?tid=918505&tz=8&ref=xsportshd.com HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-
Request Chain 159
  • https://whos-amung.us/kadmvn2l HTTP 301
  • https://witalfieldt.com/redirect?tid=918505&tz=8&ref=xsportshd.com HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh
Request Chain 173
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css HTTP 301
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
Request Chain 174
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js HTTP 301
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
Request Chain 184
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-&p=https%3A%2F%2Fadmaven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 185
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-&p=https%3A%2F%2Fadmaven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 186
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-&p=https%3A%2F%2Fad-maven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 188
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--&p=https%3A%2F%2Fadmaven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 189
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh&p=https%3A%2F%2Fad-maven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 190
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk&p=https%3A%2F%2Fadmaven.com&tested=1&check=6f9875fb4130ece9b6c0e092d1d1efb4&screen_resolution=1600x1200&container_resolution=0x0&iframe=1 HTTP 302
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJpIjoiMSJ9 HTTP 303
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 303
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 308
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA HTTP 307
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Request Chain 191
  • https://clk.omgt4.com/?PID=40182&AID=1992587&UID=PaN5B3odQ224dz-pIdJ-jg HTTP 301
  • https://track.omguk.com/c?PID=40182&AID=1992587&UID=PaN5B3odQ224dz-pIdJ-jg HTTP 302
  • https://ad.admitad.com/g/c7w0ecf1cs8cec8777e4fda6b4e78f/?subid=f1c7ebf144cf41468d7b2218b089ab5f&subid1=1992587&subid2=&subid3=2196012&subid4=40182&ulp=https%3A%2F%2Fwww.ssense.com%2Fen-in%3F HTTP 302
  • https://prf.hn/click/camref:1100l3dN4/pubref:f52c2698e6bd89934dce2a7f93120e21/adref:987837/destination:https%3A%2F%2Fwww.ssense.com%2Fen-in%3F HTTP 302
  • https://www.ssense.com/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
Request Chain 195
  • https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9 HTTP 302
  • https://www.grover.com/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
Request Chain 215
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37
Request Chain 216
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401633449339B04A798EC9BCF83F37 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=09a6ee1e-97df-4da3-baaf-aaeb2289f18e&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=36b0a5d26796a73a

226 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tphd
elil.cc/
Redirect Chain
  • https://elii.cc/a/KX6PFG?protocol=http&type=default&url=hentai.dl-zip.xyz/goto/turbo.to/8nCY5BwuZMtT.rar
  • http://elii.cc/tphd
  • http://elil.cc/tphd
97 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c2dfd7f51fec71cbda4acde4f28dd5259d2c46791134e09b4e96f53c6450e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
elil.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; expires=Tue, 12-Oct-2021 15:55:35 GMT; Max-Age=604800; path=/ _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hX3J%2B8zhsyOTLPYAwUtoyRoJmyWFqtaV5s6wAtYxwpF5fwMYaAqDOwdAnAyUhpd1Kmw7C1BbUilJ2jTDbh07xwMw03S2XUsu%2FlBbR6KbiLvhQwydoOGyz0hm"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6997d5c8192d0621-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
PHPSESSID=jse3mr35akrrkdc0sqr2k2755g; expires=Tue, 12-Oct-2021 15:55:34 GMT; Max-Age=604800; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
http://elil.cc/tphd
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa83WUPIkjANZzSBAJ9K0xBSZ1beDvni8oEgKGcrerrhQdjEcN0qi8ZyolSH02TamV8xNWpOHQNUwCjMGC676Ndt2lA4%2FiXiW0U33ytiOFE4nAaq2Fs3Aefs"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6997d5c70a5d5c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 05 Oct 2022 15:36:04 GMT
reqe.js
elil.cc/ 		164 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://elil.cc/reqe.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050c5bdae1e972916c7f91787c1a1d4977393f7f9015088106623795d751193e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 10 Jun 2021 06:24:56 GMT
Server
cloudflare
etag
W/"60c1b038-a4"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxXbGKLGbKqaJa3J7KPM3FCPMZupWDcjevnlGUVoA%2FB7Aag%2BofJwfGCG4IFuUhTwfeJJg8gUGfSZ2S99bOrJd9z2vEcwlagTzi%2FeLADYo50f0auFIEcfWqeU"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
cache-control
max-age=16200 public must-revalidate
CF-RAY
6997d5c9ccd80621-FRA
expires
Tue, 05 Oct 2021 20:25:35 GMT
c.js
elil.cc/advertisement/ 		74 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
http://elil.cc/advertisement/c.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
449cc02ec1f9313329a51cc3f63a4e95162d71d6cee20a99a1a91a3e8eef13bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 May 2019 07:53:22 GMT
Server
cloudflare
etag
W/"5cd52df2-4a"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90EF3q7J%2FDH9ZKmDEV4TSyBSoxd6USD%2F99NLBVmZEvoBtMvyATTEexRTX03qsQ7NnnEhVnGV6Wa34IKySD4TDWm4BzRwrZlwXKX2UoWJJ0jmGnDWfPKvtdz1"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
cache-control
max-age=16200 public must-revalidate
CF-RAY
6997d5c9de4b6925-FRA
expires
Tue, 05 Oct 2021 20:25:35 GMT
b.js
elil.cc/wp-content/plugins/agreeable-button/ 		80 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
http://elil.cc/wp-content/plugins/agreeable-button/b.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb4a87cc7f7191c2f47ac201c7af28e250ff0ca1309d40815caed04e1300244c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 May 2019 07:53:22 GMT
Server
cloudflare
etag
W/"5cd52df2-50"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z63xNxyVyxKcLLmhtu%2F1xnRvg5Lyzpz%2FgLaCr%2FedByHi7IEwDOxG9oQnhlASy577T5u1sRwrX%2FWKFj38WiPeBfMrmnCxjW%2FbpK8wNN%2BNGQH1iSKdgvTAtzzH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
cache-control
max-age=16200 public must-revalidate
CF-RAY
6997d5c9ddf842cf-FRA
expires
Tue, 05 Oct 2021 20:25:35 GMT
e.js
ezie.cc/wp-content/plugins/agreeable-button/
Redirect Chain
  • http://ezie.cc/wp-content/plugins/agreeable-button/e.js
  • https://ezie.cc/wp-content/plugins/agreeable-button/e.js
64 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ezie.cc/wp-content/plugins/agreeable-button/e.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e18c8d3cc1bfd017dec81599c4e10819432f1d656f55d47aeaee3f71b3d9e6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13401
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 May 2019 07:53:22 GMT
server
cloudflare
etag
W/"5cd52df2-40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3EaJk3JVRao1cxw6R1PPGSalq1ySsQ%2FtuhfMOaG0N6J26Np552UiL2eokVs2NIcw96%2BmhpsO5BA7wSbSaFavXTSCNYHZsAitIGyoai6ao9pbbMFI%2BOAga1k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16200, must-revalidate
cf-ray
6997d5ca3be39796-FRA
expires
Tue, 05 Oct 2021 16:42:14 GMT

Redirect headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B%2BmAd6C5KKgiNIBGF%2BP598%2B9EVe7cDPQzNt7jMk0CVxCjHs9BqmVGdzZJqUekdvFNg7Q27FHfdaroFNLscqUQwR7rJ1aPYWVBxqbvS0r6QQQM1TcmeEkPJh"}],"group":"cf-nel","max_age":604800}
Location
https://ezie.cc/wp-content/plugins/agreeable-button/e.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6997d5c9fad04a55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires
Tue, 05 Oct 2021 16:55:35 GMT
i.css
elil.cc/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://elil.cc/i.css
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033fd51c17218a936f832d876dbfe5410828b11edcaec9f3809c9192186e57d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 May 2019 07:53:22 GMT
Server
cloudflare
etag
W/"5cd52df2-78c"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XviB%2Bz7V7VrPnTZrkkNNJdNQb2TDUhppdhLT7awKWtcJ0%2BaDQ09td4G2wSdpSC%2FufjyL7Ol0OsjEufee%2BokJcf%2BgRpPNyUy%2FzCFC9Sgn9zJ6DJIzxwSHXdN"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
max-age=16200 public must-revalidate
CF-RAY
6997d5c9deff5caa-FRA
expires
Tue, 05 Oct 2021 20:25:35 GMT
popunder1000.js
a.exosrv.com/ 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/popunder1000.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
e98c4fb9bacf817f58739b70ce79ae94a6982de6d212064864494dc75d65582f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"a9ac2c0f2169ea0c9300db96502"
X-HW
1633449335.dop016.fr8.t,1633449335.cds151.fr8.shn,1633449335.cds151.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40035
l.png
elil.cc/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://elil.cc/l.png
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5514224901b51d070f5ffe161d4a83c7b49d1156ce3fb41f1587dfbc1aff08a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
6724
x-xss-protection
1; mode=block
last-modified
Fri, 10 May 2019 07:53:22 GMT
Server
cloudflare
etag
"5cd52df2-1a44"
x-frame-options
SAMEORIGIN
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ilQq5OUFmJ6G70zJMpyh539vxMLTbpHQRYpKt8KWCxYC3olsRIp9Il72%2BEB3Zta7X70Iw7OK90a0V%2FB9TMjTYy9fIxkcT7llvxz%2F1ZbBX86Cs74F664haXA"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
accept-ranges
bytes
CF-RAY
6997d5ca687b5caa-FRA
pdev.js
elil.cc/pdev/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://elil.cc/pdev/pdev.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.21.60.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09ca65246f5fb9974bd4995d98a1ac6abb2ecd94a6070973a2245568bbf8b66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://elil.cc/tphd
Cookie
PHPSESSID=ncofdo0egfml45uugspihmcdj3; _csrf=acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/tphd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 05 Oct 2021 15:17:02 GMT
Server
cloudflare
etag
W/"615c6c6e-c02"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS5eDUALpdktbgs%2BhyGXUrCylHWraAj9G%2Bb6%2FrpjKwuCZdASKhdpQy32KPO9rZpBiGEPOmJlCi2flbHk2cruUgFR%2BOzfSq0Trn%2Bs9b1OPwygDvq4fW5KU1lB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
cache-control
max-age=16200 public must-revalidate
CF-RAY
6997d5ca3f6c42cf-FRA
expires
Tue, 05 Oct 2021 20:25:35 GMT
jquery.gray.min.js
www.premiumvertising.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.premiumvertising.com/jquery.gray.min.js
Requested by
Host: elil.cc
URL: http://elil.cc/pdev/pdev.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e5bdb34ad5e82984176f24ec0227b2304182062dbba928f25e44d9c1bc1c0c2d

Request headers

Referer
http://elil.cc/
Origin
http://elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
br
x-77-cache
MISS
x-cache
EXPIRED
x-age
609391
alt-svc
quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1ryw628rLb0wJAA==
x-accel-expires
@1634054135
server
CDN77-Turbo
x-77-nzt-ray
Ih5C972CLeU=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://premiumvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Tue, 12 Oct 2021 15:55:35 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=UA-58048569-8
  • https://www.googletagmanager.com/gtag/js?id=UA-58048569-8
96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
aa8f47f07c441804f131794a07a7a0fdbd9cf5cea4a9af0bf4f41fcceadd8ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38975
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:35 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Date
Tue, 05 Oct 2021 15:55:35 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
254
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
bundesliga-sports-stream.html
xsportshd.com/ Frame 8FC8
Redirect Chain
  • http://mesucces.top/?tid=716641&ref=elil.cc
  • https://mgrwcm.com/dsp/cu/clc?aid=11097574876971682619&t=1633449335&s=486960&sid=1421
  • https://xsportshd.com/bundesliga-sports-stream.html
36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/bundesliga-sports-stream.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6287966e859b08859357def883a1d0f51794c89a678d065048375b54b497a0cd

Request headers

:method
GET
:authority
xsportshd.com
:scheme
https
:path
/bundesliga-sports-stream.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://elil.cc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Wed, 15 Sep 2021 16:57:16 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZVOHclFF2uus3oZtK4Qy16esGGYeVz3ar6T0C54NAywvi9Q0gU2QJ%2BjeCnBM3%2B%2BENwiqXEcRLyPWvS4TQD2lgWGKqp4Qnr9dz0cNz77hRWbum%2F7Cc1MisdGXxUhxbGe"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5cf9b842790-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.18.0
date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=utf-8
content-length
173
location
https://xsportshd.com/bundesliga-sports-stream.html
/
get.pdf-searchz.com/ Frame 44FF
Redirect Chain
  • http://mesucces.top/?tid=836701&ref=elil.cc
  • https://get.tfiph.com/?pid=58485&subid=836701&clickid=8674090294287367344
  • https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b0aada0c619ee2851c2b574038b0037aa1d0ff22bd40d18996474cda2c69e006
Security Headers
Name Value
Content-Security-Policy default-src 'self' b6u2w2z4.ssl.hwcdn.net; img-src * data:; media-src 'self' b6u2w2z4.ssl.hwcdn.net data:; connect-src 'self' b6u2w2z4.ssl.hwcdn.net *.notify-service.com *.trackjs.com dc.services.visualstudio.com; script-src 'self' 'nonce-pgican2qzz' *.trackjs.com *.vo.msecnd.net dc.services.visualstudio.com b6u2w2z4.ssl.hwcdn.net code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.googlesyndication.com *.googletagmanager.com; style-src 'self' b6u2w2z4.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com fonts.googleapis.com b6u2w2z4.ssl.hwcdn.net; frame-src b6u2w2z4.ssl.hwcdn.net *.pdf-searchz.com

Request headers

:method
GET
:authority
get.pdf-searchz.com
:scheme
https
:path
/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://elil.cc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=utf-8
cache-control
private
pragma
no-cache
expires
0
vary
Accept-Encoding
set-cookie
uid=a500afed-d461-434c-97e9-14aad5276d29; domain=.pdf-searchz.com; expires=Sat, 05-Oct-2041 15:55:36 GMT; path=/ ARRAffinity=da08aa2179b99a162682da0c3bcfede9eb48fb04b551c343ca0b60a0a5f219b3;Path=/;HttpOnly;Domain=get.pdf-searchz.com
x-aspnetmvc-version
5.2
content-security-policy
default-src 'self' b6u2w2z4.ssl.hwcdn.net; img-src * data:; media-src 'self' b6u2w2z4.ssl.hwcdn.net data:; connect-src 'self' b6u2w2z4.ssl.hwcdn.net *.notify-service.com *.trackjs.com dc.services.visualstudio.com; script-src 'self' 'nonce-pgican2qzz' *.trackjs.com *.vo.msecnd.net dc.services.visualstudio.com b6u2w2z4.ssl.hwcdn.net code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.googlesyndication.com *.googletagmanager.com; style-src 'self' b6u2w2z4.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com fonts.googleapis.com b6u2w2z4.ssl.hwcdn.net; frame-src b6u2w2z4.ssl.hwcdn.net *.pdf-searchz.com
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT%2FdIoj7lQVyVoJtMjCsczdyfRIebW0XptI21njFYIcpJcIqjwdlvbHoLjlZpPl2xt70QSnmqK7y8yq2E5pARRWEZCyj%2B8E5zLoHVNLFsjD9mFW68y2bHQgjbNjGL0mJXeHhY94c"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5ce2ce7698f-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:35 GMT
content-type
text/html; charset=utf-8
cache-control
private
pragma
no-cache
expires
0
location
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
set-cookie
uid=a500afed-d461-434c-97e9-14aad5276d29; domain=.tfiph.com; expires=Sat, 05-Oct-2041 15:55:35 GMT; path=/ ARRAffinity=1c5c29bcda1f855b3b361d64bb5c7ead5fec452c7427aa2499563d7dbfee3122;Path=/;HttpOnly;Domain=get.tfiph.com
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4%2FnUass7oCp4FuZJ3pB2lwrU54voNq%2F9MPWXlBx3wOPtXgr2SFAPuByqdssbb5wb4xXpm9gjuSqroeO8tPMYY641YJNo33kZ7zD%2BZQAZuKSuT39k2M1B43bo67M1Shi"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5cd2bf427bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4118
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
collect
www.google-analytics.com/j/ 		1 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=545318677&t=pageview&_s=1&dl=http%3A%2F%2Felil.cc%2Ftphd&ul=en-us&de=UTF-8&dt=Best%20url%20shortener%20and%20highest%20paying%20url%20shortener%20%7C%20Ezie.CC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=364019552&gjid=655861028&cid=662959126.1633449336&tid=UA-58048569-8&_gid=225716900.1633449336&_r=1&gtm=2ou9r0&z=3106019
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://elil.cc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://elil.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=545318677&t=event&_s=2&dl=http%3A%2F%2Felil.cc%2Ftphd&ul=en-us&de=UTF-8&dt=Best%20url%20shortener%20and%20highest%20paying%20url%20shortener%20%7C%20Ezie.CC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=users_id&ea=interstitial&el=x1230x&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=662959126.1633449336&tid=UA-58048569-8&_gid=225716900.1633449336&gtm=2ou9r0&z=385934853
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 18:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=545318677&t=event&_s=3&dl=http%3A%2F%2Felil.cc%2Ftphd&ul=en-us&de=UTF-8&dt=Best%20url%20shortener%20and%20highest%20paying%20url%20shortener%20%7C%20Ezie.CC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=url_id&ea=interstitial&el=x450988x&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=662959126.1633449336&tid=UA-58048569-8&_gid=225716900.1633449336&gtm=2ou9r0&z=956419288
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 18:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.premiumvertising.com
URL: https://www.premiumvertising.com/jquery.gray.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:35 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
9322701
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6997d5cd4d265b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 05 Nov 2021 15:55:35 GMT
/
6.adsco.re/ 		0
381 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Origin
http://elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:35 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
http://elil.cc
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6997d5cd9ea96937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
4.adsco.re/ 		0
453 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Origin
http://elil.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://elil.cc
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon223
Access-Control-Allow-Origin
http://elil.cc
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		48 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
7fb7daed6210b600dd67416ced5d21c659b5de5b5c137d3bc501a646df29453c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://elil.cc
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://elil.cc
Access-Control-Max-Age
2592000
Cache-Control
private, max-age=10
Connection
keep-alive
CF-RAY
6997d5cd8c2a176a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
0
/
vh6clmlda24z.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vh6clmlda24z.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
vh6clmlda24z.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vh6clmlda24z.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
vh6clmlda24z.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vh6clmlda24z.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://elil.cc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Oct 2021 15:55:37 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame FB5F 		62 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Host
c.adsco.re
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://elil.cc/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/

Response headers

Date
Tue, 05 Oct 2021 15:55:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
public, max-age=2678400
Link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires
Fri, 05 Nov 2021 15:55:35 GMT
ETag
W/"2Ma3006J78KgzL0RD+7gUg=="
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
9322701
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6997d5cd8fbd6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
6.adsco.re/ Frame FB5F 		0
525 B 		Other
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://c.adsco.re/
Origin
http://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://c.adsco.re
Access-Control-Max-Age
2592000
Cache-Control
private, max-age=10
Connection
keep-alive
CF-RAY
6997d5ceaeaf176a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
0
/
4.adsco.re/ Frame FB5F 		0
456 B 		Other
General
Check archive.org
Download Go to
Full URL
http://4.adsco.re/
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://c.adsco.re/
Origin
http://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ Frame FB5F 		62 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
104.17.167.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
9322702
ETag
W/"2Ma3006J78KgzL0RD+7gUg=="
Vary
Accept-Encoding
Content-Type
text/html
Link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Cache-Control
public, max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6997d5cecaf46955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires
Fri, 05 Nov 2021 15:55:36 GMT
/
get.pdf-searchz.com/ Frame 44FF 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
76e352b1bedaef20cb99ab1d00d7f04bc949fc502c569d9c958bde2c3b1bf7b5
Security Headers
Name Value
Content-Security-Policy default-src 'self' b6u2w2z4.ssl.hwcdn.net; img-src * data:; media-src 'self' b6u2w2z4.ssl.hwcdn.net data:; connect-src 'self' b6u2w2z4.ssl.hwcdn.net *.notify-service.com *.trackjs.com dc.services.visualstudio.com; script-src 'self' 'nonce-pgican2qzz' *.trackjs.com *.vo.msecnd.net dc.services.visualstudio.com b6u2w2z4.ssl.hwcdn.net code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.googlesyndication.com *.googletagmanager.com; style-src 'self' b6u2w2z4.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com fonts.googleapis.com b6u2w2z4.ssl.hwcdn.net; frame-src b6u2w2z4.ssl.hwcdn.net *.pdf-searchz.com

Request headers

:method
POST
:authority
get.pdf-searchz.com
:scheme
https
:path
/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
content-length
76
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://get.pdf-searchz.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://get.pdf-searchz.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=utf-8
cache-control
private
pragma
no-cache
expires
0
vary
Accept-Encoding
set-cookie
uid=a500afed-d461-434c-97e9-14aad5276d29; domain=.pdf-searchz.com; expires=Sat, 05-Oct-2041 15:55:36 GMT; path=/ ARRAffinity=da08aa2179b99a162682da0c3bcfede9eb48fb04b551c343ca0b60a0a5f219b3;Path=/;HttpOnly;Domain=get.pdf-searchz.com
x-aspnetmvc-version
5.2
content-security-policy
default-src 'self' b6u2w2z4.ssl.hwcdn.net; img-src * data:; media-src 'self' b6u2w2z4.ssl.hwcdn.net data:; connect-src 'self' b6u2w2z4.ssl.hwcdn.net *.notify-service.com *.trackjs.com dc.services.visualstudio.com; script-src 'self' 'nonce-pgican2qzz' *.trackjs.com *.vo.msecnd.net dc.services.visualstudio.com b6u2w2z4.ssl.hwcdn.net code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.googlesyndication.com *.googletagmanager.com; style-src 'self' b6u2w2z4.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com fonts.googleapis.com b6u2w2z4.ssl.hwcdn.net; frame-src b6u2w2z4.ssl.hwcdn.net *.pdf-searchz.com
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AJyOH5Xzvi4S8mQm7zxQuYjkBjZ%2BRdSU0LzN6QZ3e59hAE7aOAEBWwgSks0S2ypNGXSHOPmB3iK%2B8GYJyuQZrNxkPbKkVa9HCSyfEQpE2ITxMtY%2FbXN%2FDtW7qnIWmOxgFrYNuIF"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5ceea3f699b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
6.adsco.re/ Frame FB5F 		0
0
/
4.adsco.re/ Frame FB5F 		0
0
css
fonts.googleapis.com/ Frame 44FF 		8 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
aa32ea4be3b91134be7c0b593cc197d742bc826c941ed3a29908de8c12253b04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:02:56 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
css
fonts.googleapis.com/ Frame 44FF 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:30:39 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
css
fonts.googleapis.com/ Frame 44FF 		3 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:29:20 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
user-action-elements.css
b6u2w2z4.ssl.hwcdn.net/common/styles/ Frame 44FF 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b6u2w2z4.ssl.hwcdn.net/common/styles/user-action-elements.css?v=4.82
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
fd6d7d8c896480587169a9f2b9c2c0cc7c414ba64f0ef2f160081c824c0e3dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Content-Encoding
gzip
Last-Modified
Sun, 08 Nov 2020 08:54:26 GMT
ETag
"1604825666"
X-HW
1633449336.dop016.fr8.t,1633449336.cds278.fr8.shn,1633449336.dop016.fr8.t,1633449336.cds246.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4231
style.css
b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/PDFSearchz/resources/styles/m/ Frame 44FF 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/PDFSearchz/resources/styles/m/style.css?v=5.75
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
754f859ed1cafaccc87a9cdedb2403b491ccec1395941b1b7e10caa6f5981f2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 08:18:23 GMT
ETag
"1627892303"
X-HW
1633449336.dop016.fr8.t,1633449336.cds054.fr8.shn,1633449336.dop016.fr8.t,1633449336.cds056.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1438
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 44FF 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1024474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d9dWtRogbk9aSuVdc2lGMFbpmS9UPIxIALw28HaD4%2BuJ9kqwe7Q3j1M3TUDXAPoOGTR3ByAjGZcdA07NrOTYW%2FVEk7nXoFpW7ndoyfL3QvheynhQSTYR8svvAwQtgBvfjHQHQP1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6997d5cf9a40bed8-FRA
expires
Sun, 25 Sep 2022 15:55:36 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/ Frame 44FF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2417055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
772
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXAbuNw6Fw4irdqTkXX%2FgdUyECN6rhnZWcR%2BPgl2Q49F6o6UVoLfNHtho%2BZg67td7dyUDgRhubom51cjh2HjjwziYSIBhtpJ1qhtG4d106we21ufyANMY669urjkLNHCa7qssMTj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6997d5cf9a41bed8-FRA
expires
Sun, 25 Sep 2022 15:55:36 GMT
main.6F8F57715090DA2632453988D9A1501B.js
b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/ Frame 44FF 		90 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4555bd4808d5965ddde8e83772e4ad0847078c778e843bb3dd26ee2328fdc3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 08:18:22 GMT
ETag
"1627892302"
X-HW
1633449336.dop016.fr8.t,1633449336.cds278.fr8.shn,1633449336.dop016.fr8.t,1633449336.cds142.fr8.c
Content-Type
application/unknown
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20971
email-decode.min.js
get.pdf-searchz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 44FF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: get.pdf-searchz.com
URL: https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2C5433gQSAInxcCpzLPec%2BbWonraFAbRXLcfulWjpfNB%2BLyuUynlkicIckJMZ5bn3DPmxg0ZcSSjVuJp%2Bpjc%2BdAk3fk0Hy7zHD1irf9KtS87sh0iknVhIAbmTYQM5L5dyu2NZ8t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6997d5cf7bcb699b-FRA
vary
Accept-Encoding
expires
Thu, 07 Oct 2021 15:55:36 GMT
truncated
/ Frame 44FF 		544 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5edc99996d04888432ff40494a8dd8c2b13f710f321d73ede1c8d29212a8503f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44FF 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
chrome-store-logo.png
b6u2w2z4.ssl.hwcdn.net/common/images/ Frame 44FF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b6u2w2z4.ssl.hwcdn.net/common/images/chrome-store-logo.png
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/PDFSearchz/resources/styles/m/style.css?v=5.75
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e155a56cf73ff11bbbab7400f263c3dc311f81de1e42ac2e7240259d414733d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/PDFSearchz/resources/styles/m/style.css?v=5.75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Tue, 21 Jan 2020 13:02:02 GMT
ETag
"1579611722"
X-HW
1633449336.dop016.fr8.t,1633449336.cds278.fr8.shn,1633449336.dop016.fr8.t,1633449336.cds142.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9171
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 44FF 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://get.pdf-searchz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:06:43 GMT
x-content-type-options
nosniff
age
427733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16736
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:06:43 GMT
delay_page_1.html
b6u2w2z4.ssl.hwcdn.net/common/html/ Frame 3B83 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
3a64b1c74a237fde0881933683b8d7099ce7906a4cfb67ab9c87a9166d4adc61

Request headers

Host
b6u2w2z4.ssl.hwcdn.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://get.pdf-searchz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://get.pdf-searchz.com/

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Connection
Keep-Alive
ETag
"1574955449"
Cache-Control
max-age=31536000
Content-Length
2197
Content-Type
text/html
Last-Modified
Thu, 28 Nov 2019 15:37:29 GMT
Accept-Ranges
bytes
X-HW
1633449336.dop016.fr8.t,1633449336.cds278.fr8.shn,1633449336.dop016.fr8.t,1633449336.cds142.fr8.c
Access-Control-Allow-Origin
*
log
get.pdf-searchz.com/ Frame 44FF 		6 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL2iJmK2Fn0LGWlOlsLnH5YnAKcdcRM%2BXnGoU5mfO%2Bpx9R867%2FGpj6htGBECmSphKDjGlrwopIi1A4ojwK5UiUM4ptqb%2FO7hSDlbfOJCBKBGw7GGuttWMoM7RLDZAwzZGziHwLZV"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d08e6c699b-FRA
log
get.pdf-searchz.com/ Frame 44FF 		6 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngTJ6TbQ2u1yKcqzJRCgH%2FkVNZpdY4WHkfhiPsgbdWBTtIdIeJZj%2BKbjr4HC2nxyjCNFyKpdHo1kZ18aZMk0gLTy8Uuj2a5taBXKc8ICS4cnax9rXsp%2B%2F%2FvH5O%2Br%2B1pKUdU7My7e"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d08e6f699b-FRA
log
get.pdf-searchz.com/ Frame 44FF 		6 B
803 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWF1lKppe0%2BwDsAiSgb5jWLkwgnFdeQJ7YCLhw7kLyFtBZWYsOwl6uoJNnoCjwdlnfjJVP7F6Ut9TaZ3GFhmPVS3A4BLhTEb86bwVC3cZimiOU4Cmes%2BU7gpvkYSsN6Wj%2B5kaUs%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d08e74699b-FRA
log
get.pdf-searchz.com/ Frame 44FF 		6 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=We8qPawwWy8AjHI8%2Fj8fTXcmbPi6iqqZc3m27122RzPOTh9Mme%2B0W0qZ1Vfqmtio0UCoj9q5JUasZLngfhY38nQ2M%2BMfyEml%2FSyVC5L5Kyfwnh%2BS99f0z%2FtHYAscgSILe2bm8xH4"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d08e76699b-FRA
log
get.pdf-searchz.com/ Frame 44FF 		6 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1ev1N5u5QXbVAPb7j6I9Kw6c7ypVMi4BQXvadT4ll3eUcnFu1c25MZ8I6hATAwWQ9DAy%2FCsRZo9DoWzq0iK6SiQzPrPHbMRHFVfqRt10G8RQNLWF0bFu7gx3q9HJsOug%2F7WwtRw"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d08e78699b-FRA
p
adsco.re/ 		167 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
6999b96e056384e1d9e94d3e917625826c15953ff156ec70482db911fa2e881e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

AS-P-G
OK
Date
Tue, 05 Oct 2021 15:55:36 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon223
Access-Control-Allow-Origin
http://elil.cc
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
superhero.css
xsportshd.com/data/ Frame 8FC8 		178 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/data/superhero.css
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=184373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Jan 2021 19:16:10 GMT
server
cloudflare
etag
W/"6008817a-2d035"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUPk48jWIT2CnaAiNRo0LVid0Q3cpsvy82IOOlfINfDJ1pK0y5LyKIK2zeeD7q39qskmqHgCt0j%2Bcy6ICRB%2BYh8BBb9Sji2umSwDvG0D3JxC3CZKA%2B8ws%2F1C8vNDx8c4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6997d5d0de1227bc-PRG
cf-bgj
minify
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8FC8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4bf6909aa9da20da03c41369409a6430122b37326621e2f7dc6188cd1a21f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi1N3i0JzedlSammoVVSR8tY%2BFjiCaBr5hPJB%2B5srrLE3Ob8m4adllO981LD2ZIx51QRZqziboLkOYDk%2FMA80YnENiYWCUM0kIIWCVshx%2F%2FkFvJbty0PWJZbX5KM92UM"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6997d5d0de1427bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo.png
www.xsportshd.com/ Frame 8FC8 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xsportshd.com/logo.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18954
last-modified
Sun, 24 Sep 2017 14:44:30 GMT
server
cloudflare
etag
"59c7c4ce-4a0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTa%2B08i%2BE1YSfQF%2FsTwVnjfZ%2B9hXSiz0DxWvxpGoiNAiVQ13rSUsghS5sRLehXOcnPqMrJb8oiksrsrc3lh1Ya99sQxC4SVkriFCKwUK65Yos%2B2HDfGilGkIpp6dyKl8irRZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d0bc1e2790-PRG
/
widgets.amung.us/draw/ Frame 8FC8
Redirect Chain
  • https://whos.amung.us/cwidget/2i67odvjt3uu/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=106&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=106&c=000000ffffff&p=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9456e4730ea5bb2c48c298d0b2045b2a63377f9db6151bb5fff6fd799bed3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Oct 2021 19:34:49 GMT
server
cloudflare
age
73247
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
6997d5d2fb7705d8-FRA
expires
Tue, 05 Oct 2021 19:34:49 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=106&c=000000ffffff&p=
date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 8FC8 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHUIhwOyNefJSeGO8%2FTRfnhx%2BooNaISNP42jPM0LvVVNNSC5ezYdK6G17pSp3uIMgleYnq9dAqwF6qL44gM9hr%2Fe80abjb%2BT5XdplcDBRc8Afbt%2F6zpvsUCdrTs5KgNe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6997d5d0de1327bc-PRG
vary
Accept-Encoding
expires
Thu, 07 Oct 2021 15:55:36 GMT
/
live.batstream.live/ Frame C6C1
Redirect Chain
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EB...
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=...
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f535555c81eb0cb64e623a7d5b9f79e69e314420b8618af1a0926bdbe66eda

Request headers

:method
GET
:authority
live.batstream.live
:scheme
https
:path
/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xsportshd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyCaFPVqfAIgboYR0D5ovKARYWNjr0%2FbUOxwdDsuyaDS912bVD6ft7GohRcNWuoGnbi%2Frk9FzTEoSBOuD52ejcqdM0ezawF6H19l26itrXEDJRGG3UtTcQdYF8CvBbpb3TDvINNo"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d16da34131-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
max-age=3600
expires
Tue, 05 Oct 2021 16:55:36 GMT
location
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRxgiRfhKTgGHB15DTEfinNpyUI%2FH1eMgH7bfhPW5kAGM0KOQoq5ULzefsYwLe0RRD0LMfrS4O0lEOzQQcOIMZN%2Bki%2BbnycBCx6PIpGKBeNyZ15DxJmFdMOarEw78trYm%2Fu05A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6997d5d0fa41f9e6-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tb1
free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/ Frame E50D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8f819dfb45cbd32371a14485edeb9ef05ac1d7a9d9d71e10d193d80bead2b32

Request headers

:method
GET
:authority
free.timeanddate.com
:scheme
https
:path
/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xsportshd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/

Response headers

content-encoding
gzip
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
content-type
text/html; charset=UTF-8
accept-ranges
bytes
date
Tue, 05 Oct 2021 15:55:36 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4075-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633449336.472208,VS0,VE6
vary
Accept-Encoding
content-length
1799
click.php
abc.wwija.com/ Frame 1A6E
Redirect Chain
  • https://whos-amung.com/mghs2021
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427830&p=https://xsportshd.com&tested=2/
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6...
0
0
click.php
abc.wwija.com/ Frame 5976
Redirect Chain
  • https://whos-amung.com/mghs2021
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427830&p=https://xsportshd.com&tested=2/
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6...
0
0
83ltepewr7.html
whos-amung.com/ Frame 876A
Redirect Chain
  • https://whos-amung.com/83ltepewr7
  • https://whos-amung.com/83ltepewr7.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whos-amung.com/83ltepewr7.html
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290503e0cf13bd5eb6daa2bb2eb6cdcdded18114a330d6810b9377e3069ec8e9

Request headers

:method
GET
:authority
whos-amung.com
:scheme
https
:path
/83ltepewr7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xsportshd.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Tue, 05 Oct 2021 14:05:45 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaCjm30s%2BmrQd6pAfEr7nPvayS0WCiAHX1UeDVsltyYdEgMTcRPZo0fuNmHK96fNeNW54Elg0IOmBwNZn%2BflgJ8odz2H51nVydh8DNLGumS3UDzWgpAt9unMUU48uaMzWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d12af1412b-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
max-age=3600
expires
Tue, 05 Oct 2021 16:55:36 GMT
location
https://whos-amung.com/83ltepewr7.html
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPPomoO5fJtih5VFivIJRuWP8j0zsREjNkodbccph%2FM%2BcrD%2B3wvk6EdgsHTQjM1%2BEqDINUi12437OVeMcSPMw1WhcM9W0eRb4TZSgMaE30NzxP9uOqthgchhvpjr%2FEa9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6997d5d0f90e4113-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ Frame 3B83 		8 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
a305a9e14c5852c296a66f10820d7e4ecf37ff45c29af215f2bb0f3ad9e0dca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 13:57:18 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
modal-store-icon.png
i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/ Frame 3B83 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/modal-store-icon.png
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
228f4f839bc49b61092dac659b6e430daf45019a7ae365917888724a9804aa75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Mon, 23 Nov 2020 14:12:03 GMT
ETag
"1606140723"
X-HW
1633449336.dop016.fr8.t,1633449336.cds243.fr8.shn,1633449336.cds243.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1353
loader.gif
i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/ Frame 3B83 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/loader.gif
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
f8f99b13b5fdd3bd1e80437c0f0e60baab0930474f42d3448832bea73e2028e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Wed, 25 Nov 2020 15:32:42 GMT
ETag
"1606318362"
X-HW
1633449336.dop016.fr8.t,1633449336.cds267.fr8.shn,1633449336.cds267.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24475
modal-image1.png
i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/ Frame 3B83 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/modal-image1.png
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
268bc7d3bb8fa98130c3de0cdf0ba81950ace5d6f946b6f32aa22fe2721dfda0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Tue, 23 Jun 2020 08:29:07 GMT
ETag
"1592900947"
X-HW
1633449336.dop016.fr8.t,1633449336.cds151.fr8.shn,1633449336.cds151.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
48342
modal-explainer.gif
i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/ Frame 3B83 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/images/delay_page/modal-explainer.gif
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/common/html/delay_page_1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
3f395688019d477165fd5523e5625b1a1abf127ac69db269bf032880fea1671c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b6u2w2z4.ssl.hwcdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:36 GMT
Last-Modified
Sun, 21 Mar 2021 17:27:43 GMT
ETag
"1616347663"
X-HW
1633449336.dop016.fr8.t,1633449336.cds243.fr8.shn,1633449336.cds243.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
45470
sprits.png
cdn.okamata.site/site/lm/img/ Frame 8FC8 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okamata.site/site/lm/img/sprits.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9926c3f66e9084945a0f077716b0e879a0370ed85babad9c4895246e0c8ce361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
last-modified
Wed, 15 Aug 2018 15:02:27 GMT
server
keycdn-engine
x-edge-location
defr
etag
"5b744083-1d5b"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://okamata.site/site/lm/img/sprits.png>; rel="canonical"
content-length
7515
expires
Thu, 04 Nov 2021 15:55:36 GMT
ts.php
free.timeanddate.com/ Frame E50D 		20 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/ts.php?t=1633449336494
Requested by
Host: free.timeanddate.com
URL: https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b360d00aebd69ed1b06c860f5d481bb4d82fc2d0ab8dce27f1065854e2b1e06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4075-HHN
x-cache
MISS
content-type
text/plain;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-timer
S1633449336.498455,VS0,VE7
content-length
20
x-cache-hits
0
log
get.pdf-searchz.com/ Frame 44FF 		6 B
803 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.pdf-searchz.com/log
Requested by
Host: b6u2w2z4.ssl.hwcdn.net
URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Referer
https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context
appId=cid-v1:0c61b553-9a4d-4f53-9990-b3c7b1f8b32c
x-aspnetmvc-version
5.2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EZye09Puuaury92OE177VxsWSTm3Uv%2FWsZjVRpbjNDPc9DsYefQdIsTZPrwKuepPVPtQqcKjbZLmsuDmQV8UMUhJOtovt2ATkF%2BS63tDg4G%2B9xSkkRXmKudaQ8rVRjAmiyIX7s7"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://get.pdf-searchz.com
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
cf-ray
6997d5d13896699b-FRA
js
www.googletagmanager.com/gtag/ Frame 8FC8 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
934ec7d9df800ef5feb20f479bab634d8bf6879d579129bddda5ac33e258ad30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38907
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 8FC8 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 04 Oct 2022 07:57:43 GMT
pica.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8FC8 		18 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850207b99af65283f16db9b957b0eaa063f19f5b1ed31c5ab8303157c64a3eed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/bundesliga-sports-stream.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDh2pTIajePwEfQoXCt0PIjsEy4DrC95mDNgdMHKuelFrcZEeR0pbe1%2Bc7u7%2FutzS3eH62y4Uj9sngjPYmg3EM4lh3TqbPq7%2F1%2Fba%2BGVfRO7QeRLr0BLeIL9AlbGxAb2"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6997d5d16e5b27bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
widgets.amung.us/draw/ Frame 876A
Redirect Chain
  • https://whos.amung.us/cwidget/8qxnu1d28l/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=309&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=309&c=000000ffffff&p=
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0388fa778d5e183e39a69bd472701fc1dbe7e0d2e615c97ab5316af1c3e72c1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://whos-amung.com/83ltepewr7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Oct 2021 04:27:21 GMT
server
cloudflare
age
127695
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
6997d5d2fb7905d8-FRA
expires
Tue, 05 Oct 2021 04:27:21 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=309&c=000000ffffff&p=
date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
hd-streams.html
sportsmix.net/ Frame 7B1E 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sportsmix.net/hd-streams.html
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce0b819eeeb5857d5fa980203a5f59b9b66c8bacd61fe042b475a6789b1b809

Request headers

:method
GET
:authority
sportsmix.net
:scheme
https
:path
/hd-streams.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Sun, 12 Sep 2021 08:53:43 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk0ExTS%2F1TeW17Idn3GLbuZUY4lcV7jykdhaiNUCmACo%2BbJHHMQg5LEeROLXb6cs8SJU9f9Oz6oDKpsXf27PXMQygmb5WKzEeLvVA0NQnU4dl0ZR9B0kZwcxcV8yZ0ET"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d1db36dfff-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
test.html
livestotal.net/ Frame F25B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://livestotal.net/test.html
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b32e45bf96c317f2c68fdef26b64fde656995a52afbef7b063648df868d8d6d

Request headers

:method
GET
:authority
livestotal.net
:scheme
https
:path
/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Fri, 10 Sep 2021 20:27:28 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vweHZJchbyxBr%2BQ9LvRB5lZsLPJOy%2BQY9w7aijGt98VOaO5pp2p9yiFhBbgz6uPZTASo9UUQuTx%2B6nvZTTr6W03Vz1TtOQ1RS9otZk%2BweSAAcdQVtzXqG6SRY%2FSPtBJNzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d21d02278c-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
football-live.html
xsportshd.com/ Frame 927D 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/football-live.html
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef839f7d767a4b748cba7b117166e0744c05bf2a53cc2ae14bbd48eb17d988fb

Request headers

:method
GET
:authority
xsportshd.com
:scheme
https
:path
/football-live.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Thu, 30 Sep 2021 20:09:48 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQgvAZRroMT%2B3vutZ6QpNWQ8ut4HBXuRuINBBrcnIrFNy36k3F2DD4U0EUlwyKmkdlk5NknLPV05x0YLgyOiyOqeXXuVi%2Fk8hdinck5q1aq35ITb9ubRIXvN%2BOIPlUUt"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d1be9327bc-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
football-livestream.html
livestotal.net/ Frame 249D 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://livestotal.net/football-livestream.html
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394d79fa8b7d856028464f0d915e35a44720fd5958861927d5ed65e76bcc14b

Request headers

:method
GET
:authority
livestotal.net
:scheme
https
:path
/football-livestream.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 19:50:23 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFhPTYjsyVTWYSIxdvZ8eIsbh%2BjFg1EfuWpYVC2mwIWYPuzJGTzVhTOVCtkhjmIBPH9A2hCS2oTiTxqLQQZJWOAcB6gr6hoBrLRhXR1KTvdZ6bUZhOfuQ6uIGOXl09ld9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d21d05278c-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
football-streaming-live.html
xsportshd.com/ Frame EB25 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/football-streaming-live.html
Requested by
Host: whos-amung.com
URL: https://whos-amung.com/83ltepewr7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec28e5a230c6bd9f5a3daa81bed015bc5fac4d3b01f16aae56d014abb34471b

Request headers

:method
GET
:authority
xsportshd.com
:scheme
https
:path
/football-streaming-live.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html
last-modified
Fri, 10 Sep 2021 20:25:08 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhnv4xGkAnPZWG1%2FikskgcchqhITSEtjpu78RQK4PfwXkL%2BeEwryRsz2Ht9YQgk3jekTSKan2K9ph56P50QVbrj81KY7own6Cv9H0Wva%2B%2FRyje%2Fg%2BX4qtu00040Wk3Hd"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d1be9427bc-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame C6C1 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://live.batstream.live/
Origin
https://live.batstream.live
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
3678531
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
25dd77bbee80ef8afe3c2016e67a80a1
cf-ray
6997d5d1ec4d5bed-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
widget.css
live.batstream.live/css/ Frame C6C1 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/widget.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d00a6a9febd2557b842da6369b48c6ee661b86049864d802f56976bc2f02f5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-38c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhnzffBTogV0fLi%2FtSK2hphz2gsWhCq2jxlfpIQKiBXvXmtQNeneSlsCHL5NvL0TujiKmp5cH4AjKtpZ16qKlOdMehoK%2FdfpvWvUm8nrWPR%2Bm1DQ4yuhEr9yN%2B%2BpPy%2Fb6YplwmQ4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d1fa2327a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT
css
fonts.googleapis.com/ Frame C6C1 		2 KB
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
fa5069a4a04a1940aebe618849b21c7c725f6567e3eab2f21ad84621ed9f6d23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:35:40 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
jquery.min.js
live.batstream.live/js/ Frame C6C1 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-17b8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0v9O4oD0aVRuq0NvqNdP7EXOd%2FhpcpeUkwe5Eb1ZObBiSkwrBvUxJFcEIt%2F%2BdpF7Uix%2BYQzWD6AQkt6XH%2F4BwP5AP4g8HfaS68338Cd7g1tNYL%2Fsna1lEzdF81kbyZ1U8mkw1I5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d1fa2427a0-PRG
expires
Mon, 01 Nov 2021 00:55:49 GMT
bootstrap.min.js
live.batstream.live/js/ Frame C6C1 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/bootstrap.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPV%2FoHQeeiQKxBsj0o9j5ZvBMmyiV4cj%2Bblj7LGALnMDQabEfmEtiZIhiGnClHeLPJMkXs0b4AtDIq1Sj58oRaL0Pt0wqGdijZ4Jh2jYJ65L1aIo5e9j4OhNXbyE8LTZ7917WrbX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d26a5927a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
jquery-ui.min.js
live.batstream.live/jquery-ui-1.12.1.custom/ Frame C6C1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/jquery-ui-1.12.1.custom/jquery-ui.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de55f8247b1682887c7d5634e3ac5a78c89cdc867e6570325cbe929927a36bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-433e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWl6FwI9B0NnMFyOdyVbARXnBCLzNUSB7JVF7Jyaw%2BEtgUvYH0qimWs1arwmDhgqyu5FHjQA4fO9k9Q4eApJY3PCRSWXeTq7N97qd%2BBRyCClbIJGrbW4vDS4ivT0vVu6n01jPPVR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d26a5a27a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
js
www.googletagmanager.com/gtag/ Frame C6C1 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ff0fd09625a434a2442a409d9e5b8725a5bf8cd1a51ede665e8a7349ad18246d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38906
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:36 GMT
jquery.scrolling-tabs.css
live.batstream.live/css/ Frame C6C1
Redirect Chain
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/jquery.scrolling-tabs.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b7b7dd29913e1efa668006f4a14801dd49ce4581a7628840c8b92d5804440f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BqrLIGWn5mBO2S%2Bi2u6Af8JOnHUPPiQ1wyy5juG3U%2FAzd7k96oS2girxqDi6h5XnAD01ljZjD7%2FbG%2F0S9WJMKy0qhXQ%2FENYD%2BBJmXexibYzpOz2aweCDphUxMb4l18lB4O0lxjp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d23a4827a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8iWYAkkm93OdvmmZuVgn4LmerTeEQQ0lMmSGXw2wrH1JXS9v6fkfPyhntfPdmwden%2B6j5Y6uDGHM6maZXxLrieNz1u%2FQ3HPoSOasRkdagD%2FwzCFPSODTFKaQ1KPTu%2FlYCvjUg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/css/jquery.scrolling-tabs.css
cache-control
max-age=3600
cf-ray
6997d5d1fe5027c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:36 GMT
jquery.scrolling-tabs.js
live.batstream.live/js/ Frame C6C1
Redirect Chain
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.scrolling-tabs.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7671b7c1b3cf6ae80a6fe4576cf786a2cce5e57ecdd4f1d26135e90b7e22a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-ec08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q2jEtt%2BtU%2BGw38h4W2QDlkHGcdz7ElPabtTPXxz4rZUaiCOE1yDAkDlDzg%2FS%2FLOdGo1730WKgkE7JNu0%2Fe3Pm%2FUwmnuDEblgJBEkYR1VhLT2HIwlGtcGESeUUsaYkes2c%2FCX1Jf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d23a4727a0-PRG
expires
Wed, 20 Oct 2021 06:52:32 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Jc4Z%2BhpmBdQDjR9cai6gjGwAMmgR%2BEnyYAQBJ%2BWW1yPEXv73DqVMlMfB0Qv1en5HVbmp6yYok4I7bbrsUUaja26FWDRCrGY63kHCRwew7%2FSNxsZ0yuXuZQMkAn06qQRNwULxw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/js/jquery.scrolling-tabs.js
cache-control
max-age=3600
cf-ray
6997d5d1fe5127c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:36 GMT
sQtr.html
premiumvertising.com/ 		44 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
http://premiumvertising.com/sQtr.html?_=BAYAYVx1eAFhXHV4gAGBAsAAIG81ejzh_mSfK4pJOeANzqZorf-8FfiMIASH-JU3rN61wQBHMEUCIG_HMjpyU03Er6GXmqBsEHHCYlpEjbmgaDaCfZ9sVi1wAiEAudCytMC2paxnqhdqWbmvZogRU9zit3Nbc7CVJfOMALg&v=4&fXLQPnmB=3170971&minBid=&qYjSlXrb=0,0&LFjJcexm=&vrWVHeUA=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.premiumvertising.com
URL: https://www.premiumvertising.com/jquery.gray.min.js
Protocol
HTTP/1.1
Server
162.252.214.11 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://elil.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
asf
9
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
popads-ec
ASB
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
44
tag.js
mc.yandex.ru/metrika/ Frame C6C1 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Tue, 05 Oct 2021 16:55:36 GMT
superhero.css
xsportshd.com/data/ Frame 927D 		178 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/data/superhero.css
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=184373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Jan 2021 19:16:10 GMT
server
cloudflare
etag
W/"6008817a-2d035"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWA7rJlkdI955SFMiZgoWA%2FsmBiNigYk1oEzQvRyESy0uE4FVHOWq1xddrK%2BRs7gvAzj5DwYZXwshz5DPbxs%2F4DQzx%2F6Vu5h5uKjHbOn4N98XZrR3TPjCrc3c80W7kC1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6997d5d25f0427bc-PRG
cf-bgj
minify
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 927D 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e6c6a9b4d85e87a2b7da202183429ae8636cee87ad69001d17cade41ef90e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV6FdgwH%2B6kHjCUajQJoNXtJ%2FfXFBFj8OeHuoslf1V5%2BcaZ41JSiJ5uLRBqv71rnvBxpYLzx1wlJ5J8T9rqqXEV0Ntk0lgqbFL42Cxk%2BEwx59XRRUYmzMYNgBe8E6xl7"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6997d5d26f0927bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo.png
www.xsportshd.com/ Frame 927D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xsportshd.com/logo.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18954
last-modified
Sun, 24 Sep 2017 14:44:30 GMT
server
cloudflare
etag
"59c7c4ce-4a0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VT3pY6AvIYC3P5cByJ0roAZky1RlANN7dcyp6TefsslBNFDkbNXNW0U3hGhqcP7kRxTHR%2BnnVza%2BwMobOaZCgxUCY7dO1rEr1JWO6wfnYH8Xemo2W7JBbq259nen29fvvF1tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d26f0b27bc-PRG
bet.gif
xsportshd.com/ Frame 927D 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsportshd.com/bet.gif
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40422
last-modified
Fri, 21 Feb 2020 16:38:24 GMT
server
cloudflare
etag
"5e500780-9de6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzRqfVoauXFKGqoXJE%2FPe6Xm9wn2vnamVjna9XjF0Ht19JO%2BdQs0PwwFO9LTnOkzUTTPCM%2BYvLlqHS%2B%2BCEp7vXj9MzpNhr6QBDHy7YlXC5JWX1TO6M9wLDaaqvmfeUBk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d26f0c27bc-PRG
/
widgets.amung.us/draw/ Frame 927D
Redirect Chain
  • https://whos.amung.us/cwidget/8i0gplj0il/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=269&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=269&c=000000ffffff&p=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc634a7d0c57f463fd27465c69588a987049654fd08b4c8d94888fe06099f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Oct 2021 11:22:35 GMT
server
cloudflare
age
102781
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
6997d5d31bb205d8-FRA
expires
Tue, 05 Oct 2021 11:22:35 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=269&c=000000ffffff&p=
date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 927D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejpyNOcODm%2FXKNRifSBDZWcqkwHXHXRY7aP63UQLxJmsXe3WwIO7WShfhUFlTWvnwJqphQj5pWgokAT9gNe9wNlhugZwj5mwy69tjhkjs%2FFrFjaqCWOfpRhfBWdxyqOX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6997d5d26f0d27bc-PRG
vary
Accept-Encoding
expires
Thu, 07 Oct 2021 15:55:36 GMT
/
live.batstream.live/ Frame A307
Redirect Chain
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EB...
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=...
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f535555c81eb0cb64e623a7d5b9f79e69e314420b8618af1a0926bdbe66eda

Request headers

:method
GET
:authority
live.batstream.live
:scheme
https
:path
/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lo0ZYg60IFzolfbNpfFH%2F2pZM5b9qSSVc4wtz9kCa41As9ip%2BdN%2B%2FxIPvHZyLzE4f54cVyoi9Np8VIwEmdSOIi0VeRiNhP49LMuZPmCOeqyxvQ54oDUBAbp%2FN3wjZpbYbASbuGu"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d28a7427a0-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
max-age=3600
expires
Tue, 05 Oct 2021 16:55:36 GMT
location
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOsCy77dJKlvUdCS%2BWVzk09M4gRhDXSeZ8Xgad6IiofLQJQZEvPtLyFJblO4exeyr%2BloMT4LEgtgqWrWPkJ%2F4H97lUEfAIWd9vv7V3ofWwaWxYbIdRiRiKrE8fEjUZVReOkyeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6997d5d25edf27c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tb1
free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/ Frame AAB0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8f819dfb45cbd32371a14485edeb9ef05ac1d7a9d9d71e10d193d80bead2b32

Request headers

:method
GET
:authority
free.timeanddate.com
:scheme
https
:path
/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
content-type
text/html; charset=UTF-8
accept-ranges
bytes
date
Tue, 05 Oct 2021 15:55:36 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4075-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633449337.699038,VS0,VE7
vary
Accept-Encoding
content-length
1799
/
www.vintagetub.com/ Frame 0431
Redirect Chain
  • https://whos-amung.com/man99adxo
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4448972&p=https://xsportshd.com&tested=2/
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaabbrJ3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6...
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=03581eba294c4178af16188ac599d059&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=e...
  • http://www.vintagetub.com/
  • https://www.vintagetub.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vintagetub.com/
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.54.15.10 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
10.15.54.45.ptr.anycast.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.vintagetub.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=UTF-8
content-length
23958
accept-ranges
bytes
age
1345
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
expires
Wed, 06 Oct 2021 15:33:12 GMT
pragma
cache
set-cookie
zy_sid=CB8D33E5-5102-99B2-0404-CCB55B673059; Path=/; Domain=vintagetub.com; HttpOnly; Secure zy_did=2F414D44-E2A8-77BF-A22A-F613D6CBF080; secure; domain=www.vintagetub.com; path=/; expires=Mon, 31-Dec-2029 20:00:00 GMT; zy_bid=4; Secure; domain=www.vintagetub.com; Path=/; Expires=Mon, 31-Dec-2029 20:00:00 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Cookie
x-cache
HIT, HIT
x-cache-hits
1, 1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-served-by
sip5-10009, cache-mdw17364-MDW, cache-hhn4039-HHN
x-timer
S1633449338.560430,VS0,VE1
x-xss-protection
1; mode=block
zy-server
Zcachex/17.29:M
zy-accelerated
0
zy-exp
3

Redirect headers

Server
Zcachex2/17.29
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html
Content-Length
187
Connection
keep-alive
Location
https://www.vintagetub.com/
go
r.srvtrck.com/v2/ Frame 908C
Redirect Chain
  • https://whos-amung.com/man99adxo
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4448972&p=https://xsportshd.com&tested=2/
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaabbrJ3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6...
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=d02a4259361147c29b43b61ccbc5834f&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=1...
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%2...
2 KB
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=4509d5aaa339472fa7d38681f94f2fc0&sct=0&ct=1633449337503&cu=aa5524921b6344099871577c2c5a86c0&ykuid=10b5608279a14690839e1d3addf99267&sc=1&cs=291543c279b5a35513d6dffe607928dd
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.168.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b207a00150c5ba7d79f37032bd7452efe5edb04d28ef3030e2e4573dafed80

Request headers

:method
GET
:authority
r.srvtrck.com
:scheme
https
:path
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=4509d5aaa339472fa7d38681f94f2fc0&sct=0&ct=1633449337503&cu=aa5524921b6344099871577c2c5a86c0&ykuid=10b5608279a14690839e1d3addf99267&sc=1&cs=291543c279b5a35513d6dffe607928dd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d78c9d5c68-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
0
p3p
CP="CAO PSA OUR"
set-cookie
ykuid=10b5608279a14690839e1d3addf99267; Domain=.srvtrck.com; Expires=Wed, 05-Oct-2022 15:55:37 GMT; Path=/
location
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=4509d5aaa339472fa7d38681f94f2fc0&sct=0&ct=1633449337503&cu=aa5524921b6344099871577c2c5a86c0&ykuid=10b5608279a14690839e1d3addf99267&sc=1&cs=291543c279b5a35513d6dffe607928dd
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d52f29074a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
superhero.css
xsportshd.com/data/ Frame EB25 		178 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/data/superhero.css
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=184373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Jan 2021 19:16:10 GMT
server
cloudflare
etag
W/"6008817a-2d035"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4QnrSe1b%2F8ms%2F4fzbkcZ4x8zZxGpxJM4BWoJtsZbHqYc3U4hwz9LOsxBojDvusz%2BIKshhfFGabY3m%2BPtnbcluqHop9SlNayC1TlErKPtOJV8YyIMVEZCY1jz7QXRxte"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6997d5d26f0e27bc-PRG
cf-bgj
minify
/
d1ev866ubw90c6.cloudfront.net/ Frame EB25 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ev866ubw90c6.cloudfront.net/?buved=931727
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-51.fra6.r.cloudfront.net
Software
/
Resource Hash
6b5e2d3aaa029cce71437d3c67e9813f1af8085b9cb8d42b72d96b856ae56304

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA6-C1
content-length
53000
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-amz-cf-id
EvxVZ3sUpkgc54OaYU9vu8d0idsyGqjeE0_IemjN408_53_KtPGQzQ==
invisible.js
xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame EB25 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d30b41ca58ba5bf6ebe9d9dd3e582a1dc722110cca2381304b611bc18c180d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJqq82cCPAzb7Ih2MKpklBjCaiN37026sEmZYw8R0%2FEcp4yd2W8hUOSfJf4R6gDsShR%2BFqt8v1LLbnEvG6bfmVX3i5X8ZZgGBsxGlNUXvXG7G0cVr6GNcx%2BAgo2MOJmC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6997d5d2cf3127bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo.png
www.xsportshd.com/ Frame EB25 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xsportshd.com/logo.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18954
last-modified
Sun, 24 Sep 2017 14:44:30 GMT
server
cloudflare
etag
"59c7c4ce-4a0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbX2Ypx%2FJwkGHlHL9UH8YlzPa3xwtU%2FtfOTpQqKUQIA9JArrL6tWrQSev7M9YkNpqdboBXI51okYIAilSga%2FXHmAqdDPGaF73mSM%2F9wY555kWr2C7Sk624%2B3zFHayk1GWilhcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d31f5c27bc-PRG
bet.gif
xsportshd.com/ Frame EB25 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsportshd.com/bet.gif
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40422
last-modified
Fri, 21 Feb 2020 16:38:24 GMT
server
cloudflare
etag
"5e500780-9de6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHxrGrwFs61k0YlWgFRkp9NOun9jJh%2BesKdLSGv1bx66IlyjpziZ0J66uy%2BvUX5rNcLNcBr8nELeejDpxMLe2%2BYrbHcLOCIgOzyK0sYOg7nuSIhs8NVyzMhEd4R4l%2F4s"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d34f6927bc-PRG
/
widgets.amung.us/draw/ Frame EB25
Redirect Chain
  • https://whos.amung.us/cwidget/8i06wpj0il/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=244&c=000000ffffff&p=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=244&c=000000ffffff&p=
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98867a6b222e1f6596d2c611e5bc8fb33cc9f17ed86215613623011a30e160af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 15:42:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
6997d5d42dba05d8-FRA
expires
Wed, 06 Oct 2021 15:55:37 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=244&c=000000ffffff&p=
date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
skip.png
xsportshd.com/ Frame EB25 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsportshd.com/skip.png
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8985c3e714a1924fad28fed3b93fb6c1b3db88f89a6022a5e8c632d29f32cbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1398
last-modified
Sun, 23 Feb 2020 15:33:50 GMT
server
cloudflare
etag
"5e529b5e-576"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOWGktjQ4PWpvmukI6KgaByR9kpcWQdunmdvARDb9%2B60q%2BVOc%2B5nuARqMs9dFPFhkr2BU1SN6iRpgxi3VQ9WajPsbubR%2FCsyV8jLjsJ1No1%2B4pAmYL5NLht9DLbedGOr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d3cf9427bc-PRG
bet1.gif
xsportshd.com/ Frame EB25 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xsportshd.com/bet1.gif
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f837166c8365aebeaa65d97395a7a2efdd59dd34642c6d4c3146f98581d475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
110928
last-modified
Mon, 01 Jun 2020 16:14:48 GMT
server
cloudflare
etag
"5ed52978-1b150"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl3S0SsyElpHCwDqxY1exeYpswhr32DwSxUqwYcUIQeF0YUHSEwRnEyracYQTeYlV9b8mgFAML17WKGMJ1hq%2FQ1TMZGEjWUMROcljd0KwMOhMxqP4S7HFdAkk1JmlHRT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6997d5d3cf9627bc-PRG
rocket-loader.min.js
xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame EB25 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39s9kzeYZDYVFgLmEEVbLuB3GlKq5Csci0ZurcEuhjETeSImRRx%2Bkj1ry7g7p3Zu7oTxx%2FtCo28w57O9rwJD8vr0dD%2B0aocMgUVW07N3WUNRc8wtsqJWnVaGYDcBVAJK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6997d5d3cf9727bc-PRG
vary
Accept-Encoding
expires
Thu, 07 Oct 2021 15:55:36 GMT
click
clk.tradedoubler.com/ Frame 2FD1
Redirect Chain
  • https://witalfieldt.com/redirect?tid=937674&ref=encodeURI
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMK7hEs7ky1egIQw7qySCN0E7EcH_5IZLpRWDBmXZRGaxQos_5qWMelctIX7PSFWu1BkOe1swRdnM5VVHjKeOEMWEWEatjQH0OkolJzChtcb99a-hz6nOf0-XZySSQK_wpE8sk593LVzc...
  • https://p203248.mybetterdl.com/adServe/adClick?ai=IMh5EoW_2OrTzvKh2qDWIiIC3qCm-kdhlx_im4QKWF8G6oyxoFy0vfZNlMvdlRc-dRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2KczI1ZKzU38pW3aR3gvW4R7i5Y678SJ3VmshdVdwF...
  • https://global.yhit.top/go/553af299-3b05-4f3c-914d-d73d2bcf203e?bid=0.0012&subid=87230488007&source=439841629&campaignname=TD34+-+Grover+DE&geo=DE&device=Desktop&os=Windows+10&browser={browser}&car...
  • https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
864 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
9d37af98ee48a6fc31cce9f43fe644b99ecfd429275fcb64535b2864c0b9e27e

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
864
via
1.1 google
alt-svc
clear

Redirect headers

server
openresty
date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=utf-8
content-length
220
access-control-allow-origin
*
location
https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
set-cookie
bemob-uniq-visit:553af299-3b05-4f3c-914d-d73d2bcf203e=1; Domain=global.yhit.top; Path=/; Expires=Wed, 06 Oct 2021 15:55:37 GMT; HttpOnly; Secure; SameSite=None bemob-click-id=NbP9ocrAtx6WFTEQDVmwJ9; Domain=global.yhit.top; Path=/; Expires=Wed, 06 Oct 2021 15:55:37 GMT; HttpOnly; Secure; SameSite=None
vary
Accept
x-response-time
3.980ms
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
redirect
witalfieldt.com/ Frame B39B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=937674&ref=encodeURI
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-24.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
witalfieldt.com
:scheme
https
:path
/redirect?tid=937674&ref=encodeURI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=2e9005cb-7fa0-49b9-83f1-d6fedb067a6c
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
PG8Qk8NMgjp4RGPwG3Bjbuvld4nAYcQb551b4L3fR3vEg43_9L6Txw==
tag.min.js
iclickcdn.com/ Frame C6C1 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
14214
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
82a5cf8ccb4272ddf95cc5d4b31259a9
pragma
no-cache
last-modified
Mon, 04 Oct 2021 08:03:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVstd91veEa7DvgAYY1yaZcispXmrs7W9bSc4VTx6foEEOEH3pPDvvFpC62cMpMGgeIc3GbybxrmDVSy8B2D8H%2BJtvocY9SkqENr8COUJgcXl7Xw13GrgFUJzbEEtK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6997d5d2aa8927a0-PRG
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Wed, 06 Oct 2021 11:58:42 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v10/ Frame C6C1 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v10/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live.batstream.live
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 23:30:27 GMT
x-content-type-options
nosniff
age
231909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12300
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 22:44:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 02 Oct 2022 23:30:27 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v10/ Frame C6C1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v10/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live.batstream.live
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 20:14:44 GMT
x-content-type-options
nosniff
age
70852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11720
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:00:00 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 20:14:44 GMT
list.php
live.batstream.live/ Frame C6C1 		101 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea43b374720bc7d75757a163852a4a562e21d07f55c1037614674e75447d772c

Request headers

Accept
text/html, */*; q=0.01
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c82KKuzslxHxP%2Bp6EP4X3JCnkByZWLr58nbBGsl2QhstCkhVAjPe3MRvBLI4a7JHBC%2BCNHmoyd2FGe5iz%2BRa27GWIIyQmIoRgI1by%2Bxg3PHUI2%2Fr7mqzv0hf503tMHHSKtPbaAxt"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6997d5d27a6327a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame C6C1 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://live.batstream.live
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
1949351
cdn-proxyver
1.0
cdn-cachedat
08/03/2021 23:23:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18028
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
604b80d64cc5ccf8b89354150128ca53
accept-ranges
bytes
cf-ray
6997d5d28dbed6e1-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
Cookie set cimp.php
s.optnx.com/ Frame A6A9
Redirect Chain
  • https://witalfieldt.com/redirect?tid=936129&ref=livestotal.net
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-
Requested by
Host: livestotal.net
URL: https://livestotal.net/test.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d12596baad43a1b5b5ee70087fc8cc5a70308e7278008849050c54e7644fce0d

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=74fea552-4f2e-4f04-b7de-9b767e1c13bc
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
aVykM8raY_T0xm9Hvlj0vqchSv4uFw9leG36GIvbZXv1MFLXCCrBxg==
Cookie set cimp.php
s.optnx.com/ Frame CE07
Redirect Chain
  • https://witalfieldt.com/redirect?tid=936129&ref=livestotal.net
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-
Requested by
Host: livestotal.net
URL: https://livestotal.net/test.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0df65a5e07fe4d7161a48adc380af593bd142e449ac3f99c2b6d1b6f36f804f

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=9c60ca2a-be3e-4daf-acbf-43e278854981
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
6RlVjnVpWagwEMYQvg6bUs9BlFddJ0Xd_beZn-EoQ10v59OXRtolBg==
go
r.srvtrck.com/v2/ Frame 5621
Redirect Chain
  • https://livestotal.net/bu1sh65i
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58U...
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=9cd4e25cc7184c60b36468b6f865f992&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=b...
  • https://r.srvtrck.com/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077...
1 KB
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-livestream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.168.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e152319477e9f1d2b43a26d1d9f0b340933d03fed079c61df9466c8e48a5eb1

Request headers

:method
GET
:authority
r.srvtrck.com
:scheme
https
:path
/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d74bd65c68-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
0
p3p
CP="CAO PSA OUR"
set-cookie
ykuid=96bd89c12f2a45cb8a3743e4b340aee5; Domain=.srvtrck.com; Expires=Wed, 05-Oct-2022 15:55:37 GMT; Path=/
location
/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d53f33074a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
go
r.srvtrck.com/v2/ Frame 0FBF
Redirect Chain
  • https://livestotal.net/bu1sh65i
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58U...
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=d4d5e32ebce247a3bd65b43f46a9097f&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=6...
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%2...
2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=7631256ad64447aaba5a464e617df142&sct=0&ct=1633449337497&cu=b3e41b2e2a8e449396b4a82b3c497a5b&ykuid=12d90dbb67034bee892f76b26546fa13&sc=1&cs=df60ffb5916cbcda6f42dd00a1467111
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-livestream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.168.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b57a10a3d5ec20884fbf2a9ab55965bbaccbcdc163240588c91797c02fcbe2

Request headers

:method
GET
:authority
r.srvtrck.com
:scheme
https
:path
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=7631256ad64447aaba5a464e617df142&sct=0&ct=1633449337497&cu=b3e41b2e2a8e449396b4a82b3c497a5b&ykuid=12d90dbb67034bee892f76b26546fa13&sc=1&cs=df60ffb5916cbcda6f42dd00a1467111
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d76c295c68-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
0
p3p
CP="CAO PSA OUR"
set-cookie
ykuid=12d90dbb67034bee892f76b26546fa13; Domain=.srvtrck.com; Expires=Wed, 05-Oct-2022 15:55:37 GMT; Path=/
location
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=7631256ad64447aaba5a464e617df142&sct=0&ct=1633449337497&cu=b3e41b2e2a8e449396b4a82b3c497a5b&ykuid=12d90dbb67034bee892f76b26546fa13&sc=1&cs=df60ffb5916cbcda6f42dd00a1467111
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d55f88074a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
go
r.srvtrck.com/v2/ Frame E03D
Redirect Chain
  • https://livestotal.net/bu1sh65i
  • https://syndication.realsrv.com/splash.php?type=8&idzone=4427876&p=https%3A%2F%2Flivestotal.net&tested=2
  • https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LbK3UzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0zq5qtbKrLbZa.KJo6KK5aJ6JaJrLJqa57pnby57VzXaS6cWTTU2W58U...
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=240a7713fde148fdba01de22674b5ee9&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=1...
  • https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%...
2 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=6fbae516cc764398b90dca68131a4812&sct=0&ct=1633449337358&cu=e14af5972b0747f3a395393c2212d666&ykuid=e940d49c6c81420cbcabcaa20a9f992f&sc=1&cs=a5d9e5a6f622656db439f203db7af1ab
Requested by
Host: livestotal.net
URL: https://livestotal.net/football-livestream.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.168.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dee1bc1dc01211b28a77165b0db66d271ce4715407b1b1a2185fe0741ac9850

Request headers

:method
GET
:authority
r.srvtrck.com
:scheme
https
:path
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=6fbae516cc764398b90dca68131a4812&sct=0&ct=1633449337358&cu=e14af5972b0747f3a395393c2212d666&ykuid=e940d49c6c81420cbcabcaa20a9f992f&sc=1&cs=a5d9e5a6f622656db439f203db7af1ab
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d6aa055c68-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
0
p3p
CP="CAO PSA OUR"
set-cookie
ykuid=e940d49c6c81420cbcabcaa20a9f992f; Domain=.srvtrck.com; Expires=Wed, 05-Oct-2022 15:55:37 GMT; Path=/
location
/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=6fbae516cc764398b90dca68131a4812&sct=0&ct=1633449337358&cu=e14af5972b0747f3a395393c2212d666&ykuid=e940d49c6c81420cbcabcaa20a9f992f&sc=1&cs=a5d9e5a6f622656db439f203db7af1ab
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5d55f91074a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 927D 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b213528b7fead117a8f54539cec57724d4b27401589d88002f48083fac10c34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38907
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:36 GMT
analytics.js
www.google-analytics.com/ Frame C6C1 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4119
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
st_icons.png
live.batstream.live/images/ Frame C6C1
Redirect Chain
  • https://live.batstream.tv/images/st_icons.png
  • https://live.batstream.live/images/st_icons.png
620 KB
621 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/images/st_icons.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddfa6f903fae79327c8402de2ac4bceadb0c14bff340610d66a76d9e6122595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
309862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
635111
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
"5c4f85c8-9b0e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRAdoKktkFL8teU4MWuYfGxeTuNJMPdKvEHwqo12WdeBjgSV%2B6EyTZHHdNFnLkqkTmQtQuWgYbxK8aLEzTD1L2D6Mkxk1QlJwJoMq07IeOI9p5HvXRc4o%2FT9UvQmlYuZuetwI0ig"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d31ae327a0-PRG
expires
Mon, 01 Nov 2021 01:51:14 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArpOE0neHct7a8n%2FEDMUqCCxYzyhXJ4YQmeC0feUpp7pfWIBzQiD%2FRmipfM8EZk4TeFrQinm%2BRqD%2FiQWVGerhKLPBXiTlZt9QcP0UXren0SH561H%2F8SMHj4dOUVtt4SngxurFg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/images/st_icons.png
cache-control
max-age=3600
cf-ray
6997d5d2ef5e27c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:36 GMT
Russia.png
live.batstream.live/img/countries/ Frame C6C1 		403 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Russia.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1626792
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
403
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-193"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJgmsBqM3%2FGaIojiqKOGy8hlqltiEV%2F33%2BZ5YJvdF1Aao6Ru1RiI7BCCpNAF1CyGnrhsMtY%2Bl9JlNl%2BipMYyfFPXFHxD6pQrZhHT8hd27XcGzjVSotDi%2F3MkwYorDJKw9mCC5Gum"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eabb27a0-PRG
expires
Sat, 16 Oct 2021 20:02:24 GMT
Qatar.png
live.batstream.live/img/countries/ Frame C6C1 		623 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Qatar.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2bf429d792fcfc94dd0dd079df6173a49dd7f5f6ed4c88f9c8faa3acf01280b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1266471
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
623
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-26f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2wjVnCxwJHC7uLPKVBvm5pbYTHx%2BnKiIrkm2qUGSQp33jfSnBfmCP2m7L7NyTAicq6qHpf9DutBS4MKXWYzPbmoSYr3agnNQzRXRH1Um2Yz0Oc11ZfZOc9G6lWtqAwIHCknCtlF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eabc27a0-PRG
expires
Thu, 21 Oct 2021 00:07:45 GMT
Worldwide.png
live.batstream.live/img/countries/ Frame C6C1 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Worldwide.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3de9616bcc66d2e639b6923283ca03c0aefc53f48dd53dddb293e276036a1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1327694
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7316
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-1c94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sctJOAu4twEfnOwSjeJvrqlRF8gJWaeQqMArcW7W9gj7yawZU%2BYdhxkWj%2F0il%2BATxUV%2FeRH76th3I1dxhGhr%2FmzpNihszmsaNpPmKgB3EuPMf9Ugpprfg7VanAYLl%2BQcO%2Bzz1zSo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eabd27a0-PRG
expires
Wed, 20 Oct 2021 07:07:22 GMT
Sweden.png
live.batstream.live/img/countries/ Frame C6C1 		581 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Sweden.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2141654
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
581
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-245"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgQ9ZTH16%2BkYeTFvC%2FlCnzKf47PxIa1eWWvFPMIAp6WF5jVbstgFXgFesa2st0MlvUuqf%2F4yNkgA4EGzPTKGI4f%2BAIUr2oMgJwROwYoL5CWSMftSB%2FoniCLl3EAkTCYuOd83YPiX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eabe27a0-PRG
expires
Sun, 10 Oct 2021 21:01:22 GMT
England.png
live.batstream.live/img/countries/ Frame C6C1 		461 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/England.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3760bfe884522e5c1c98fe8dd2bd9c89670c41ffa26c5bc5813bffc1c3a6268a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1588495
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
461
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-1cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTPkbeVelEy8qRtAQhZ8JgzmcpSJM%2BVYxqwa5BOVq1xY7wGX6O5axiUIrsAof%2FMugpVULfIEot2Ka%2Bp2alhoDk27nZPU%2BAdQezbVoN4uDnamKjGZOnJpe6oj9wUspDKMTtgIoW%2BC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac027a0-PRG
expires
Sun, 17 Oct 2021 06:40:41 GMT
Argentina.png
live.batstream.live/img/countries/ Frame C6C1 		501 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Argentina.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1677775027796b6cde3f41186a2c4dac6613c8638db055ea7d0885eae8eab4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1932182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
501
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-1f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJq2v1EHRrWEb5%2F4Re2l%2Be3YewMJ969FYwevQcgqaJbzS3BiadDn7x6CgJxJwNXXIXWpQ6iV1nLFyo2wY4YlWOBTLwv6k2b6%2Bw5X5vYWVb7%2FcHvsFSM8o6O3Tj3qaBK1r8aiiNyH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac227a0-PRG
expires
Wed, 13 Oct 2021 07:12:34 GMT
Brazil.png
live.batstream.live/img/countries/ Frame C6C1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Brazil.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2188204
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1115
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-45b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCe6uqnTLF9swFpjndHyFVXyq1xvLtL%2B9wNItlscdyVDo%2B1gEFdFeCbpsRkSmX29udauVt4qmLz61mspMT7QFFBLQMp90IozxD8SygJb3qXoanwu5LGAUX88aW9%2Fp46JqnQ%2FttD%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac427a0-PRG
expires
Sun, 10 Oct 2021 08:05:32 GMT
Paraguay.png
live.batstream.live/img/countries/ Frame C6C1 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Paraguay.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443959eaa2d78f92b04bb3ada5c27ff9da02901671d8cab9f96fe206bc981388

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
890118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
595
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-253"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1Cnu1Y2YV2adnKz%2FyiOR7%2FaOuxxyxynJKEHfxmmT48Wgbl5YnCNgxwog377DlwLLrWxYSx8D%2B2iyO%2BSCqn3aNkgBQ9IJ5uVHbyBexn0%2B4KwnKfYHKX%2F9kQ7OIHWgLxm1YiTWGR9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac527a0-PRG
expires
Mon, 25 Oct 2021 08:40:18 GMT
Chile.png
live.batstream.live/img/countries/ Frame C6C1 		547 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Chile.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3457d693391ae91aa1841bec0cab7ea2db53a2371ba51008aad814a0624e3c8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1066934
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
547
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-223"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8j7E6WC4WoG8Ela6X9gooj%2BBI5b8dWnWGP7%2BP8AQLB%2Bdx9fwPTpPudQsJStecqdSMV%2BdkMEWxRFeTVXrym52uf%2BOWUT1aOT0zmdVAat6ibcy%2BAkeEW8fMmXyDqvomJlozjkFkHT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac627a0-PRG
expires
Sat, 23 Oct 2021 07:33:22 GMT
Canada.png
live.batstream.live/img/countries/ Frame C6C1 		570 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Canada.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcae6366dde9ca0a2a6fee1fdb9740d75cc83993ede8de550494fe545baa967a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
962049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
570
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u49BwMx7zds5E2nSY7UdLORSvJYLCkqdzavDBFjcP4V7%2F0ErIYKG8JxpTPYBRPo%2Fh9qw%2BpC5mJ63nn9E%2BEA98m7dx1prIdZGrMXZfiTTm9%2BnQ3oB8E3iYaXDEVx74iREpnsDHxS3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac727a0-PRG
expires
Sun, 24 Oct 2021 12:41:27 GMT
Uruguay.png
live.batstream.live/img/countries/ Frame C6C1 		689 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Uruguay.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d8dc114c0305b69b6f61831cbaa540183aded5d542c56c61ce90426f1e6b19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1588495
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
689
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-2b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFt7Sahntl2XR43hNInbUsmper8LecBgKU6MFp21xa%2B1Bfl7i4mB%2B03JDmq6V%2Fi0IZnciP4QpbascLDARt0Zb%2FthVii2IvArlZ48WkcHnRdNd2DMg4Tdrf%2FrBdL8depWqrx6Bmhy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac827a0-PRG
expires
Sun, 17 Oct 2021 06:40:41 GMT
Mexico.png
live.batstream.live/img/countries/ Frame C6C1 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.batstream.live/img/countries/Mexico.png
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ab966ce9cbb8fb69b93e642f643302b57d4dfb9a57fef11e69c95c4175855a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
307188
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
771
pragma
public
last-modified
Wed, 12 Dec 2018 18:51:50 GMT
server
cloudflare
etag
"5c1158c6-303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1kfYmazFwc8bkvl5UmDVYr%2F8s0rzMk5ksz9Z92ekWxl6WbRxszfxLgPRZhfJjlyFM0%2BXPostz40GDxMvmO4PqlcJda25n3fT5qW08UAVFlcQPxzXHbvFVkROc3envXIvZ55RbIK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6997d5d2eac927a0-PRG
expires
Mon, 01 Nov 2021 02:35:48 GMT
/
bedrapiona.com/5/3505548/ Frame C6C1 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3505548/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
863a128ab43f71fcbbeabe83a5a752a67b9033a85313fd2cdf147875fcbc7bcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
4add6277906e995883f819c494fad92d
pragma
no-cache, no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://live.batstream.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame A307 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
3679745
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fcddc638d6e16c45c5296dbd0c614bc9
cf-ray
6997d5d30e8ed6e1-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
widget.css
live.batstream.live/css/ Frame A307 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/widget.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d00a6a9febd2557b842da6369b48c6ee661b86049864d802f56976bc2f02f5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-38c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKLcpsK9ZlJYjlskCLpg%2B2TrcM15G1ZD66WKG6SA0sYs4eq7vhpr4%2FkEJC48OmoBg3kqrbO6kM5jSCMyZVj7Rp7xvz6W9%2Fa7htt5ekpkmEcqQaE0eUDhC4ED4bIxu425aH8ZBBCk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d31ade27a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT
css
fonts.googleapis.com/ Frame A307 		2 KB
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
fa5069a4a04a1940aebe618849b21c7c725f6567e3eab2f21ad84621ed9f6d23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 14:13:38 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:36 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:36 GMT
jquery.min.js
live.batstream.live/js/ Frame A307 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-17b8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhV%2B%2Bbmwr%2BvAmU%2F3t6q2LLFvyY73Nm02f%2FcsgXGwEd4QiOmmxkVf9C9%2F0OIXdPtAOOb6R4o4BjPPZcXkCDrdQQextRWPXtusuzoykw5oTfFyd2kC23sl00VfHiTBv9NBZ%2F0rfrbK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d31ae027a0-PRG
expires
Mon, 01 Nov 2021 00:55:49 GMT
bootstrap.min.js
live.batstream.live/js/ Frame A307 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/bootstrap.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4phJKeXw3BIeKnyNHWEu5bAPNXUroOCZxOvqpoZc%2FToPLP7L6JZGa99BY5nFqq%2BBjugfkmif2xV%2FEu3IlZV8EqwetMgNN4N%2FuS0MhwfKEL%2BxY91eLO5PE8q6sAIRzvQo0II7F63n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d3ab2e27a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
jquery-ui.min.js
live.batstream.live/jquery-ui-1.12.1.custom/ Frame A307 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/jquery-ui-1.12.1.custom/jquery-ui.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de55f8247b1682887c7d5634e3ac5a78c89cdc867e6570325cbe929927a36bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-433e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AVkCf9EhdGXDqUwvcCoLzAxblAJD4o%2FEMxks2WPDwLHKe%2FZa167v2Wh8Zm%2FOy2b1Vv1DzsfBGrJD3cWwcU5%2FdOu0SH6hD2ZqKO%2BoxGAZQ8ruuopOnjB4XTQPz5F8E2%2Fi6MFQl2h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d3ab4527a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
js
www.googletagmanager.com/gtag/ Frame A307 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ff0fd09625a434a2442a409d9e5b8725a5bf8cd1a51ede665e8a7349ad18246d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38906
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:36 GMT
jquery.scrolling-tabs.css
live.batstream.live/css/ Frame A307
Redirect Chain
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/jquery.scrolling-tabs.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b7b7dd29913e1efa668006f4a14801dd49ce4581a7628840c8b92d5804440f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3sFkLv75jN0OTgmfZN0xImrJ5ijtbhHpfTtmh1v0boAmFstHFNLomjt98bCUn5uxccNp4v%2BMMt1Iz8gYpxg%2FPdIA08Lf8REjHEr96Pu%2Bj4lzbep4DxT1EJrj24r0g8hM5aJeP%2FU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d33af527a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCbw97mu94giYGZqYEAfG9DZrTaRnKJhpHwPQziP9x1w%2FajEx9u9xrhat7jKiAYF9EtEztKAJGiWopBI1RQ3pXOY4z9uyTKEIog7FOoDqxHSZOBIDQKlXoxgT%2F8kJQH29j7Pcw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/css/jquery.scrolling-tabs.css
cache-control
max-age=3600
cf-ray
6997d5d31f7b27c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:36 GMT
jquery.scrolling-tabs.js
live.batstream.live/js/ Frame A307
Redirect Chain
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.scrolling-tabs.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7671b7c1b3cf6ae80a6fe4576cf786a2cce5e57ecdd4f1d26135e90b7e22a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-ec08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDN9aBlD9EH5ar96syw1ZNxWWZx9hZMMFbH%2Bg1To%2FAOQIghZFPWaJ2rRMT%2Bt7B5%2FCt88ydTJtKQBkYNJjSRsRjHwAUQwiRir5TEkMab2A2X%2FWV6MYfUYJ5dws98ljzt2eFak7HDZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d33af827a0-PRG
expires
Wed, 20 Oct 2021 06:52:32 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUXW9sdXErxoGH25KKr4oxfidqWQNgwZtnEm3fkCrsbakgj4u905CjMBr1M5Ps%2FUwUmolP4dVybp14xGcTpu4KGROs3VyyGd%2B3LoqdvfCksvm4WcZiJwRfA4BmpMrAC6uBuGEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/js/jquery.scrolling-tabs.js
cache-control
max-age=3600
cf-ray
6997d5d31f7d27c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:36 GMT
tag.js
mc.yandex.ru/metrika/ Frame A307 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Tue, 05 Oct 2021 16:55:36 GMT
fac.php
onmarshtompor.com/ Frame C806 		203 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/fac.php?OAID=0e0876085cfb4ed0a39c847fcf79bd5c&oaidts=1633449336
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8744aeb999e93cd258857e3796f8833af6ec38d6e1b670510d0daea8c3df4f8e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onmarshtompor.com
:scheme
https
:path
/fac.php?OAID=0e0876085cfb4ed0a39c847fcf79bd5c&oaidts=1633449336
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://live.batstream.live/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:30 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
9603348156d9b5cd946fa5aff3236c27
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
set-cookie
OAID=0e0876085cfb4ed0a39c847fcf79bd5c; expires=Wed, 05 Oct 2022 15:55:36 GMT; path=/; secure; SameSite=None oaidts=1633449336; expires=Wed, 05 Oct 2022 15:55:36 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff
1
mc.yandex.com/watch/55348681/ Frame C6C1
Redirect Chain
  • https://mc.yandex.com/watch/55348681?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%...
  • https://mc.yandex.com/watch/55348681/1?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A5...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/55348681/1?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&page-ref=https%3A%2F%2Fxsportshd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A316%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A667404850004%3Ahid%3A455532316%3Az%3A0%3Ai%3A202101005155536%3Aet%3A1633449337%3Ac%3A1%3Arn%3A442256823%3Arqn%3A1%3Au%3A1633449337230160154%3Aw%3A1057x4000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336424%3Ads%3A12%2C34%2C57%2C1%2C69%2C0%2C%2C95%2C14%2C%2C%2C%2C271%3Adsn%3A13%2C34%2C57%2C1%2C69%2C0%2C%2C96%2C15%2C%2C%2C%2C270%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8e713626d8b436327b3dc2b35bcc6c3a47550e14ffe0c072082c487d97e7c515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 05-Oct-2021 15:55:36 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://live.batstream.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
last-modified
Tue, 05-Oct-2021 15:55:36 GMT
location
/watch/55348681/1?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&page-ref=https%3A%2F%2Fxsportshd.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A316%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A667404850004%3Ahid%3A455532316%3Az%3A0%3Ai%3A202101005155536%3Aet%3A1633449337%3Ac%3A1%3Arn%3A442256823%3Arqn%3A1%3Au%3A1633449337230160154%3Aw%3A1057x4000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336424%3Ads%3A12%2C34%2C57%2C1%2C69%2C0%2C%2C95%2C14%2C%2C%2C%2C271%3Adsn%3A13%2C34%2C57%2C1%2C69%2C0%2C%2C96%2C15%2C%2C%2C%2C270%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream
strict-transport-security
max-age=31536000
access-control-allow-origin
https://live.batstream.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:36 GMT
advert.gif
mc.yandex.com/metrika/ Frame C6C1 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 05 Oct 2021 16:55:36 GMT
list.php
live.batstream.live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Protocol
H3
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xlutVQGWyCzAWdvIqWMl%2Fq%2BkCcjkhif%2BayoPxtv3C%2FLIOHK38%2B9JAXrIzJhBeA96lAqLkIgb9k9hpQJxPcyFAvHhQnmMpu9wFGq2NXFFwc1wWVX2aW5u8GuuZUEpv6m6SJmHCiY"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d3db5f27a0-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tag.min.js
iclickcdn.com/ Frame A307 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
14214
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
82a5cf8ccb4272ddf95cc5d4b31259a9
pragma
no-cache
last-modified
Mon, 04 Oct 2021 08:03:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBVRkDTTQHf%2BFekryxrCiYRfcqfnP3K%2FEcbXsNojZOs409muG5uE%2Bz7GIZ%2FR%2BJwFGiP06JKEHTovPx3njsm4o2WKI%2BwOLxWFSP1CHt3T0wUGUjDEXf4Pmeu3GXG%2FJXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6997d5d3bb4b27a0-PRG
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Wed, 06 Oct 2021 11:58:42 GMT
list.php
live.batstream.live/ Frame A307 		0
0
/
live.batstream.live/ Frame AB09
Redirect Chain
  • https://live.batstream.tv/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EB...
  • https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=...
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f535555c81eb0cb64e623a7d5b9f79e69e314420b8618af1a0926bdbe66eda

Request headers

:method
GET
:authority
live.batstream.live
:scheme
https
:path
/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
_ym_uid=1633449337230160154; _ym_d=1633449337
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orS%2Fvjy1y2VniDulrJ4zuUDR4I%2BJyK3%2B78fPNUqwE0p8BTJx21RKTO4uyflnYS3ymUySmSKN%2FjOpokmY%2B5K91WSoroqGFrR2MFrAMEvM7E%2Fxunrt7WZVQczOvce7tWeRpdbAi5gi"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d3eb6b27a0-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 05 Oct 2021 15:55:36 GMT
cache-control
max-age=3600
expires
Tue, 05 Oct 2021 16:55:36 GMT
location
https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D5RJGHA%2FS0fwTHAo0l1ljXfJaNRgq4n2lF7rXvnbCk78CRKBNi2p3cM82U0MzqE2kUupRGyGXUfSuth52LABThjap8r744bEhYfpkL6259j7KybwPNFcX0RZq0vxJy4Ur6qzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6997d5d3cfff27c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tb1
free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/ Frame 17BF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.timeanddate.com/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35ba2218bc973a11ff3da0ec3786b7f630360d5d504996e378c1752603f83550

Request headers

:method
GET
:authority
free.timeanddate.com
:scheme
https
:path
/clock/i7n6znqi/n19/fs18/fcfff/tc48a648/pc2b3e50/ftb/bas2/bat1/bacfff/pa8/tt0/tw1/tm2/th1/tb1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
content-type
text/html; charset=UTF-8
accept-ranges
bytes
date
Tue, 05 Oct 2021 15:55:36 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4075-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633449337.921291,VS0,VE6
vary
Accept-Encoding
content-length
1800
Cookie set cimp.php
s.optnx.com/ Frame 35CB
Redirect Chain
  • https://whos-amung.us/m4v11nok
  • https://witalfieldt.com/redirect?tid=931727&tz=8&ref=xsportshd.com
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3b8d3e9f3c8a8d912ced905eac1aab7bb66555133b96f0b418bbd4e894c88f09

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; impressions=x%9CE%CA%C1%0D%C3%40%08%04%C0%5Exci%17%16%EEH%2B%91%2B%B1%D2%7B%1C%F9%91y%CFe%0AlU%1C%EA%5D%08%CA%5Eo%3A%3BS%9C%A9t%5B%01%3B%DD%C4%C2L%1F%5D%C8%D5%11%FF%17%C0%2A7JO%EC%BD%A9%3B6%81d%DF1%9F%A8%C9%5C%FE%7B%E7%E7%0B%E9%06%19%04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=391df22c-dee6-4a6a-9065-08b09231c2df
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
KUJGKYvOKdqiRNhGTklgfN8y0qRc3JhcaSnyS3-B0EjbphDLW7gONw==
Cookie set cimp.php
s.optnx.com/ Frame F141
Redirect Chain
  • https://whos-amung.us/m4v11nok
  • https://witalfieldt.com/redirect?tid=931727&tz=8&ref=xsportshd.com
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
49e4c0f93f98318e8c3b2cc2d3de1b6968c1b799d28b468c3901a7d8a8df84a1

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; impressions=x%9CE%CA%C1%0D%C3%40%08%04%C0%5Exci%17%16%EEH%2B%91%2B%B1%D2%7B%1C%F9%91y%CFe%0AlU%1C%EA%5D%08%CA%5Eo%3A%3BS%9C%A9t%5B%01%3B%DD%C4%C2L%1F%5D%C8%D5%11%FF%17%C0%2A7JO%EC%BD%A9%3B6%81d%DF1%9F%A8%C9%5C%FE%7B%E7%E7%0B%E9%06%19%04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=00e42d99-a99c-4584-aee7-bb525593e662
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
11HRGQRu3W8CDj8YZlFwKNZa_SvYNYiZgbB6wTT2IjuuKBPrGy9buQ==
Cookie set cimp.php
s.optnx.com/ Frame F516
Redirect Chain
  • https://whos-amung.us/kadmvn2l
  • https://witalfieldt.com/redirect?tid=918505&tz=8&ref=xsportshd.com
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1a8efabe5be1e47a8171131c0b5819cb7c81c94df9e1c223d45c6d6f9756bace

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; impressions=x%9CE%CA%C1%0D%C3%40%08%04%C0%5Exci%17%16%EEH%2B%91%2B%B1%D2%7B%1C%F9%91y%CFe%0AlU%1C%EA%5D%08%CA%5Eo%3A%3BS%9C%A9t%5B%01%3B%DD%C4%C2L%1F%5D%C8%D5%11%FF%17%C0%2A7JO%EC%BD%A9%3B6%81d%DF1%9E%A8%C9%5C%FE%7B%E7%E7%0B%E8%F3%19%03
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=d885e8f2-75b8-42d8-9b94-162042c5e9f8
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
zbYWV8_kubWNzfAaeyaMxw3pp7NWRjHksz-NvnM3MR-CKTi7crRGPg==
Cookie set cimp.php
s.optnx.com/ Frame 231E
Redirect Chain
  • https://whos-amung.us/kadmvn2l
  • https://witalfieldt.com/redirect?tid=918505&tz=8&ref=xsportshd.com
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/football-streaming-live.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
fcc33c275b6993b6b33ad5bd93364f338dbbdeb20051753507bd69613a2cdce2

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; impressions=x%9CE%CA%C1%0D%C3%40%08%04%C0%5Exci%17%16%EEH%2B%91%2B%B1%D2%7B%1C%F9%91y%CFe%0AlU%1C%EA%5D%08%CA%5Eo%3A%3BS%9C%A9t%5B%01%3B%DD%C4%C2L%1F%5D%C8%D5%11%FF%17%C0%2A7JO%EC%BD%A9%3B6%81d%DF1%9F%A8%C9%5C%FE%7B%E7%E7%0B%E9%06%19%04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D; expires=Thu, 05 Oct 2023 15:55:37 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh
date
Tue, 05 Oct 2021 15:55:37 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=d06cbc2f-564d-4bce-bf6b-5acb21fb13e6
x-cache
Miss from cloudfront
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
DPKXiat6g1ar47EzwOJ9areI47ncOIWMnGBd_CC0t_FV8mah_r-Tig==
js
www.googletagmanager.com/gtag/ Frame EB25 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b213528b7fead117a8f54539cec57724d4b27401589d88002f48083fac10c34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38907
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:36 GMT
analytics.js
www.google-analytics.com/ Frame A307 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4119
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
/
bedrapiona.com/5/3505548/ Frame A307 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3505548/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
17b22cb9f15b62d50318b393a4369b4a2a3a444bfa3a0fd57d445a020b8512f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
71eec08a9eb063e88d29c860146a9ab0
pragma
no-cache, no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
null
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
img.gif
my.rtmark.net/ Frame C806 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0e0876085cfb4ed0a39c847fcf79bd5c
Requested by
Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=0e0876085cfb4ed0a39c847fcf79bd5c&oaidts=1633449336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onmarshtompor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
55348681
mc.yandex.com/watch/ Frame A307 		350 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/55348681?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A90833154188%3Ahid%3A824522880%3Az%3A0%3Ai%3A202101005155536%3Aet%3A1633449337%3Ac%3A1%3Arn%3A326613316%3Au%3A1633449337974468528%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336687%3Ads%3A0%2C0%2C50%2C1%2C27%2C0%2C%2C131%2C8%2C%2C%2C%2C218%3Adsn%3A0%2C0%2C50%2C1%2C27%2C0%2C%2C137%2C8%2C%2C%2C%2C218%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b4d5aaaab6b56af2f338d8a77b2cd73c4f2d3d51e8fd4aa26278a1874feb1158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 05-Oct-2021 15:55:36 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:36 GMT
advert.gif
mc.yandex.com/metrika/ Frame A307 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:36 GMT
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 05 Oct 2021 16:55:36 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame AB09 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
3679746
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fcddc638d6e16c45c5296dbd0c614bc9
cf-ray
6997d5d4485cd6e1-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
widget.css
live.batstream.live/css/ Frame AB09 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/widget.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d00a6a9febd2557b842da6369b48c6ee661b86049864d802f56976bc2f02f5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-38c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiZpifis%2BPongGaC9Re1deWdBZyXzxKG85liJHpD732KCvNcngBZVReQj5Yuu9gPD5MDUambR7ZtxMsjdi9WOS3%2FTCa%2FtHDnpJkbJRK0t4CoojHU76M8OmUge3loYx8GVcLYjoJt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d44bae27a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT
css
fonts.googleapis.com/ Frame AB09 		2 KB
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
fa5069a4a04a1940aebe618849b21c7c725f6567e3eab2f21ad84621ed9f6d23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 14:36:42 GMT
server
ESF
date
Tue, 05 Oct 2021 15:55:37 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 15:55:37 GMT
jquery.min.js
live.batstream.live/js/ Frame AB09 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313188
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-17b8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggKF0%2B%2FLp6dA%2F0NsbMeh1SEsgHt%2Bgx%2F%2BQ4kTl81qysclquPOAcQaPo3uh20zh94D9Dyx%2FVq0Q6SSvgMzHte0eKOp0am2EL6otLDuz9RCrODuxcSByjDeUrBZnhl%2FqVDtRsK%2Boe5z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d44baf27a0-PRG
expires
Mon, 01 Nov 2021 00:55:49 GMT
bootstrap.min.js
live.batstream.live/js/ Frame AB09 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/bootstrap.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328594
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o36kBX5lliQ07YfJspOAMS3k80nlO82ytGTAykf2V3e%2BnatiDOKFioD5%2FXGiVzEIA6xXSUo%2FQdlmqUyZMRWD2votdlocwnhhmuyLGZqD%2ByJUyJ7bZMpygQKmZq9g1eUdO9vM7PtG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d49bce27a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
jquery-ui.min.js
live.batstream.live/jquery-ui-1.12.1.custom/ Frame AB09 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/jquery-ui-1.12.1.custom/jquery-ui.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de55f8247b1682887c7d5634e3ac5a78c89cdc867e6570325cbe929927a36bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328594
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-433e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U5klrvcjHk39zm%2B%2BLVHdvbCkkcqzEMhMGnF0w9PF1aVa05Op50UiMgpfeeUmdcrMYcyva61a2CEIGWfu6PV5wxMCIDWhxk6mWX3BMGM8f6fnr9n%2Ber%2F7R57g8PGsmoyw%2BW3M8O5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d49bcf27a0-PRG
expires
Wed, 20 Oct 2021 06:52:23 GMT
js
www.googletagmanager.com/gtag/ Frame AB09 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
eeff61a4ef0fe2fd55156221094d1c132ede2388bd3639d03a008db7000f5884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38907
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 15:55:37 GMT
jquery.scrolling-tabs.css
live.batstream.live/css/ Frame AB09
Redirect Chain
  • https://live.batstream.tv/css/jquery.scrolling-tabs.css
  • https://live.batstream.live/css/jquery.scrolling-tabs.css
1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/css/jquery.scrolling-tabs.css
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b7b7dd29913e1efa668006f4a14801dd49ce4581a7628840c8b92d5804440f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1331041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TC%2FpM7RNjb103rxJZCnjasx2AiO%2Fn7pE%2BmXj9byrDXsZociNBKRqcNsnL1MYbpIEq7EtBFNIkCcFf9eIqn87kPqwTRzr3zHhCwckHjWPRFQu91vFm7e7Gurl2%2BOh%2BISd%2BrhpI5y5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d46bba27a0-PRG
expires
Wed, 20 Oct 2021 06:11:36 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXIBIOsZOM5BAs%2Fc0fAcxzoxv0DzQLQ376Bie01D329BXfas9gGBE29wxO%2Fv%2ByF2Kx1hTNk%2FQEX1%2FUZUrjdSudRQiXLk0mcKOaQG1ss9FBMi8NJtn5Prf%2FCpGO1Xkxp%2Bt0SA8g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/css/jquery.scrolling-tabs.css
cache-control
max-age=3600
cf-ray
6997d5d4484427c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:37 GMT
jquery.scrolling-tabs.js
live.batstream.live/js/ Frame AB09
Redirect Chain
  • https://live.batstream.tv/js/jquery.scrolling-tabs.js
  • https://live.batstream.live/js/jquery.scrolling-tabs.js
59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/js/jquery.scrolling-tabs.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7671b7c1b3cf6ae80a6fe4576cf786a2cce5e57ecdd4f1d26135e90b7e22a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1328585
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 28 Jan 2019 22:44:24 GMT
server
cloudflare
etag
W/"5c4f85c8-ec08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6uwhtj7QqmQjHdChTNVZwlRUJYrFKj%2FlxWQ%2FOVtqvRlzUZYR1FBg%2BRJcBSOXCIr2pkL3WwecWTPSs%2Bs8d6StDXxWsjaNT6XhYru98mqCqexO9UkreICI0C8zY7QL2TTTM%2FN8D6i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
6997d5d46bb927a0-PRG
expires
Wed, 20 Oct 2021 06:52:32 GMT

Redirect headers

date
Tue, 05 Oct 2021 15:55:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENnWMm9WGcLZwvugppA5iJdXIxhFh8V9sy9AGeTfwRkr8QraECP05mdp4M8P54teQwAbwoxyQSasKGdfuWWJBLcnJZ5przVtcS23hIF4huw66HwqT8Xuwuc%2FvT6AiG4NJE8g%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://live.batstream.live/js/jquery.scrolling-tabs.js
cache-control
max-age=3600
cf-ray
6997d5d4484527c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 05 Oct 2021 16:55:37 GMT
/
onmarshtompor.com/ Frame C6C1 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/?rb=aJ1idrdZiU0bO-QtHWyqy1P1sA-6t-rITpscwpntmTGmEHWzt4_-jWT3Dz292MufBm45u3bib7Y1UjUvgtNZFL8hQ71lJsulFLz2BnU0Q6qOwWrm2DZNh81FHaIBPdVodCSA3-3Qr9VoKURUOqce9i7PGvplc3iNU1I-h7xOEN61fxAgQuOwzv0WC2wN8z9xDQQajewKIP6nkDAxFnBJlwVpLPliZ9sC7vEOPl0ZePO_TySA2xuv0pPvpsToBUPbTxRHxzL69oZMkk0lkV_oKG8YNEOw1SN_&zoneid=3505548&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1057&wiw=1057&wih=4000&wfc=3&pl=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&drf=https%3A%2F%2Fxsportshd.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=2&bs=ebcbdade-beaa-42d6-9537-bc4456654a69&m=link
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
02427dfcf3d989b379867c531c06e893988fa5ea0c10bc721d120d37b6e9d736
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://live.batstream.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.js
mc.yandex.ru/metrika/ Frame AB09 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Tue, 05 Oct 2021 16:55:37 GMT
list.php
live.batstream.live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Protocol
H3
Server
104.21.42.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZb01wgPNsnyX%2BbdBHUU8tWg%2B3c869Y5dNOX44NVxy1Kbu9MZckwQAq7%2BtzRkNWeU%2B%2FLpuY%2FtRHq7lFZV%2FejaOD%2BjTeRKDU9QZo61SLvOt7WUMTjj1l61uq31LzIm3%2BFZ5965z5H"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6997d5d4abd627a0-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tag.min.js
iclickcdn.com/ Frame AB09 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: live.batstream.live
URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
14215
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
82a5cf8ccb4272ddf95cc5d4b31259a9
pragma
no-cache
last-modified
Mon, 04 Oct 2021 08:03:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRzRpCsQr6W4bSdIhdKk52Ughr3gL0YepWRNp8JTQLh%2FLSoRA2HyUBRKc9cTp1zMZAum3PIdzQoHutbHk6fcdbAhdswkNcdKyUBqVEzxvcD5cFsNAdkz9zWPS7CjKEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6997d5d49bd227a0-PRG
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Wed, 06 Oct 2021 11:58:42 GMT
list.php
live.batstream.live/ Frame AB09 		0
0
/
bedrapiona.com/5/3505548/ Frame AB09 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3505548/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9e4fb31226e718c1f84b5772aceb67b5e3b1f00b452b149c5b5ba1125e4df941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
e231e4f4db34c3212864b2ac75ccf0a3
pragma
no-cache, no-cache
date
Tue, 05 Oct 2021 15:55:37 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
null
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ Frame AB09 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-101933180-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4120
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
55348681
mc.yandex.com/watch/ Frame AB09 		350 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/55348681?wmode=7&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A27446165803%3Ahid%3A448518940%3Az%3A0%3Ai%3A202101005155537%3Aet%3A1633449337%3Ac%3A1%3Arn%3A257151146%3Au%3A1633449337566042345%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1633449336916%3Ads%3A0%2C0%2C37%2C1%2C24%2C0%2C%2C62%2C4%2C%2C%2C%2C137%3Adsn%3A0%2C0%2C37%2C1%2C23%2C0%2C%2C74%2C4%2C%2C%2C%2C136%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633449337%3At%3ALive%20Stream%20Sports%20%7C%20Batmanstream
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ad7d8dd8090dcc6c2937e565accb6df16eae8140ae746b4508625838c69a300f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 05-Oct-2021 15:55:37 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:37 GMT
advert.gif
mc.yandex.com/metrika/ Frame AB09 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:55:37 GMT
last-modified
Tue, 05 Oct 2021 09:26:54 GMT
etag
"615bf02e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 05 Oct 2021 16:55:37 GMT
/
22bet.com/de/registration/ Frame A6A9
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhYjI1NGQ5MjBhNjBiZTlhMTc1MjE0MGI1OGQ5YTU2NXxlMGFkNjE5YjBiZjcxMTQ3OGFmM2RlOWM0N2EwZDI2OXwwfDJ8bGl2ZXN0b3RhbC5uZXR8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8ODZjZmZkYWNiNjJiNzU0NjhkNmVjZTdiMzI4ZGEwMzI-

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=7972358eabe9d7e11168c56fe2e67bc5; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ _glhf=1633467113; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:37 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:37 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:37 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:37 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXkCi3RWEy6WAg==; expires=Wed, 05-Oct-22 15:55:37 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=f3e02705031754435c44c3a8191367ab; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ _glhf=1633467113; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXkCi3RWEy6TAg==; expires=Wed, 05-Oct-22 15:55:37 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
/
22bet.com/de/registration/ Frame CE07
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzNjEyOXw1OC41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fDhkYzQ1NzE4YTcyYzZhMDBhZWQwN2JlMjJiZTY3OTIwfGUwYWQ2MTliMGJmNzExNDc4YWYzZGU5YzQ3YTBkMjY5fDB8MnxsaXZlc3RvdGFsLm5ldHwwfDB8MHwwLjA5fDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8NWMxZDBmYTM2MGI2NjA4YmZhNmI4NDZlMmY3Mjk1MDI-

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=c3bf0eeeed4982e21206c5be2fca0e8c; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ _glhf=1633467113; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:37 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:37 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:37 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:37 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXoCi3RWEy6ZAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:37 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=d922d2e4a03c73195d73ac31a568e421; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:37 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ _glhf=1633467113; expires=Tue, 05-Oct-2021 16:55:37 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXkCi3RWEy6VAg==; expires=Wed, 05-Oct-22 15:55:37 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
/
22bet.com/de/registration/ Frame F516
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NjAuNXw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxmYWE4YTk3ODkzYTlhODA5MTU0YzczMTVlNjdjMjI4Znw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfDB8MHwyOTA1MzMwfC0xfDB8MjkyNTUzM3xob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDkzfDB8MHwxfDB8T0t8OWMyZWEwZmEzMjdjNDI5NmI5MTAyYTVmNDMyMmQyN2I-

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=68ba22a6aa72929b22e7ce20af95b72f; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:38 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:38 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:38 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:38 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXoCi3RWEy6dAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=be4f2275c401f5e6655af07b03f5b332; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXoCi3RWEy6YAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
r
go.lnkam.com/link/ Frame E03D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.brownells.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684e14af5972b0747f3a395393c2212d666&source=7add72c8711b449ea56ff14a1578bbe2
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF626w2w2bco9n5l3s3c7m7cbm7a5ga_1d4w6R1B094V3evsb8zuysMG1%261sr%3DQ0D0C0C0E1p8%3Dei4nfi9p2a0%264of.al9e3w3r2.1wdF6%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=6fbae516cc764398b90dca68131a4812&sct=0&ct=1633449337358&cu=e14af5972b0747f3a395393c2212d666&ykuid=e940d49c6c81420cbcabcaa20a9f992f&sc=1&cs=a5d9e5a6f622656db439f203db7af1ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-102.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
11a7672e066df44d65a41352b3a59803145b4d6421fee5ac44fb80ed9eb2124d

Request headers

:method
GET
:authority
go.lnkam.com
:scheme
https
:path
/link/r?u=http%3A%2F%2Fwww.brownells.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684e14af5972b0747f3a395393c2212d666&source=7add72c8711b449ea56ff14a1578bbe2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
495
date
Tue, 05 Oct 2021 15:55:37 GMT
x-amzn-requestid
ffa97bf8-5a3c-4482-a16d-8497c1b26ba5
referrer-policy
none no-referrer none, no-referrer
content-encoding
gzip
surrogate-control
no-store
x-amzn-remapped-content-length
1132
x-amz-apigw-id
GvdLBEYBIAMFmog=
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
etag
W/"46c-bXS+m5Z5zfb2FRALGpojGMy52/Q"
x-powered-by
Express
x-amzn-trace-id
Root=1-615c7579-0d62a54c138226507a3a5edc;Sampled=0
pragma
no-cache
x-cache
Miss from cloudfront
via
1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
0X5KJNXik75KapRcQmDOMdv5nKw1T85EpKfwQ0WIOcijxTOvL8aYkQ==
/
22bet.com/de/registration/ Frame 35CB
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w2MHw3NXxVU0R8RVVSfDEuMTc0fDEuMTc0fDIyfHwxfERFVXx8MTJ8NHwxfHxhOGNmZDc3ZWJiOTA4N2QxNGIwYTQ1OTBiOWUxNjU5ZHw2M2FhYTAyMWEzNjFhNDc2OTgyM2JjZThlZjc4OTc3YXwwfDJ8eHNwb3J0c2hkLmNvbXwwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI5MDUzMzB8LTF8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MnwwfDB8OTN8MHwwfDF8MHxPS3w4NWIzMzU5Y2EwN2M4MjMxYTdhYThkYzllMzliMjg2ZA--

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=a49b87371efd73b21dd1d6bfdd237121; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:38 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:38 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:38 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:38 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXoCi3RWEy6iAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=d3f7a1e1f4b1d1fb64db74ebf9e1ac02; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXoCi3RWEy6cAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
/
22bet.com/de/registration/ Frame 231E
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWQtbWF2ZW4uY29tfDQ2OTg2MXw0MzA2NzV8ODE1NDMxfDM1NzA3Nzd8NTExfDQ2ODgxNDZ8NjYxMDAzMTZ8NDB8MnwwfDB8NDU2OXw5MTg1MDV8NTl8NzV8VVNEfEVVUnwxLjE3NHwxLjE3NHwyMnx8MXxERVV8fDEyfDR8MXx8YTk3YzMxYzViNjMyYzU3YWM4NmRkNWFiY2VkYjg1Zjl8NjNhYWEwMjFhMzYxYTQ3Njk4MjNiY2U4ZWY3ODk3N2F8MHwyfHhzcG9ydHNoZC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDVlYjk5ZmY3ZjhhNGNlOTAxZDAxZmVkOTM4OGIyNjFh

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=6fb981bb730f14ffb6026b102cd33a6a; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:38 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:38 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:38 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:38 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXoCi3RWEy6nAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=eccb681aa0bb09aa41297027b6c82fb5; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXoCi3RWEy6hAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
/
22bet.com/de/registration/ Frame F141
Redirect Chain
  • https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkF...
  • https://refpasrasw.world/L?tag=d_1065581m_18283c_VEAASUXFMRBAAWA&site=1065581&ad=18283&exffir=eyJjIjoiNmY5ODc1ZmI0MTMwZWNlOWI2YzBlMDkyZDFkMWVmYjQiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDAiLCJ...
  • https://links22.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/en/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
  • https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
Requested by
Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
22bet.com
:scheme
https
:path
/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.optnx.com/cimp.php?data=TVRZek16UTBPVE16TjN4bE9URTFaVFkyTVRFMU1XUTJZVGsxWW1RNU5HVmtNRE01WVdGaE4yVTJZUS0tfGh0dHBzOi8vcmVmcGFzcmFzdy53b3JsZC9MP3RhZz1kXzEwNjU1ODFtXzE4MjgzY19WRUFBU1VYRk1SQkFBV0Emc2l0ZT0xMDY1NTgxJmFkPTE4MjgzfGh0dHBzfDIxNi4xMzEuMTE0LjEyNnxERVV8NTJ8YWRtYXZlbi5jb218NDY5ODYxfDQzMDY3NXw4NDU0NTd8Mzc3Nzg1N3w1MTF8NDY4ODE0Nnw2NjEwMDMxNnw0MHwyfDB8MHw0NTY5fDkzMTcyN3w1OS41fDc1fFVTRHxFVVJ8MS4xNzR8MS4xNzR8MjJ8fDF8REVVfHwxMnw0fDF8fGZkY2YzNjZiNmFmMTZlMTE5YjJiYTgzODQ5ZTcxNmRlfDYzYWFhMDIxYTM2MWE0NzY5ODIzYmNlOGVmNzg5NzdhfDB8Mnx4c3BvcnRzaGQuY29tfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MjkwNTMzMHwtMXwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwyfDB8MHw5M3wwfDB8MXwwfE9LfDQxNDJiMTZkNjIzMWIyODE4MjljNDM5ZTliMDBkNjNk

Response headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
set-cookie
SESSION=eaff9a210d4bff38c959cf653580b96d; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Wed, 05-Oct-2022 15:55:38 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_1065581m_18283c_VEAASUXFMRBAAWA%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sat, 04-Dec-2021 15:55:38 GMT; Max-Age=5184000; path=/; HttpOnly reflinkid=d_1065581m_18283c_VEAASUXFMRBAAWA; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Tue, 12-Oct-2021 15:55:38 GMT; Max-Age=604800; path=/ v3tr=1; expires=Fri, 08-Oct-2021 15:55:38 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax auid=LYd6KmFcdXoCi3RWEy6oAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
content-length
534
location
https://22bet.com/de/registration/?tag=d_1065581m_18283c_VEAASUXFMRBAAWA
x-frame-options
SAMEORIGIN
set-cookie
SESSION=1c3c18c0916c9f8e7c439df67b5757e3; path=/; secure; HttpOnly; SameSite=Lax ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ lng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ flaglng=de; expires=Thu, 04-Nov-2021 15:55:38 GMT; Max-Age=2592000; path=/ dnb=1; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ _glhf=1633467114; expires=Tue, 05-Oct-2021 16:55:38 GMT; Max-Age=3600; path=/ auid=LYd6KmFcdXoCi3RWEy6lAg==; expires=Wed, 05-Oct-22 15:55:38 GMT; path=/
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
en-in
www.ssense.com/ Frame 5621
Redirect Chain
  • https://clk.omgt4.com/?PID=40182&AID=1992587&UID=PaN5B3odQ224dz-pIdJ-jg
  • https://track.omguk.com/c?PID=40182&AID=1992587&UID=PaN5B3odQ224dz-pIdJ-jg
  • https://ad.admitad.com/g/c7w0ecf1cs8cec8777e4fda6b4e78f/?subid=f1c7ebf144cf41468d7b2218b089ab5f&subid1=1992587&subid2=&subid3=2196012&subid4=40182&ulp=https%3A%2F%2Fwww.ssense.com%2Fen-in%3F
  • https://prf.hn/click/camref:1100l3dN4/pubref:f52c2698e6bd89934dce2a7f93120e21/adref:987837/destination:https%3A%2F%2Fwww.ssense.com%2Fen-in%3F
  • https://www.ssense.com/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ssense.com/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.104.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31540000

Request headers

:method
GET
:authority
www.ssense.com
:scheme
https
:path
/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://r.srvtrck.com/v2/go?t=gt-pd%3Ap%2Fzl4.2mdt3.5oa%2F%3DPID%26481229A%3DDI1%2698507%3DUID%3FPmNcB4ogQo2kdc-%2FIsJtjh&e=1&ai=df26eaff6d6c4ad5adffb4f34554dad4&sct=0&ct=1633449337479&cu=3da379077a1d436db8773fa921d27e8e&ykuid=96bd89c12f2a45cb8a3743e4b340aee5&sc=1&cs=f817ffe32f293e8d33f95657c83cb41b

Response headers

date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
x-ssense-gql
true
x-ssense-shipping-surcharge-enabled
true
x-envoy-upstream-service-time
82
fastly-restarts
1
cache-control
no-cache max-age=0
via
1.1 varnish
set-cookie
_pxhd=LAsVGRJjX75IcorMP6MlL5D7QwZrleGNOiM1CB-m6/XfU46kAoby0p03R6mEoy-tTYvR8tfUWJiIHBTBzFygKg==:2eDtWzp/SFbo0hqLrPG24ZLRF2P7r/psSebQjxwZhqt1L-WkvpIfriWgq9bPBz/y8j1vuDRaE5x0V7tdXHdatfGmTmP5u8JyvB-y4gL0Jss=; Expires=Wed, 05 Oct 2022 15:55:38 GMT; path=/; clickref=1011lio4y5er;expires=Thu, 04 Nov 2021 15:55:38 GMT; path=/ affiliate=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/ gdprCountry=true; path=/ cookieDisclaimerAccepted=false; path=/ visitorId=1159378c53825266bd7b75d9f8b69f7d7fc21f53ce4cb20914f69c72358f7d73; expires=Thu, 05 Oct 2023 15:55:38 GMT; path=/ preferredLanguage=en; expires=Thu, 05 Oct 2023 15:55:38 GMT; path=/ exp_styledwith_widget_enabled=false;expires=Mon, 03 Jan 2022 15:55:38 GMT;path=/ exp_trending_default_newinseason_enabled=true;expires=Wed, 05 Oct 2022 15:55:38 GMT;path=/ visitedTimestamp=1633449338;expires=Sun, 02 Jan 2022 15:55:38 GMT;path=/ isNewInSeasonUser=true;expires=Sun, 02 Jan 2022 15:55:38 GMT; path=/ isp=highwinds network group inc.; expires=Thu, 05 Oct 2023 15:55:38 GMT; path=/ __cf_bm=Rqpz4ib05RX2YA9w0og29ORdvrKZVgnwDLdkxXwL7tE-1633449338-0-ASea4WMVxkp9A/Wo80N97ce967iHu2vvh8aU7RjwhsWEI3UqRkmwMrvS5MEzL1SwINvUl6jMXV+ME9Tp6KAVURo=; path=/; expires=Tue, 05-Oct-21 16:25:38 GMT; domain=.ssense.com; HttpOnly; Secure; SameSite=None
x-served-by
cache-fra19128-FRA
x-cache
MISS
x-cache-hits
0
vary
x-ssense-gql,x-ssense-shipping-surcharge-enabled, Accept-Encoding, x-cdn-location, x-ssense-trending-default-newinseason, x-ssense-exp-styledwith-widget, x-is-new-in-season-user, x-ssense-tags
strict-transport-security
max-age=31540000
content-security-policy
frame-ancestors 'self'
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6997d5da5bf36957-FRA
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR PSAa PSDa OUR IND UNI"
Set-Cookie
tPHG-PS=1011l7232414939; expires=Wednesday, 05-Oct-2022 15:55:37 UTC; path=/; domain=.prf.hn; SameSite=None; Secure
Location
https://www.ssense.com/en-in?&clickref=1011lio4y5er&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=987837
r
go.lnkam.com/link/ Frame 0FBF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.macys.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684b3e41b2e2a8e449396b4a82b3c497a5b&source=7add72c8711b449ea56ff14a1578bbe2
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sFb2aw9wcmbc8s4c6m3c4meaage_bd4w3R4B691V0e4s38vubszGy%26Ms1%3D10r0Q0D0C1C8Ebpe%3D1i2n2i8p4a9%269ob.ay2a3.4w7F5%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=7631256ad64447aaba5a464e617df142&sct=0&ct=1633449337497&cu=b3e41b2e2a8e449396b4a82b3c497a5b&ykuid=12d90dbb67034bee892f76b26546fa13&sc=1&cs=df60ffb5916cbcda6f42dd00a1467111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-102.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
6f8ca2591b9298fc81c72c8b9bb65cd541c62cc27a362572cc875d7755d26157

Request headers

:method
GET
:authority
go.lnkam.com
:scheme
https
:path
/link/r?u=http%3A%2F%2Fwww.macys.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684b3e41b2e2a8e449396b4a82b3c497a5b&source=7add72c8711b449ea56ff14a1578bbe2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
568
date
Tue, 05 Oct 2021 15:55:37 GMT
x-amzn-requestid
74f935db-655d-4b91-9f2f-99c6a068a3d3
referrer-policy
none no-referrer none, no-referrer
content-encoding
gzip
surrogate-control
no-store
x-amzn-remapped-content-length
1228
x-amz-apigw-id
GvdLDEzaoAMFc8g=
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
etag
W/"4cc-eRnjLgMUKHHzHhjY27PbASsLLPA"
x-powered-by
Express
x-amzn-trace-id
Root=1-615c7579-0a9f39675961e5197ad941f3;Sampled=0
pragma
no-cache
x-cache
Miss from cloudfront
via
1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
3Quy6cgV4bHXttYn9-gnDduGlIj9JHQ8m3tgQ43_uP0btmicezBSkw==
r
go.lnkam.com/link/ Frame 908C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.lnkam.com/link/r?u=http%3A%2F%2Fwww.maurices.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684aa5524921b6344099871577c2c5a86c0&source=7add72c8711b449ea56ff14a1578bbe2
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=2tbp8%3A5%2Fao1lfk5mec4mbl1n8%2F2%3Fd%3Dat%3Dpc3u%25sF026wawcmcu7i1e8.9o4%263abp2i4n5ia%3D4p6E1C0C4D3Qvrb1z1yMGs%26us8%3Ds0e0V090B1R8wad5_2g9a1m6c4m0c9s7c5r7a2.5w8Fc%25%262oAr%25et7hdu7rck7i1%2F4o9.aa6nf.4g1%2F7sbteh&e=1&ai=4509d5aaa339472fa7d38681f94f2fc0&sct=0&ct=1633449337503&cu=aa5524921b6344099871577c2c5a86c0&ykuid=10b5608279a14690839e1d3addf99267&sc=1&cs=291543c279b5a35513d6dffe607928dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-102.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
b95cfd62cffbdf2790ab177b6f606cd535d5274e544d9aebcebfde41f133c24e

Request headers

:method
GET
:authority
go.lnkam.com
:scheme
https
:path
/link/r?u=http%3A%2F%2Fwww.maurices.com&campaign_id=wpREBC9CVDeQsr81u1sMGy&zsb=v030400011684aa5524921b6344099871577c2c5a86c0&source=7add72c8711b449ea56ff14a1578bbe2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
495
date
Tue, 05 Oct 2021 15:55:37 GMT
x-amzn-requestid
3fb7e5c4-578b-4110-917a-07e165a02b4e
referrer-policy
none no-referrer none, no-referrer
content-encoding
gzip
surrogate-control
no-store
x-amzn-remapped-content-length
1131
x-amz-apigw-id
GvdLDEiAoAMFkIQ=
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
etag
W/"46b-mxn/FGNubv/UfNyS8UaI8YhuJgc"
x-powered-by
Express
x-amzn-trace-id
Root=1-615c7579-0a3971392897c09128f43e31;Sampled=0
pragma
no-cache
x-cache
Miss from cloudfront
via
1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
3wzDJ6QV5Uj-H0uZOBjxzru-_nJT9Nw4_BtnM7N69K4fm09s9Um33Q==
prefs.js
vht.tradedoubler.com/fp/ Frame 2FD1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 09:17:39 GMT
Content-Encoding
gzip
Age
369478
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
NnwvHiJ1f0fFcxL3Z8eelz2SqkDQ_k63D15Pph7Q-sO15Ig6gQ7cRQ==
Expires
Fri, 08 Oct 2021 09:17:39 GMT
nl-en
www.grover.com/ Frame 2FD1
Redirect Chain
  • https://clk.tradedoubler.com/click?p=319189&a=3232771&epi=NbP9ocrAtx6WFTEQDVmwJ9
  • https://www.grover.com/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grover.com/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
Requested by
Host: sportsmix.net
URL: https://sportsmix.net/hd-streams.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.grover.com
:scheme
https
:path
/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 15:55:38 GMT
content-type
text/html; charset=utf-8
cf-ray
6997d5d9dd5cdfeb-FRA
cache-control
no-cache, no-store, must-revalidate
set-cookie
deviceId=rUBerlYltdzjI_qCT4M2g; Max-Age=315360000; Path=/; Expires=Fri, 03 Oct 2031 15:55:38 GMT ipCountry=DE; Max-Age=86400; Path=/; Expires=Wed, 06 Oct 2021 15:55:38 GMT locale=en; Max-Age=31536000; Path=/; Expires=Wed, 05 Oct 2022 15:55:38 GMT shop_country_code=nl; Path=/ original_request_ip=216.131.114.126
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://www.grover.com/nl-en?tduid=64e8a5c565e85d1b6e4eec03a5d14686
set-cookie
EH_0=1z11z1zqRz2OovkTz1SdnyZ7HjRAxyDfVh%79BuiR5FrbvEBOp2VHIiVd%7aZCx.gRtCOk7vrwSthMnlJboM97dqOYKMjh%793JpfWkGtI3N_%79x%7aTawlI2LnHUd;expires=Wed, 05-Oct-2022 15:55:37 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzqRz20QgxRz64e8a5c565e85d1b6e4eec03a5d14686;expires=Wed, 05-Oct-2022 15:55:37 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=64e8a5c565e85d1b6e4eec03a5d14686;expires=Wed, 05-Oct-2022 15:55:37 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Tue, 05 Oct 2021 15:55:37 GMT
content-length
272
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
perf.gif
perf.cdnads.com/ Frame C6C1 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.cdnads.com/perf.gif
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/bundesliga-sports-stream.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.156.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.batstream.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:37 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 06 Oct 2021 15:55:37 GMT
popunder1000.js
a.exdynsrv.com/ Frame 927D 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exdynsrv.com/popunder1000.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:37 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"f744f0d2317398d07acc666b278"
X-HW
1633449337.dop016.fr8.t,1633449337.cds208.fr8.shn,1633449337.dop016.fr8.t,1633449337.cds103.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40039
analytics.js
www.google-analytics.com/ Frame 927D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4120
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
popunder1000.js
a.exdynsrv.com/ Frame 8FC8 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exdynsrv.com/popunder1000.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:39 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"f744f0d2317398d07acc666b278"
X-HW
1633449337.dop016.fr8.t,1633449337.cds208.fr8.shn,1633449337.dop016.fr8.t,1633449339.cds103.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40039
js15_as.js
s10.histats.com/ Frame 8FC8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: elil.cc
URL: http://elil.cc/tphd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:49:30 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
917214562
analytics.js
www.google-analytics.com/ Frame EB25 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4122
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
analytics.js
www.google-analytics.com/ Frame 8FC8 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-106535798-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4122
date
Tue, 05 Oct 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 05 Oct 2021 16:46:57 GMT
0.php
s4.histats.com/stats/ Frame 8FC8 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4523582&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Football%20Stream%20Online%20%7C%20XsportsHD%20Soccer%20Stream&@n0&@ohttp%3A%2F%2Felil.cc%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-187209924&@b3:1633449339&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns546644.ip-158-69-251.net
Software
/
Resource Hash
0d9291f51dded79b1bbca09be5434a37491c1e08f95e39149c2e557ab70455da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:39 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
result
xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/ Frame 8FC8 		2 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xsportshd.com/cdn-cgi/challenge-platform/h/g/cv/result?req_id=6997d5cf9b842790
Requested by
Host: xsportshd.com
URL: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://xsportshd.com/bundesliga-sports-stream.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Oct 2021 15:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKUhkc1ylpbRALGd3BmiotTCaDMZ26sjIoxORqW39DlAPEskwgJKIbPdu9TyQ4OCf8sNPBNvh%2B9NtV9PG%2BTHGTynJhaEyBojZJ7bEdWqXSwZxjW5nLFrA9UJksIboFWx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6997d5e2d90e27bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2
/
e.dtscout.com/e/ Frame 8FC8 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4523582&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Football%20Stream%20Online%20%7C%20XsportsHD%20Soccer%20Stream&@n0&@ohttp%3A%2F%2Felil.cc%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-187209924&@b3:1633449339&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
83cd256e5c9112d590c5b6a89ff7fc0dab25e0b6cc8c11d00993d70a6caed3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:39 GMT
X-T
0.603
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Tue, 05 Oct 2021 15:55:38 GMT
55348681
mc.yandex.com/webvisor/ Frame C6C1 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55348681?wmode=0&wv-part=1&wv-hit=455532316&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&rn=644388167&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633449339%3Aw%3A1057x4000%3Av%3A660%3Az%3A0%3Ai%3A202101005155539%3Au%3A1633449337230160154%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633449339
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.batstream.live/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:39 GMT
last-modified
Tue, 05-Oct-2021 15:55:39 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://live.batstream.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:39 GMT
/
t.dtscout.com/idg/ Frame 7742 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=10401633449339B04A798EC9BCF83F37
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
be9faea4c6d4a3ebeb347b72f1230961615ad78f631196d72eead16cca1cceef

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xsportshd.com/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; st=1; oa=1; df=1633449339; l=10401633449339B04A798EC9BCF83F37
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 05 Oct 2021 15:55:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Tue, 05 Oct 2021 15:55:38 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8FC8 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
79652
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 04 Oct 2021 17:48:08 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
XjgqSfOEeDJMo0P4EopvX2c9q8jdvYwmpPH5X_iCbH49UwzsWryUDQ==
dtscout
pd.sharethis.com/pd/ Frame 8FC8 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 05 Oct 2021 15:55:39 GMT
/
t.dtscout.com/pv/ Frame 8FC8 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=xsportshd.com&_ss=4k4kjfujvt&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5hjf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
752bd14dec09182436202fe8f776d06f0e8acae7d955dce90d328c1f8f2a148a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:39 GMT
X-T
0.199
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Tue, 05 Oct 2021 15:55:38 GMT
/
onetag-geo.s-onetag.com/ Frame 8FC8 		555 B
988 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-78.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:42:21 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront), 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
age
798
x-amzn-requestid
cfcb28cf-a5d9-4eec-821b-e2caabb19594
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
GvbOnGXiCYcFQaw=
content-length
555
x-amz-cf-id
_h3jeb8gm5VPHJ6Ycg4g0d2HoAV4jPgSzy1VB6g9C_n9mk4J71omVw==
55348681
mc.yandex.com/webvisor/ Frame C6C1 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55348681?wmode=0&wv-part=1&wv-hit=455532316&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&rn=647973001&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633449340%3Aw%3A1057x4000%3Av%3A660%3Az%3A0%3Ai%3A202101005155539%3Au%3A1633449337230160154%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633449340
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.batstream.live/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:39 GMT
last-modified
Tue, 05-Oct-2021 15:55:39 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://live.batstream.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:39 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame 8FC8 		1 KB
859 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-60.fra50.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:53:51 GMT
content-encoding
gzip
server
restify
age
28909
vary
Accept-Encoding,origin
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
https://xsportshd.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mYwDDyYgQmYkqfNAod8uY9XbaWZgb1RrSe2w-vhwhsG82N0FomQQPg==
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
/
t.dtscdn.com/widget/ Frame 8FC8 		0
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=10401633449339B04A798EC9BCF83F37&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&r=http%3A%2F%2Felil.cc%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fxsportshd.com%2Fbundesliga-sports-stream.html&j=http%3A%2F%2Felil.cc%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
lb4.ny1.dtscdn.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:58:59 GMT
X-T
15.86
x-server
web15.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Tue, 05 Oct 2021 15:58:58 GMT
tpid=10401633449339B04A798EC9BCF83F37
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/ Frame 8FC8
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.254
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633449339B04A798EC9BCF83F37
cache-control
no-cache
x-server
10.45.2.35
content-length
0
expires
0
33141
tags.bluekai.com/site/ Frame 8FC8
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401633449339B04A798EC9BCF83F37
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=09a6ee1e-97df-4da3-baaf-aaeb2289f18e&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=36b0a5d26796a73a
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=36b0a5d26796a73a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xsportshd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 15:55:40 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=36b0a5d26796a73a
content-length
0
55348681
mc.yandex.com/webvisor/ Frame C6C1 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/55348681?wmode=0&wv-part=2&wv-hit=455532316&page-url=https%3A%2F%2Flive.batstream.live%2F%3Fd%3D1%26s%3D1%26sp%3D1%26fs%3D12px%26tt%3Dnone%26fc%3DFFFFFF%26tc%3DFFFFFF%26bc%3D4E5D6C%26bhc%3D3E4A56%26thc%3DFFFFFF%26pd%3D5px%26brc%3D030303%26brr%3D2px%26mr%3D3px%26tm%3D122A33%26tmb%3DFFFFFF%26wb%3D2B3E50%26bcc%3D2B3E50%26bsh%3D0px%26rdb%3DEBEBEB%26rdc%3D333333&rn=17730564&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633449341%3Aw%3A1057x4000%3Av%3A660%3Az%3A0%3Ai%3A202101005155541%3Au%3A1633449337230160154%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633449341
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.batstream.live/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 15:55:41 GMT
last-modified
Tue, 05-Oct-2021 15:55:41 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://live.batstream.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 05-Oct-2021 15:55:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
http://6.adsco.re/
Domain
4.adsco.re
URL
http://4.adsco.re/
Domain
abc.wwija.com
URL
https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Domain
abc.wwija.com
URL
https://abc.wwija.com/click.php?key=9tz2gymnylbpc4gs2a74&tag=ooc7bc7qaZ7LaJXUzzU2VWTulc6m6t1U7p3UyuldK6V1NVdzp7paqKJXT3T1VUUOldK6d07pXSumdK6V0znV0Z55yzzZ0VzZ02V3Wz0aa7278WW3WWZulcoogkMXraPUP7nOldK6V11DpXSuldK6VwfY&cost=0.000365&source=xsportshd.com&varid=42147572&campid=3945856&siteid=871512&zoneid=4427830&catid=496&country=DEU&format=
Domain
live.batstream.live
URL
https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Domain
live.batstream.live
URL
https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| eQ function| r1ff function| O7hh function| n3VV function| G7hh function| x0ee function| G0oo function| f066 function| n066 string| b6f90b object| kixxz function| counteR undefined| ad_idzone undefined| ad_popup_fallback undefined| ad_popup_force undefined| ad_new_tab undefined| ad_frequency_period undefined| ad_frequency_count undefined| ad_trigger_method function| f488 function| Q888 function| n800 function| s488 function| F7ss function| x233 function| M5GG function| C7ss string| e94dfadd0 function| t0xx object| exoJsPop101 function| inIframe boolean| tech_detect function| mouseOverDetect function| mouseOutDetect function| myFunction object| _pop number| ads_blocked function| getGoogleAnalyticsCode function| gtag object| dataLayer boolean| shopCounter9Q0yS boolean| hold_click object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| detectZoom object| iframe object| where object| win object| _pao object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt

56 Cookies

Domain/Path Name / Value
elii.cc/ Name: PHPSESSID
Value: jse3mr35akrrkdc0sqr2k2755g
elil.cc/ Name: PHPSESSID
Value: ncofdo0egfml45uugspihmcdj3
elil.cc/ Name: _csrf
Value: acc602999663b63bd40abd390c15aec025be0bfa2ec5ef3f427b89960902d953a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22BnCVvi_3nh6SHG3Nzc1JnPBInQkymgZG%22%3B%7D
.elil.cc/ Name: _ga
Value: GA1.2.662959126.1633449336
.elil.cc/ Name: _gid
Value: GA1.2.225716900.1633449336
.elil.cc/ Name: _gat_gtag_UA_58048569_8
Value: 1
elil.cc/ Name: a
Value: QU6OnXT0q7OSVueecfgglKsxPG1VZU3s
elil.cc/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAYAYVx1eAFhXHV4gAGBAsAAIG81ejzh_mSfK4pJOeANzqZorf-8FfiMIASH-JU3rN61wQBHMEUCIG_HMjpyU03Er6GXmqBsEHHCYlpEjbmgaDaCfZ9sVi1wAiEAudCytMC2paxnqhdqWbmvZogRU9zit3Nbc7CVJfOMALg
bedrapiona.com/ Name: OAID
Value: 0e0876085cfb4ed0a39c847fcf79bd5c
bedrapiona.com/ Name: oaidts
Value: 1633449336
.batstream.live/ Name: _ym_uid
Value: 1633449337230160154
.batstream.live/ Name: _ym_d
Value: 1633449337
onmarshtompor.com/ Name: OAID
Value: 0e0876085cfb4ed0a39c847fcf79bd5c
onmarshtompor.com/ Name: oaidts
Value: 1633449336
.yandex.com/ Name: yandexuid
Value: 8623830151633449336
.yandex.com/ Name: yuidss
Value: 8623830151633449336
mc.yandex.com/ Name: yabs-sid
Value: 1934110581633449336
.yandex.com/ Name: i
Value: RoGB1/IGCqjHD8nZooWfX+szqNTomKAxJgAAW0qLvhIWRQqS5onN4GCdnz6Qd1mjWLr2rWtcceynblVQu4aqLIy7K4c=
.yandex.com/ Name: ymex
Value: 1664985336.yrts.1633449336#1664985336.yrtsi.1633449336
.batstream.live/ Name: _ym_isad
Value: 2
abc.wwija.com/ Name: uclick
Value: vc7vfva1dz
.batstream.live/ Name: _ym_visorc
Value: w
my.rtmark.net/ Name: ID
Value: 0e0876085cfb4ed0a39c847fcf79bd5c
.realsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7578806f31.336032303177146291%22%3B%7D
.realsrv.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v3%7C%7CDEU%7C4427876%7C42147572%7C0%7C%7C496%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C615c7578806f31.336032303177146291%7Ce0ad619b0bf711478af3de9c47a0d269%7C0%7Clivestotal.net%7C%7C%7C0%7C0%7C0%7C93%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
abc.wwija.com/ Name: uclickhash
Value: vc7vfva1dz-vc7vfva30-2tvr-0-g5-ejg5-bzxs-57f1ec
.optnx.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22615c7579343717.247877542751780705%22%3B%7D
.optnx.com/ Name: impressions
Value: x%9CE%CA%C1%0D%C3%40%08%04%C0%5Exci%17%16%EEH%2B%91%2B%B1%D2%7B%1C%F9%91y%CFe%0AlU%1C%EA%5D%08%CA%5Eo%3A%3BS%9C%A9t%5B%01%3B%DD%C4%C2L%1F%5D%C8%D5%11%FF%17%C0%2A7JO%EC%BD%A9%3B6%81d%DF%B1%9E%A8%C9%5C%FE%7B%E7%E7%0B%E9%2C%19%06
.mybetterdl.com/ Name: rhid
Value: 79798634643
.mybetterdl.com/ Name: loi
Value: ad_1123983_off_568758_aff_88987_cid_203248-937674_ts_1633449337
.global.yhit.top/ Name: bemob-uniq-visit:553af299-3b05-4f3c-914d-d73d2bcf203e
Value: 1
.global.yhit.top/ Name: bemob-click-id
Value: NbP9ocrAtx6WFTEQDVmwJ9
track.omguk.com/ Name: OMGID
Value: UUserID%3D%7Bc7186b74-c3ea-478b-87ee-cca37b873d97%7D
track.omguk.com/ Name: OMG-2196012
Value: AID%3D1992587%26UID%3DPaN5B3odQ224dz-pIdJ-jg%26UID2%3D%26UID3%3D%26UID4%3D%26UID5%3D%26SSKey%3Df1c7ebf144cf41468d7b2218b089ab5f%26DateTime%3D05%2F10%2F2021%2016%3A55%3A37%26VCountMap%3D%7B%22199258740182%7Bc7186b74-c3ea-478b-87ee-cca37b873d97%7D%22%3A0%7D
track.omguk.com/ Name: OMGSession
Value: SessionID%3D34ddee2227684531ba21ad02e2fe492b%26SessionCount%3D0
.tradedoubler.com/ Name: EH_0
Value: 1z11z1zqRz2OovkTz1SdnyZ7HjRAxyDfVh%79BuiR5FrbvEBOp2VHIiVd%7aZCx.gRtCOk7vrwSthMnlJboM97dqOYKMjh%793JpfWkGtI3N_%79x%7aTawlI2LnHUd
.tradedoubler.com/ Name: GUID
Value: 1z11zzqRz20QgxRz64e8a5c565e85d1b6e4eec03a5d14686
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 64e8a5c565e85d1b6e4eec03a5d14686
.prf.hn/ Name: tPHG-PS
Value: 1011l7232414939
.ssense.com/ Name: __cf_bm
Value: Rqpz4ib05RX2YA9w0og29ORdvrKZVgnwDLdkxXwL7tE-1633449338-0-ASea4WMVxkp9A/Wo80N97ce967iHu2vvh8aU7RjwhsWEI3UqRkmwMrvS5MEzL1SwINvUl6jMXV+ME9Tp6KAVURo=
.xsportshd.com/ Name: __cf_bm
Value: t7WcgrcweyFaOLwH7IzMgxmfUv4C5hgcbf911uB0nnI-1633449339-0-AbgDQpTgFqjCifo5M7POrCmJMAM0oH420Nnm7O3I8WED4Fh+34ycwVXLUr9WgvfETNN1bWHSadfA7hSJD+pgcicO5j/jru9k1yg3+hQMF2upzvucLFEOGt7NOiDHqtkqYQ==
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1633449339
.dtscout.com/ Name: l
Value: 10401633449339B04A798EC9BCF83F37
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 48a444b1ca427f1cf2f5b21405412d25
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLFINDExSTJMTjQxMk8zTE4zSjNNMjI0MTA1MTRKMTJlAILEmNIaEA0FAEddChk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIjCmtAVJQAAAU3AGv"
.onaudience.com/ Name: cookie
Value: f73192111c1bfd46
.onaudience.com/ Name: done_redirects147
Value: 1
.dtscdn.com/ Name: uid
Value: 10401633449339B04A798EC9BCF83F37
.adsrvr.org/ Name: TDID
Value: 09a6ee1e-97df-4da3-baaf-aaeb2289f18e
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjAn-v76YiEOhAFOAE.
.onaudience.com/ Name: done_redirects109
Value: 1

19 Console Messages

Source Level URL
Text
javascript error URL: https://b6u2w2z4.ssl.hwcdn.net/pages/PDFGroup/resources/scripts/minified/main.6F8F57715090DA2632453988D9A1501B.js?v=1627892253
Message:
Unsafe attempt to initiate navigation for frame with URL 'http://elil.cc/tphd' from frame with URL 'https://get.pdf-searchz.com/?pid=58485&subid=836701&clickid=8674090294287367344&did=a500afed-d461-434c-97e9-14aad5276d29&pgs=1'. The frame attempting navigation of the top-level window is sandboxed, but the flag of 'allow-top-navigation' or 'allow-top-navigation-by-user-activation' is not set.
security error URL: https://xsportshd.com/bundesliga-sports-stream.html(Line 286)
Message:
Mixed Content: The page at 'https://xsportshd.com/bundesliga-sports-stream.html' was loaded over HTTPS, but requested an insecure frame 'http://abc.wwija.com/nlp/index.php?type=linkId&id=c48c69408bb34330af62cdeff7e38c43&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag=75536vc7vfva1bl749&url_bnm_redirect=https://r.srvtrck.com/v1/redirect'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xsportshd.com/bundesliga-sports-stream.html(Line 286)
Message:
Mixed Content: The page at 'https://xsportshd.com/bundesliga-sports-stream.html' was loaded over HTTPS, but requested an insecure frame 'http://abc.wwija.com/nlp/index.php?type=linkId&id=db6dcb170fd44f9fb894260ab0484ec5&api_key=9f389a84fd636114184e76a631ea9d8b&site_id=7add72c8711b449ea56ff14a1578bbe2&dch=feed&ad_t=advertiser&yk_tag={clickId}&url_bnm_redirect=https://r.srvtrck.com/v1/redirect'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://iclickcdn.com/tag.min.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://live.batstream.live') does not match the recipient window's origin ('null').
javascript error URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Message:
Access to XMLHttpRequest at 'https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://live.batstream.live/?d=1&s=1&sp=1&fs=12px&tt=none&fc=FFFFFF&tc=FFFFFF&bc=4E5D6C&bhc=3E4A56&thc=FFFFFF&pd=5px&brc=030303&brr=2px&mr=3px&tm=122A33&tmb=FFFFFF&wb=2B3E50&bcc=2B3E50&bsh=0px&rdb=EBEBEB&rdc=333333
Message:
Access to XMLHttpRequest at 'https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://live.batstream.live/list.php?id=21&sport=&sp=1&r=&l=&l2=
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://iclickcdn.com/tag.min.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://live.batstream.live') does not match the recipient window's origin ('null').
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.vintagetub.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error
Message:
Refused to frame 'https://www.ssense.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.grover.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
deprecation warning URL: https://xsportshd.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22bet.com
4.adsco.re
6.adsco.re
a.exdynsrv.com
a.exosrv.com
abc.wwija.com
ad.admitad.com
adsco.re
ajax.googleapis.com
b6u2w2z4.ssl.hwcdn.net
bcp.crwdcntrl.net
bedrapiona.com
c.adsco.re
cdn.okamata.site
cdnjs.cloudflare.com
clk.omgt4.com
clk.tradedoubler.com
d1ev866ubw90c6.cloudfront.net
e.dtscout.com
elii.cc
elil.cc
ezie.cc
fonts.googleapis.com
fonts.gstatic.com
free.timeanddate.com
get.pdf-searchz.com
get.s-onetag.com
get.tfiph.com
global.yhit.top
go.lnkam.com
i3j3u3u9.ssl.hwcdn.net
iclickcdn.com
links22.com
live.batstream.live
live.batstream.tv
livestotal.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
mesucces.top
mgrwcm.com
my.rtmark.net
mybetterdl.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
onmarshtompor.com
p203248.mybetterdl.com
pd.sharethis.com
perf.cdnads.com
pixel.onaudience.com
premiumvertising.com
prf.hn
r.srvtrck.com
refpasrasw.world
s.optnx.com
s10.histats.com
s4.histats.com
sportsmix.net
syndication.realsrv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
track.omguk.com
vh6clmlda24z.l4.adsco.re
vh6clmlda24z.n4.adsco.re
vh6clmlda24z.s4.adsco.re
vht.tradedoubler.com
whos-amung.com
whos-amung.us
whos.amung.us
widgets.amung.us
witalfieldt.com
www.google-analytics.com
www.googletagmanager.com
www.grover.com
www.premiumvertising.com
www.ssense.com
www.vintagetub.com
www.xsportshd.com
xsportshd.com
4.adsco.re
6.adsco.re
abc.wwija.com
live.batstream.live
104.111.215.191
104.16.104.92
104.16.19.94
104.17.167.186
104.18.11.207
104.19.168.96
104.21.28.173
104.21.42.126
104.21.43.230
104.21.50.111
104.21.60.107
104.21.65.249
104.22.74.171
104.26.13.118
13.224.193.24
13.224.193.3
13.225.87.78
13.32.121.102
139.45.195.8
139.45.197.234
139.45.197.243
142.250.184.234
142.250.185.104
142.250.74.195
142.250.74.202
143.204.98.60
151.101.65.176
158.69.139.229
158.69.139.238
158.69.251.190
159.203.161.83
162.252.214.11
162.252.214.5
172.217.23.110
172.67.142.46
172.67.164.232
172.67.167.69
172.67.168.117
172.67.171.45
172.67.187.77
172.67.194.47
172.67.8.215
173.192.101.24
178.162.156.35
178.253.54.48
18.195.98.10
18.66.112.110
185.172.148.128
185.200.116.90
185.200.118.90
185.26.99.58
192.243.58.123
195.181.175.45
205.185.216.10
3.70.16.242
35.186.231.97
38.132.109.186
45.135.122.42
45.54.15.10
46.105.201.240
5.150.170.4
51.222.80.231
52.208.103.128
52.214.142.201
52.222.214.95
67.202.114.212
69.16.175.10
69.16.175.42
76.223.111.131
83.147.204.132
93.158.134.119
95.211.229.246
95.211.229.247
99.86.3.51
01b207a00150c5ba7d79f37032bd7452efe5edb04d28ef3030e2e4573dafed80
02427dfcf3d989b379867c531c06e893988fa5ea0c10bc721d120d37b6e9d736
033fd51c17218a936f832d876dbfe5410828b11edcaec9f3809c9192186e57d3
0388fa778d5e183e39a69bd472701fc1dbe7e0d2e615c97ab5316af1c3e72c1c
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
050c5bdae1e972916c7f91787c1a1d4977393f7f9015088106623795d751193e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d9291f51dded79b1bbca09be5434a37491c1e08f95e39149c2e557ab70455da
0ddfa6f903fae79327c8402de2ac4bceadb0c14bff340610d66a76d9e6122595
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
11a7672e066df44d65a41352b3a59803145b4d6421fee5ac44fb80ed9eb2124d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17b22cb9f15b62d50318b393a4369b4a2a3a444bfa3a0fd57d445a020b8512f5
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
1a8efabe5be1e47a8171131c0b5819cb7c81c94df9e1c223d45c6d6f9756bace
1b7671b7c1b3cf6ae80a6fe4576cf786a2cce5e57ecdd4f1d26135e90b7e22a9
228f4f839bc49b61092dac659b6e430daf45019a7ae365917888724a9804aa75
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268bc7d3bb8fa98130c3de0cdf0ba81950ace5d6f946b6f32aa22fe2721dfda0
290503e0cf13bd5eb6daa2bb2eb6cdcdded18114a330d6810b9377e3069ec8e9
2d9456e4730ea5bb2c48c298d0b2045b2a63377f9db6151bb5fff6fd799bed3a
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3457d693391ae91aa1841bec0cab7ea2db53a2371ba51008aad814a0624e3c8e
35ba2218bc973a11ff3da0ec3786b7f630360d5d504996e378c1752603f83550
3760bfe884522e5c1c98fe8dd2bd9c89670c41ffa26c5bc5813bffc1c3a6268a
3a64b1c74a237fde0881933683b8d7099ce7906a4cfb67ab9c87a9166d4adc61
3b8d3e9f3c8a8d912ced905eac1aab7bb66555133b96f0b418bbd4e894c88f09
3dee1bc1dc01211b28a77165b0db66d271ce4715407b1b1a2185fe0741ac9850
3f395688019d477165fd5523e5625b1a1abf127ac69db269bf032880fea1671c
443959eaa2d78f92b04bb3ada5c27ff9da02901671d8cab9f96fe206bc981388
449cc02ec1f9313329a51cc3f63a4e95162d71d6cee20a99a1a91a3e8eef13bd
4555bd4808d5965ddde8e83772e4ad0847078c778e843bb3dd26ee2328fdc3a7
45d8dc114c0305b69b6f61831cbaa540183aded5d542c56c61ce90426f1e6b19
49e4c0f93f98318e8c3b2cc2d3de1b6968c1b799d28b468c3901a7d8a8df84a1
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830
4b32e45bf96c317f2c68fdef26b64fde656995a52afbef7b063648df868d8d6d
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e152319477e9f1d2b43a26d1d9f0b340933d03fed079c61df9466c8e48a5eb1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5514224901b51d070f5ffe161d4a83c7b49d1156ce3fb41f1587dfbc1aff08a4
569af0d58a2df0af2da77aaebaaf00b84c15334c5e9af0b77ba4c81a62db5d40
5edc99996d04888432ff40494a8dd8c2b13f710f321d73ede1c8d29212a8503f
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6287966e859b08859357def883a1d0f51794c89a678d065048375b54b497a0cd
6999b96e056384e1d9e94d3e917625826c15953ff156ec70482db911fa2e881e
6b5e2d3aaa029cce71437d3c67e9813f1af8085b9cb8d42b72d96b856ae56304
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc634a7d0c57f463fd27465c69588a987049654fd08b4c8d94888fe06099f0e
6f8ca2591b9298fc81c72c8b9bb65cd541c62cc27a362572cc875d7755d26157
752bd14dec09182436202fe8f776d06f0e8acae7d955dce90d328c1f8f2a148a
754f859ed1cafaccc87a9cdedb2403b491ccec1395941b1b7e10caa6f5981f2b
76e352b1bedaef20cb99ab1d00d7f04bc949fc502c569d9c958bde2c3b1bf7b5
7e18c8d3cc1bfd017dec81599c4e10819432f1d656f55d47aeaee3f71b3d9e6d
7fb7daed6210b600dd67416ced5d21c659b5de5b5c137d3bc501a646df29453c
81e6c6a9b4d85e87a2b7da202183429ae8636cee87ad69001d17cade41ef90e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd256e5c9112d590c5b6a89ff7fc0dab25e0b6cc8c11d00993d70a6caed3fd
850207b99af65283f16db9b957b0eaa063f19f5b1ed31c5ab8303157c64a3eed
863a128ab43f71fcbbeabe83a5a752a67b9033a85313fd2cdf147875fcbc7bcb
8744aeb999e93cd258857e3796f8833af6ec38d6e1b670510d0daea8c3df4f8e
8985c3e714a1924fad28fed3b93fb6c1b3db88f89a6022a5e8c632d29f32cbf9
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8d00a6a9febd2557b842da6369b48c6ee661b86049864d802f56976bc2f02f5e
8d30b41ca58ba5bf6ebe9d9dd3e582a1dc722110cca2381304b611bc18c180d1
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b
8e713626d8b436327b3dc2b35bcc6c3a47550e14ffe0c072082c487d97e7c515
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
934ec7d9df800ef5feb20f479bab634d8bf6879d579129bddda5ac33e258ad30
95f837166c8365aebeaa65d97395a7a2efdd59dd34642c6d4c3146f98581d475
98867a6b222e1f6596d2c611e5bc8fb33cc9f17ed86215613623011a30e160af
9926c3f66e9084945a0f077716b0e879a0370ed85babad9c4895246e0c8ce361
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9b360d00aebd69ed1b06c860f5d481bb4d82fc2d0ab8dce27f1065854e2b1e06
9d37af98ee48a6fc31cce9f43fe644b99ecfd429275fcb64535b2864c0b9e27e
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e4fb31226e718c1f84b5772aceb67b5e3b1f00b452b149c5b5ba1125e4df941
a2b57a10a3d5ec20884fbf2a9ab55965bbaccbcdc163240588c91797c02fcbe2
a305a9e14c5852c296a66f10820d7e4ecf37ff45c29af215f2bb0f3ad9e0dca5
a394d79fa8b7d856028464f0d915e35a44720fd5958861927d5ed65e76bcc14b
a7ab966ce9cbb8fb69b93e642f643302b57d4dfb9a57fef11e69c95c4175855a
a9dd6f002f8f169c0cb8e46c7ee8493c1a444257c00fb7c1bba31bf7bae52a6e
aa32ea4be3b91134be7c0b593cc197d742bc826c941ed3a29908de8c12253b04
aa8f47f07c441804f131794a07a7a0fdbd9cf5cea4a9af0bf4f41fcceadd8ea1
ad7d8dd8090dcc6c2937e565accb6df16eae8140ae746b4508625838c69a300f
b0aada0c619ee2851c2b574038b0037aa1d0ff22bd40d18996474cda2c69e006
b1677775027796b6cde3f41186a2c4dac6613c8638db055ea7d0885eae8eab4b
b1f535555c81eb0cb64e623a7d5b9f79e69e314420b8618af1a0926bdbe66eda
b213528b7fead117a8f54539cec57724d4b27401589d88002f48083fac10c34b
b4d5aaaab6b56af2f338d8a77b2cd73c4f2d3d51e8fd4aa26278a1874feb1158
b95cfd62cffbdf2790ab177b6f606cd535d5274e544d9aebcebfde41f133c24e
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
bcae6366dde9ca0a2a6fee1fdb9740d75cc83993ede8de550494fe545baa967a
be9faea4c6d4a3ebeb347b72f1230961615ad78f631196d72eead16cca1cceef
c4c2dfd7f51fec71cbda4acde4f28dd5259d2c46791134e09b4e96f53c6450e2
c7b7b7dd29913e1efa668006f4a14801dd49ce4581a7628840c8b92d5804440f
cb4a87cc7f7191c2f47ac201c7af28e250ff0ca1309d40815caed04e1300244c
cce0b819eeeb5857d5fa980203a5f59b9b66c8bacd61fe042b475a6789b1b809
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd4bf6909aa9da20da03c41369409a6430122b37326621e2f7dc6188cd1a21f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09ca65246f5fb9974bd4995d98a1ac6abb2ecd94a6070973a2245568bbf8b66
d0df65a5e07fe4d7161a48adc380af593bd142e449ac3f99c2b6d1b6f36f804f
d12596baad43a1b5b5ee70087fc8cc5a70308e7278008849050c54e7644fce0d
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
db3de9616bcc66d2e639b6923283ca03c0aefc53f48dd53dddb293e276036a1d
de55f8247b1682887c7d5634e3ac5a78c89cdc867e6570325cbe929927a36bc8
e155a56cf73ff11bbbab7400f263c3dc311f81de1e42ac2e7240259d414733d2
e2bf429d792fcfc94dd0dd079df6173a49dd7f5f6ed4c88f9c8faa3acf01280b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bdb34ad5e82984176f24ec0227b2304182062dbba928f25e44d9c1bc1c0c2d
e98c4fb9bacf817f58739b70ce79ae94a6982de6d212064864494dc75d65582f
ea43b374720bc7d75757a163852a4a562e21d07f55c1037614674e75447d772c
eeff61a4ef0fe2fd55156221094d1c132ede2388bd3639d03a008db7000f5884
ef839f7d767a4b748cba7b117166e0744c05bf2a53cc2ae14bbd48eb17d988fb
ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f819dfb45cbd32371a14485edeb9ef05ac1d7a9d9d71e10d193d80bead2b32
f8f99b13b5fdd3bd1e80437c0f0e60baab0930474f42d3448832bea73e2028e8
f9fc3862a456fbc9f34b168e2eaa61605349b570601b42afd143b92751a717e2
fa5069a4a04a1940aebe618849b21c7c725f6567e3eab2f21ad84621ed9f6d23
fcc33c275b6993b6b33ad5bd93364f338dbbdeb20051753507bd69613a2cdce2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd6d7d8c896480587169a9f2b9c2c0cc7c414ba64f0ef2f160081c824c0e3dbf
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fec28e5a230c6bd9f5a3daa81bed015bc5fac4d3b01f16aae56d014abb34471b
ff0fd09625a434a2442a409d9e5b8725a5bf8cd1a51ede665e8a7349ad18246d