0dt.net Open in urlscan Pro
46.19.141.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://0dt.net/video/2888035.html
Submission: On May 24 via manual (May 24th 2021, 12:26:13 pm UTC) from US

Summary HTTP 66 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 26 domains to perform 66 HTTP transactions. The main IP is 46.19.141.46, located in Ober Urdorf, Switzerland and belongs to PLI-AS, PA. The main domain is 0dt.net.

This is the only time 0dt.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	46.19.141.46 46.19.141.46	51852 (PLI-AS) (PLI-AS)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	149.28.242.46 149.28.242.46	20473 (AS-CHOOPA) (AS-CHOOPA)
3	178.162.205.12 178.162.205.12	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700:303... 2606:4700:3038::6815:eb34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::6815:aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4 4	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
4	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	45.134.13.9 45.134.13.9	202425 (INT-NETWORK) (INT-NETWORK)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:8b6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3036::6815:200b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	13.225.74.49 13.225.74.49	16509 (AMAZON-02) (AMAZON-02)
1 2	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	66.254.114.205 66.254.114.205	29789 (REFLECTED) (REFLECTED)
1	2606:4700:303... 2606:4700:3038::6815:eaa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	27

6 46.19.141.46 (Ober Urdorf, Switzerland)

ASN51852 (PLI-AS, PA)

0dt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.28.242.46 (Dallas, United States)

ASN20473 (AS-CHOOPA, US)

serving.adbetclickin.pink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lime.cdncontentdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.205.12 (Frankfurt am Main, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f1.cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb34 (United States)

ASN13335 (CLOUDFLARENET, US)

freefeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

foxcdn.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.94.93 (United States) 4 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

smokingpetty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.134.13.9 (Russian Federation)

ASN202425 (INT-NETWORK, SC)

e10.cdnfoxtv.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:8b6a (United States)

ASN13335 (CLOUDFLARENET, US)

teleriumtv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:200b (United States)

ASN13335 (CLOUDFLARENET, US)

dcn.espncdn.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)

smetrics.centurylink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-49.fra2.r.cloudfront.net

samyarct.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.245 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.optnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.114.205 (United States)

ASN29789 (REFLECTED, US)

www.nutaku.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eaa6 (United States)

ASN13335 (CLOUDFLARENET, US)

rolo.nocdnrlly.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	amung.us 4 redirects whos.amung.us widgets.amung.us	8 KB
6	0dt.net 0dt.net	98 KB
5	google-analytics.com www.google-analytics.com	74 KB
4	espncdn.shop dcn.espncdn.shop Failed	136 KB
4	jsdelivr.net cdn.jsdelivr.net	304 KB
3	teleriumtv.net teleriumtv.net	22 KB
3	cdnfoxtv.me e10.cdnfoxtv.me	6 KB
3	googletagmanager.com www.googletagmanager.com	105 KB
3	cloudflare.com cdnjs.cloudflare.com	82 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	ftd.agency cdn.ftd.agency z.cdn.ftd.agency f1.cdn.ftd.agency	42 KB
2	optnx.com 1 redirects s.optnx.com	3 KB
2	smokingpetty.com smokingpetty.com
2	foxcdn.life foxcdn.life	4 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	freefeds.com freefeds.com	9 KB
2	facebook.net connect.facebook.net	66 KB
2	google.com apis.google.com google.com Failed	163 KB
1	nocdnrlly.xyz rolo.nocdnrlly.xyz	11 KB
1	nutaku.net www.nutaku.net
1	samyarct.top 1 redirects samyarct.top	1 KB
1	centurylink.com smetrics.centurylink.com	515 B
1	cdncontentdelivery.com lime.cdncontentdelivery.com	271 B
1	adbetclickin.pink serving.adbetclickin.pink	1 KB
0	cdnfoxtv.com Failed e2.cdnfoxtv.com Failed
0	uplynk.com Failed x-live-espn-stgec.uplynk.com Failed
66	26

	Domain	Requested by
6	0dt.net	0dt.net
5	www.google-analytics.com	0dt.net www.googletagmanager.com
4	dcn.espncdn.shop	freefeds.com teleriumtv.net cdnjs.cloudflare.com
4	widgets.amung.us	freefeds.com teleriumtv.net
4	whos.amung.us	4 redirects
4	cdn.jsdelivr.net	freefeds.com teleriumtv.net
3	teleriumtv.net	freefeds.com teleriumtv.net
3	e10.cdnfoxtv.me	cdn.jsdelivr.net
3	www.googletagmanager.com	freefeds.com teleriumtv.net
3	cdnjs.cloudflare.com	freefeds.com teleriumtv.net
2	s.optnx.com	1 redirects dcn.espncdn.shop
2	smokingpetty.com	freefeds.com teleriumtv.net
2	foxcdn.life	freefeds.com
2	freefeds.com	0dt.net freefeds.com
2	platform.twitter.com	0dt.net platform.twitter.com
2	connect.facebook.net	0dt.net connect.facebook.net
2	apis.google.com	0dt.net apis.google.com
1	rolo.nocdnrlly.xyz	freefeds.com
1	www.nutaku.net	s.optnx.com
1	samyarct.top	1 redirects
1	smetrics.centurylink.com	cdnjs.cloudflare.com
1	lime.cdncontentdelivery.com	serving.adbetclickin.pink
1	f1.cdn.ftd.agency	z.cdn.ftd.agency
1	syndication.twitter.com	platform.twitter.com
1	s4.histats.com	s10.histats.com
1	z.cdn.ftd.agency	cdn.ftd.agency
1	s10.histats.com	0dt.net
1	cdn.ftd.agency	0dt.net
1	serving.adbetclickin.pink	0dt.net
0	e2.cdnfoxtv.com Failed	dcn.espncdn.shop
0	google.com Failed	cdn.jsdelivr.net
0	x-live-espn-stgec.uplynk.com Failed	cdn.jsdelivr.net
66	32

This site contains links to these domains. Also see Links.

Domain
www.sportp2p.com
refpa.top
www.histats.com

Subject Issuer	Validity	Valid
*.apis.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-20` - `2022-04-19`	a year	crt.sh
*.cdn.ftd.agency Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-01-06`	a year	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
smokingpetty.com R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
*.espncdn.me R3	`2021-04-26` - `2021-07-25`	3 months	crt.sh
smetrics.centurylink.com DigiCert SHA2 High Assurance Server CA	`2020-05-11` - `2021-08-12`	a year	crt.sh
optnx.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.nutaku.net DigiCert SHA2 High Assurance Server CA	`2020-10-14` - `2021-10-04`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://0dt.net/video/2888035.html
Frame ID: 4092F4FB4F428103AE9789E0E422C18F
Requests: 20 HTTP requests in this frame

Frame: https://freefeds.com/stream/2/106584.html
Frame ID: 23EAAB453D096FA0D1D060D498DD020C
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F0dt.net
Frame ID: DD906D60FC6F0A36F5FB19E8A4F638B5
Requests: 2 HTTP requests in this frame

Frame: https://dcn.espncdn.shop/espnlo.htm
Frame ID: B9B233FDD7EB58C1C7D1C87C7FAE4DA5
Requests: 1 HTTP requests in this frame

Frame: https://teleriumtv.net/embed/25505.html
Frame ID: A2562A8D3DB6E43ECB30B64F1C833D0A
Requests: 16 HTTP requests in this frame

Frame: https://dcn.espncdn.shop/espnlo.htm
Frame ID: DD35A792424293905FF984EDEB2883A2
Requests: 1 HTTP requests in this frame

Frame: https://www.nutaku.net/signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK6V1lMzqJZp7bKXT3W21S2OldK6d07pXSumdK6V0zqaKqN5tpraJuN66tK9pdNrK.KLJ9t6apnV2XU6T1b8Z8aXV2U7W2UWcS6T7T0y3S2utumqtmdtqCPcoga7AjL0ETnOldK6V1tzpXSuD7A-&atc=4062180_{zoneid}&exffir=eyJjIjoiNjFkZmE5NjJjMDQ5MDhmZTk4MzlkMTljZTYwMDFmYTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDgiLCJpIjoiMSJ9
Frame ID: 3B6F140D39AFDD3E7F7525C797CCE115
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

66
Requests

73 %
HTTPS

54 %
IPv6

26
Domains

32
Subdomains

27
IPs

7
Countries

1270 kB
Transfer

3607 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sportp2p.com/live/
Title: HOME

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/football/1157522/estudiantes-ca-independiente.html
Title: STREAM LIST

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/basketball/
Title: BASKETBALL

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/tennis/
Title: TENNIS

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/motorsports/
Title: MOTORSPORTS

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/icehockey/
Title: ICEHOCKEY

Search URL Search Domain Scan URL

URL: http://www.sportp2p.com/other/
Title: OTHER

Search URL Search Domain Scan URL

URL: http://refpa.top/L?tag=d_2500m_97c_ban&site=2500&ad=97

Search URL Search Domain Scan URL

URL: http://www.histats.com/
Title: try {Histats.start(1,1826235,4,0,0,0,""); Histats.track_hits();} catch(err){};

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 15

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 17

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%20-%20CA%20Independiente&utmhid=2008820269&utmr=-&utmp=%2Fvideo%2F2888035.html&utmht=1621859153198&utmac=UA-1268700-28&utmcc=__utma%3D41129635.1483593795.1621859153.1621859153.1621859153.1%3B%2B__utmz%3D41129635.1621859153.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=899505453&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%20-%20CA%20Independiente&utmhid=2008820269&utmr=-&utmp=%2Fvideo%2F2888035.html&utmht=1621859153198&utmac=UA-1268700-28&utmcc=__utma%3D41129635.1483593795.1621859153.1621859153.1621859153.1%3B%2B__utmz%3D41129635.1621859153.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=899505453&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 25

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=7342&c=000000ffffff&p=

Request Chain 36

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1621859153000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=7315&c=000000ffffff&p=

Request Chain 42

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=7308&c=000000ffffff&p=

Request Chain 54

https://samyarct.top/redirect?tid=891581&file=Watch_Live HTTP 302
https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl

Request Chain 55

https://whos.amung.us/cwidget/telerium/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=5855&c=000000ffffff&p=

Request Chain 61

https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl&p=https%3A%2F%2Fdcn.espncdn.shop%2F&tested=1&check=61dfa962c04908fe9839d19ce6001fa5&screen_resolution=1600x1200&container_resolution=0x8&iframe=1 HTTP 302
https://www.nutaku.net/signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK6V1lMzqJZp7bKXT3W21S2OldK6d07pXSumdK6V0zqaKqN5tpraJuN66tK9pdNrK.KLJ9t6apnV2XU6T1b8Z8aXV2U7W2UWcS6T7T0y3S2utumqtmdtqCPcoga7AjL0ETnOldK6V1tzpXSuD7A-&atc=4062180_{zoneid}&exffir=eyJjIjoiNjFkZmE5NjJjMDQ5MDhmZTk4MzlkMTljZTYwMDFmYTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDgiLCJpIjoiMSJ9

66 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 2888035.html Show response
0dt.net/video/ 6 KB
3 KB 164ms
125ms Document
text/html 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: 80ece22505e8057a5eed2c9da0caec7e80aba0bc4ced245775101065528e7eeb

Request headers

Host: 0dt.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.0.15
Date: Mon, 24 May 2021 12:18:05 GMT
Content-Type: text/html
Connection: keep-alive
Content-Length: 2456
Last-Modified: Sat, 15 May 2021 20:20:30 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
0dt.net/ 2 KB
1 KB 105ms
104ms Stylesheet
text/css 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://0dt.net/styles.css
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: db26122ea11f573123e21a553d1074c7d066c74eaf8f88a1d3c346bd8689ee72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 0dt.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://0dt.net/video/2888035.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://0dt.net/video/2888035.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:18:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Feb 2019 15:32:53 GMT
Server: nginx/1.0.15
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
0dt.net/js/ 77 KB
28 KB 148ms
128ms Script
application/x-javascript 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://0dt.net/js/jquery.min.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: 6bf76a952a1e27b4788589099bb874be96aaf3db6422c91a09f83edcb273a7e9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 0dt.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://0dt.net/video/2888035.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://0dt.net/video/2888035.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:18:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2016 13:27:51 GMT
Server: nginx/1.0.15
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK script-4.js Show response
0dt.net/js/ 3 KB
1 KB 148ms
128ms Script
application/x-javascript 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://0dt.net/js/script-4.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: 03b6907d967a54c75f504ad3e34184f3e11ae84b479c1c389d0ac296cb77d059

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 0dt.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://0dt.net/video/2888035.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://0dt.net/video/2888035.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:18:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 14:35:04 GMT
Server: nginx/1.0.15
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK get_adds_all1.js Show response
0dt.net/js/ 3 KB
1 KB 144ms
124ms Script
application/x-javascript 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://0dt.net/js/get_adds_all1.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: a2bd39e39588626b02a46ce2ba08c3a02be9d0df7e105854b6a33ba749f2287b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 0dt.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://0dt.net/video/2888035.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://0dt.net/video/2888035.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:18:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2016 08:27:04 GMT
Server: nginx/1.0.15
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: 0dt.net
URL: http://0dt.net/video/2888035.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iGYloram+/a3QSLNfKFnXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "920a6e51949cf2eec053a3396b28fac1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-iGYloram+/a3QSLNfKFnXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 24 May 2021 12:25:52 GMT

GET
H/1.1 200
OK libcode3.js Show response
serving.adbetclickin.pink/js/ 3 KB
1 KB 325ms
243ms Script
application/javascript 149.28.242.46
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://serving.adbetclickin.pink/js/libcode3.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 149.28.242.46 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 324218ddb47eb46a023e3a1cbe93e1e51162307a4327c9101ca69232371f7293

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Connection: close
Content-Length: 1289
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK b.js Show response
cdn.ftd.agency/libs/ 2 KB
2 KB 73ms
45ms Script
application/javascript 178.162.205.12
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.ftd.agency/libs/b.js

Requested by

Host: 0dt.net
URL: http://0dt.net/video/2888035.html

Protocol

HTTP/1.1

Server

178.162.205.12 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

0d936b380966395c5c859a63c591dbbc56e6ff6db00f4b368424cd02ce5158b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Fri, 09 Oct 2020 08:00:41 GMT
Server: nginx
ETag: W/"5f8018a9-931"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Tue, 25 May 2021 12:25:53 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: 0dt.net
URL: http://0dt.net/video/2888035.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

120b394becdce3e428bc27082a4dbcf4c307a65f9c51eba90e18e02e0a4cedc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: brNsvh7emQ8tgGXRnQGtHA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: Eu99LY2ur2h8Wo4gMF29VFncgbZd2og6vVOR/jHM6M22hix3k6gaq8/AZeSkO/lijgrl+Tl8soQndPMa8zNzVw==
x-fb-trip-id: 917726464
x-fb-content-md5: 84510ea59b743fbd599806a940d3110d
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 24 May 2021 12:25:53 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "96d065c065bf75a4abeddc258bdb6f35"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 24 May 2021 12:38:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 142 KB
142 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 06:00:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:19:21 GMT
server: sffe
age: 23118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145599
x-xss-protection: 0
expires: Tue, 24 May 2022 06:00:35 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 20ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 489
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28779
x-tw-cdn: VZ
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/674C)
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 106584.html Show response
freefeds.com/stream/ Frame 23EA 13 KB
5 KB 290ms
251ms Document
text/html 2606:4700:3038::6815:eb34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freefeds.com/stream/106584.html
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b3b849f78643af7bd4e72b4df2b1fb4e1fe6c2624300a87834abee570aef37

Request headers

:method: GET
:authority: freefeds.com
:scheme: https
:path: /stream/106584.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://0dt.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://0dt.net/

Response headers

date: Mon, 24 May 2021 12:25:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 0a3fefccdc00004e55be239000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JQWWkToPA5UwuxGwe4SSvkh3hxwjVzmsKJzld%2Belt%2Fml%2BJLyVbBZmCpQgXhiUazttlQoJDvOhKJHunj4DC3ZdSnRodrWbZWO6Gs7UaSjc4Nv4zP5LAwZUY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6546825afd5e4e55-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK js15.js Show response
s10.histats.com/ 11 KB
5 KB 73ms
46ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15.js
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 24 May 2021 12:19:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 51.254.41.192/26
ETag: "980881274"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32090
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
X-IPLB-Request-ID: 52661272:31CC_2E69C9F0:0050_60AB9B51_D34F:A16C
Content-Length: 4405
X-Request-ID: 885687858

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 42ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=d4d5a222621cc26121608317a9273b72&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03709be14feed8cd375baa444ccd05974b016a880ca768c6b070ce2d04c80b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://0dt.net
Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FsKR3j8whgUw3c5VA1MGNA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65272
x-fb-rlafr: 0
x-fb-debug: tuHLO39pY/ExpsFxY0F1sPb4VGrqcvtEz0mwpIAR1mSbrOEuCmz+FNXEEawcmqaAwEz6FIu6yxqMPMoqhaNATg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 52a51a89f0829508a063638574129361
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 24 May 2021 12:25:53 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f5dc28cce400ae02277c4e59d42c208e"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 May 2022 10:47:29 GMT

GET
H/1.1 200
OK load Show response
z.cdn.ftd.agency/ 4 KB
2 KB 110ms
34ms Script
application/javascript 178.162.205.12
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.ftd.agency/load?z=1449294483&div=m1hnu1f9l8g&sr=1600x1200&df=1&cw=1600&ch=1200&tz=120&bh=2&tl=463&hc=12&n=1621859153147&url=0dt.net%2Fvideo%2F2888035.html&vc=0&zyx=4258121558
Requested by: Host: cdn.ftd.agency
URL: http://cdn.ftd.agency/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.205.12 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: bf0524f9cc923608d0d6d94ec28fd39b932a3991c0e55ad12bbb9d7542dc3245

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="http://z.cdn.ftd.agency/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 1724
Expires: -1

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 354ms
116ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?1826235&@f16&@g1&@h1&@i1&@j1621859153154&@k0&@l1&@mEstudiantes%20-%20CA%20Independiente&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:158371512&@b3:1621859153&@b4:js15.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2F0dt.net%2Fvideo%2F2888035.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 9331af283dc6151604eaaf245b4a033cba2c8f901946535e07b54293e12f3d8d

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: 0dt.net
URL: http://0dt.net/video/2888035.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5485
date: Mon, 24 May 2021 10:54:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 24 May 2021 12:54:28 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame DD90 319 KB
103 KB 32ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F0dt.net
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://0dt.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://0dt.net/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 888809
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 24 May 2021 12:25:53 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%2...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%...

35 B
54 B

14ms
13ms

Image
image/gif

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%20-%20CA%20Independiente&utmhid=2008820269&utmr=-&utmp=%2Fvideo%2F2888035.html&utmht=1621859153198&utmac=UA-1268700-28&utmcc=__utma%3D41129635.1483593795.1621859153.1621859153.1621859153.1%3B%2B__utmz%3D41129635.1621859153.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=899505453&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: 0dt.net
URL: http://0dt.net/video/2888035.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 12:25:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1451377449&utmhn=0dt.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Estudiantes%20-%20CA%20Independiente&utmhid=2008820269&utmr=-&utmp=%2Fvideo%2F2888035.html&utmht=1621859153198&utmac=UA-1268700-28&utmcc=__utma%3D41129635.1483593795.1621859153.1621859153.1621859153.1%3B%2B__utmz%3D41129635.1621859153.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=899505453&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DD90 256 B
441 B 210ms
143ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ae2848773d60f4dcd54c5b7e6f159939a4601fa0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F0dt.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:52 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 12:25:53 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 53827cc25242869b1e232864bf86ccc60fb2d17c7bbd6cd019500df8952fa1b2
content-length: 176

GET
H/1.1 200
OK script.22.js Show response
f1.cdn.ftd.agency/libs/ 88 KB
37 KB 124ms
48ms Script
application/javascript 178.162.205.12
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://f1.cdn.ftd.agency/libs/script.22.js

Requested by

Host: z.cdn.ftd.agency
URL: https://z.cdn.ftd.agency/load?z=1449294483&div=m1hnu1f9l8g&sr=1600x1200&df=1&cw=1600&ch=1200&tz=120&bh=2&tl=463&hc=12&n=1621859153147&url=0dt.net%2Fvideo%2F2888035.html&vc=0&zyx=4258121558

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

178.162.205.12 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

0b902f0d9861b8a5edcddd76de10a1cb145f4a560ccfce6af635fd10d169f932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 20 May 2021 07:26:20 GMT
Server: nginx
ETag: W/"60a60f1c-15e55"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Tue, 25 May 2021 12:25:53 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 23EA 85 KB
27 KB 16ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/106584.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://freefeds.com
Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5411614
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0a3fefcde500004eebb7875000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=or1cvhsjyhebobEnC%2Fq1Kmo9NiccxJGzSmeW6pk%2BMf%2FXlvwWcYE5zdNNIfteZ2kcxHupndj1tSXZ9bB1SUieVjfqWez3PYx6QtwR7ylblMs%2BZXR2ICxy9QrveJTiCrMVlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6546825cace84eeb-FRA
expires: Sat, 14 May 2022 12:25:53 GMT

GET
H2 404 showads.js
foxcdn.life/ Frame 23EA 0
0 65ms
15ms Script
text/html 2606:4700:3030::6815:aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.life/showads.js
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 23EA 513 KB
138 KB 8ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/106584.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6104
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19175-FRA, cache-hhn4025-HHN
date: Mon, 24 May 2021 12:25:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 23EA 28 KB
10 KB 18ms
16ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/106584.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2265
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19138-FRA, cache-hhn4025-HHN
date: Mon, 24 May 2021 12:25:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.life/ Frame 23EA 9 KB
4 KB 64ms
14ms Script
application/javascript 2606:4700:3030::6815:aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.life/nwm-dbh.min3.js
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9e39f3702418e1e21cc8cd0b858268d4b183fc53ee42aa7b319cd12641be6a3

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1139
cf-polished: origSize=11016
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3fefce1600004eaafa105000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGir%2FSpZsjk0hH0F%2BM4L6PZBcBg4xrtDoKiZCDWeHWU1xs4u%2Bu7c3H3iSsXiJfpKbiaoW%2BXcj%2F9dBUy4g48hROLoF97dP2LLYbcUW8IqtNYbyGJlB5o%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6546825ce8964eaa-FRA
cf-bgj: minify

GET
H2

200

/
widgets.amung.us/draw/ Frame 23EA
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=7342&c=000000ffffff&p=

2 KB
2 KB

39ms
21ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=7342&c=000000ffffff&p=
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ca620b2320f15cc20a945da3e880a6a50a9ce53031b93c0c72754f95c502bd

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 28645
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 6546825f5fc84d8a-FRA
cf-request-id: 0a3fefcf9c00004d8a1223a000000001
expires: Tue, 25 May 2021 04:28:28 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=7342&c=000000ffffff&p=
date: Mon, 24 May 2021 12:25:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 23EA 88 KB
35 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/106584.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6e44d58134675d3e527e00a6190649fb0999011c9a97cea1ad686ef3cfbcad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35746
x-xss-protection: 0
last-modified: Mon, 24 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 May 2021 12:25:53 GMT

POST
H/1.1 200
OK stats.php Show response
lime.cdncontentdelivery.com/f/ 5 B
271 B 287ms
249ms XHR
text/html 149.28.242.46
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://lime.cdncontentdelivery.com/f/stats.php
Requested by: Host: serving.adbetclickin.pink
URL: http://serving.adbetclickin.pink/js/libcode3.js
Protocol: HTTP/1.1
Server: 149.28.242.46 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Referer: http://0dt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 25

GET
H/1.1 403
Forbidden 15d6ce62d0f01528c7478f7446d71678.js
smokingpetty.com/15/d6/ce/ Frame 23EA 0
0 447ms
110ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smokingpetty.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 May 2021 12:25:53 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 23EA 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3357
date: Mon, 24 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 24 May 2021 13:29:56 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.cdnfoxtv.me/ingestnb4s/foxpar/ Frame 23EA 210 B
612 B 142ms
60ms XHR
application/vnd.apple.mpegurl 45.134.13.9
INT-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.cdnfoxtv.me/ingestnb4s/foxpar/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.134.13.9 , Russian Federation, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 82c8b648df0a5ae2bbf4b9598679fb74c4ba17f92b1ae21991c4f8275eb4a311

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Last-Modified: Mon, 24 May 2021 11:45:08 GMT
Server: nginx/1.17.9
ETag: "60ab91c4-d2"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Mon, 24 May 2021 12:25:55 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210
X-Proxy-Cache: EXPIRED

GET
H/1.1 200
OK c.m3u8 Show response
e10.cdnfoxtv.me/ingestnb4s/foxpar/ Frame 23EA 5 KB
5 KB 55ms
54ms XHR
application/vnd.apple.mpegurl 45.134.13.9
INT-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.cdnfoxtv.me/ingestnb4s/foxpar/c.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.134.13.9 , Russian Federation, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: e381518158dd6a901acce5aae5d741a0eeafd396e11f32861e6f4fa068c4dc90

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Last-Modified: Mon, 24 May 2021 12:25:46 GMT
Server: nginx/1.17.9
ETag: "60ab9b4a-13ba"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Mon, 24 May 2021 12:25:55 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5050
X-Proxy-Cache: EXPIRED

GET
H/1.1 200
OK cw== Show response
e10.cdnfoxtv.me/ingestk/123/hehe/espnch/keys/T3RVZG13aGNxV1BkS2VN/QjgvQmdTaDFtVlg4UWNW/dkVLODBZbkxiWUZsTlY0/aHozS0lGZVFXTGdKcUZi/Vjh2SUlpYmloaXExaDln/bnFxUjZOd2RZS2hTYTdT/L1U4T25ab3pNYW82N0lZ/NXpjV... Frame 23EA 16 B
342 B 35ms
35ms XHR
application/octet-stream 45.134.13.9
INT-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.cdnfoxtv.me/ingestk/123/hehe/espnch/keys/T3RVZG13aGNxV1BkS2VN/QjgvQmdTaDFtVlg4UWNW/dkVLODBZbkxiWUZsTlY0/aHozS0lGZVFXTGdKcUZi/Vjh2SUlpYmloaXExaDln/bnFxUjZOd2RZS2hTYTdT/L1U4T25ab3pNYW82N0lZ/NXpjVzdVdkVTazZwU0s4/MlJCcmk5dTJpZmQvQTFR/My8yYnN5R0NwbFl5VnVX/QXVUVytpSnlHSU1SWWs2/cnNtVWdJUnFRUklnZ2Vo/YldlMDFteWVnQTIwNlVa/Mk96bWRHOURyVTNlNjl2/bjBNSnRuek5yK2ZXOVJZ/OExhWTdSMkJlUmwreHkw/cy85eFZIb3RzMFpQTzE2/cw==
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.134.13.9 , Russian Federation, ASN202425 (INT-NETWORK, SC),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 9f6b337c1b603905a884a73dee36ff377167c37f49a1c45b5953ac88d443686b

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:25:53 GMT
Last-Modified: Mon, 24 May 2021 08:14:27 GMT
Server: nginx/1.17.9
ETag: "60ab6063-10"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16
X-Proxy-Cache: HIT

GET C00000E7D.ts
x-live-espn-stgec.uplynk.com/ause/slices/f90/c1e5068c9c4046ed97eba0e62fd1c6f5/f90db30e8b2d461cbdfd91df5a9e2127/ Frame 23EA 0
0

GET
BLOB 200
OK 0c14a9b0-e1bd-4c25-be22-dc292e955031
https://freefeds.com/ Frame 23EA 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://freefeds.com/0c14a9b0-e1bd-4c25-be22-dc292e955031
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET espnlo.htm
dcn.espncdn.shop/ Frame B9B2 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 23EA
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1621859153000
https://widgets.amung.us/draw/?w=colored&n=7315&c=000000ffffff&p=

2 KB
2 KB

17ms
17ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=7315&c=000000ffffff&p=
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86201dfe61a1a007aa476a1a60a60c8fbfec81d89ead7fcd8debf9026aff3ae

Request headers

Referer: https://freefeds.com/stream/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:54 GMT
cf-cache-status: HIT
server: cloudflare
age: 108810
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 654682610bbc4d8a-FRA
cf-request-id: 0a3fefd0a400004d8a1cb2a000000001
expires: Mon, 24 May 2021 06:12:24 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=7315&c=000000ffffff&p=
date: Mon, 24 May 2021 12:25:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 23EA 0
0

GET
H/1.1 200
OK 300x250.gif
0dt.net/images/ 63 KB
63 KB 103ms
103ms Image
image/gif 46.19.141.46
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://0dt.net/images/300x250.gif
Requested by: Host: 0dt.net
URL: http://0dt.net/video/2888035.html
Protocol: HTTP/1.1
Server: 46.19.141.46 Ober Urdorf, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: 604947d5f67866704629587d776eece99d886716b48bb5a3c54e0b90b336841a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 0dt.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://0dt.net/video/2888035.html
Cookie: HstCfa1826235=1621859153154; HstCla1826235=1621859153154; HstCmu1826235=1621859153154; HstPn1826235=1; HstPt1826235=1; HstCnv1826235=1; HstCns1826235=1; __utma=41129635.1483593795.1621859153.1621859153.1621859153.1; __utmc=41129635; __utmz=41129635.1621859153.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=41129635.1.10.1621859153
Connection: keep-alive
Cache-Control: no-cache
Referer: http://0dt.net/video/2888035.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 12:18:06 GMT
Last-Modified: Tue, 04 Apr 2017 15:54:55 GMT
Server: nginx/1.0.15
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64712
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET /
google.com/ Frame 23EA 0
0

GET
H3-29 200 106584.html Show response
freefeds.com/stream/2/ Frame 23EA 8 KB
4 KB 272ms
261ms Document
text/html 2606:4700:3038::6815:eb34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freefeds.com/stream/2/106584.html
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/106584.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e4938e8ead226d38aa205b9a855f6afe2d39e73a3671210cb92451b0cd8aa8

Request headers

:method: GET
:authority: freefeds.com
:scheme: https
:path: /stream/2/106584.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freefeds.com/stream/106584.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://freefeds.com/stream/106584.html

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 0a3fefd48a0000dfe33089a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2BZpn5soslImYgeHk3RuXzSzzUoidXYfGfCjwZncahDF0BLgg5l5kbzLQxQyBEDo1Oyvno15%2FOHeA%2B3tgrlEB%2F%2FOfcD2oFAFbS2gDktA0ZxVIOz5bvp%2Bc68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 654682674f12dfe3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 23EA 85 KB
28 KB 16ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://freefeds.com
Referer: https://freefeds.com/stream/2/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5411616
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0a3fefd59c00004ab6a780b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ul0swaHFRoyeZYbwBzbPeiJKS6%2B3DQxY7xKpLgLlHy4BefmodFFMXbp3ovTzXIICYqymhngqQxcsnzSP0g1ctS4IjSk5U1zNzVZTwOE%2F8lizlChHIRIdXh9mGJVTKnNjoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65468268fdf74ab6-FRA
expires: Sat, 14 May 2022 12:25:55 GMT

GET
H2

200

/
widgets.amung.us/draw/ Frame 23EA
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=7308&c=000000ffffff&p=

2 KB
2 KB

16ms
15ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=7308&c=000000ffffff&p=
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2a3864f33ff46560bb5b859a9856424054fef3c130f0e17157ad5d74e2ce4b

Request headers

Referer: https://freefeds.com/stream/2/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:56 GMT
cf-cache-status: HIT
server: cloudflare
age: 84676
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 654682714d414d8a-FRA
cf-request-id: 0a3fefdad000004d8a139ea000000001
expires: Mon, 24 May 2021 12:54:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=7308&c=000000ffffff&p=
date: Mon, 24 May 2021 12:25:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 23EA 88 KB
35 KB 33ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43105c850441a641d781f5c98b7e9215b7b059ef08bd7cafd9248155892e81ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freefeds.com/stream/2/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35746
x-xss-protection: 0
last-modified: Mon, 24 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 May 2021 12:25:55 GMT

GET
H2 200 25505.html Show response
teleriumtv.net/embed/ Frame A256 75 KB
20 KB 51ms
14ms Document
text/html 2606:4700:3031::ac43:8b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teleriumtv.net/embed/25505.html
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d9b8fb7d8a5c3c7b3de4644008eb23db482561a27a826d0ae3da28cfaa0506

Request headers

:method: GET
:authority: teleriumtv.net
:scheme: https
:path: /embed/25505.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freefeds.com/stream/2/106584.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://freefeds.com/stream/2/106584.html

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: EXPIRED
cache-control: public, max-age=1800, s-maxage=30
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
age: 4508
cf-request-id: 0a3fefd61b00004e7ab61b4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JvKASPxPVhIh8zvbERdeRC0lwXhbdcTxFfX14Cc47THSVN6pjjvQM4W7ukpgWPmytAM90LZolxhrM7BABtQUDoYNekWxWZL4dlJj3SSGR8W1jGUUp7NPGzSuIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65468269cc2e4e7a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 espnlo.htm Show response
dcn.espncdn.shop/ Frame DD35 457 B
540 B 136ms
135ms Document
text/html 2606:4700:3036::6815:200b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dcn.espncdn.shop/espnlo.htm
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:200b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2b817a1cc01386b7c489eb9c87c29c076ab3ae4c6b83c962832d0afc78617c

Request headers

:method: GET
:authority: dcn.espncdn.shop
:scheme: https
:path: /espnlo.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freefeds.com/stream/2/106584.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://freefeds.com/stream/2/106584.html

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-type: text/html
last-modified: Tue, 04 May 2021 04:31:42 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0a3fefd5ff00004ac3069f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bjZG%2F8a6cwWLFtrvFix9MRqhIyku8BGFUDmDsBhHaMblpJLJi%2BqJhK8yyUKgqEL1y4anDCFc40ng3SCpwa49JpDfjlOKlcN8AQE2zO4T0c71D3tXvOdWkko0Xu2o"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65468269996b4ac3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 23EA 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freefeds.com/stream/2/106584.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3359
date: Mon, 24 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 24 May 2021 13:29:56 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame A256 85 KB
27 KB 12ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://teleriumtv.net
Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5411616
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0a3fefd64c00004eebb4a78000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oWBJb9eZC5NgxLW7K9Vp5xoWT7Ue1qdRbdXmCI5LXanHD2Poj6fqfllc5wNQFNWMivdofFlOahsqWsE6p5o92CIRpbbnf1pveNLGwuHGXEIgGC0WV0G6QokRJVWafdoUkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6546826a18d34eeb-FRA
expires: Sat, 14 May 2022 12:25:55 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame A256 513 KB
138 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6106
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19175-FRA, cache-hhn4025-HHN
date: Mon, 24 May 2021 12:25:55 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tele.png
dcn.espncdn.shop/ Frame A256 10 KB
10 KB 22ms
21ms Image
image/png 2606:4700:3036::6815:200b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcn.espncdn.shop/tele.png
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:200b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83480d1b6b2269e08b0f30ab5f6aafa9da37f881cae5e2a6554f53eb71cfa8f2

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1277
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10316
cf-request-id: 0a3fefd67500004ac32ab11000000001
last-modified: Wed, 24 Jun 2020 17:10:47 GMT
server: cloudflare
etag: "5ef38917-284c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=65bPTRncQBzefq8TngoYLtCrZ7FfeAZDjlcNWhuki4koy54g0xbhj5NBf%2FXhrnQV%2F2grYRhurc7YN3QtiGbFkNEk%2Bqo4gnB3QkgGBL75zwJVE58u%2F1lwR7QSeEYV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6546826a5b3f4ac3-FRA

GET
H2 200 nwm-dbh.min3.js Show response
dcn.espncdn.shop/ Frame A256 9 KB
4 KB 24ms
20ms Script
application/javascript 2606:4700:3036::6815:200b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dcn.espncdn.shop/nwm-dbh.min3.js
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:200b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9e39f3702418e1e21cc8cd0b858268d4b183fc53ee42aa7b319cd12641be6a3

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1278
cf-polished: origSize=11016
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3fefd67000004ac33f9f5000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x3%2B79pUm6A4JoWlxwye1NclWWAjEF5cJgTqkt%2FB%2BprAzGIHKUpG9%2B6E5S0miBBuy55%2BgkJEdedMzMxh99%2F8VsqtXnq57zi1vhzL8BrZ2SCMHsT40Y02%2Fdsepm4Eo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6546826a4b274ac3-FRA
cf-bgj: minify

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame A256 88 KB
35 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-3

Requested by

Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd4068e7376527a1ce2dcce285e47a3f6e9319ff8735c1364f65387862e98213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35688
x-xss-protection: 0
last-modified: Mon, 24 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 May 2021 12:25:55 GMT

HEAD
H2 200 ss Show response
smetrics.centurylink.com/b/ Frame A256 0
515 B 1024ms
35ms XHR
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.centurylink.com/b/ss?AQB=1&pccr=true&vidn=2F9A4CC00515A6CA-4000071DA42E9CD0&g=none&AQE=1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:56 GMT
x-content-type-options: nosniff
x-c: main-1471.Ib5710b.M0-493
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 25 May 2021 12:25:56 GMT
server: jag
xserver: anedge-5cf7d864b8-s24js
etag: 3482916017128013824-4622026215403001147
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://teleriumtv.net
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 23 May 2021 12:25:56 GMT

GET
H/1.1 403
Forbidden 15d6ce62d0f01528c7478f7446d71678.js
smokingpetty.com/15/d6/ce/ Frame A256 0
0 994ms
993ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smokingpetty.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 May 2021 12:25:56 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

Cookie set cimp.php Show response
s.optnx.com/ Frame 3B6F
Redirect Chain

https://samyarct.top/redirect?tid=891581&file=Watch_Live
https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM...

4 KB
2 KB

102ms
33ms

Document
text/html

95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl
Requested by: Host: dcn.espncdn.shop
URL: https://dcn.espncdn.shop/espnlo.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: ccb33d92446441ca3ad18f152c380fa5c67b4f0a9f10d96971f7044920f21761

Request headers

Host: s.optnx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dcn.espncdn.shop/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dcn.espncdn.shop/

Response headers

Server: nginx
Date: Mon, 24 May 2021 12:25:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ab9b55165c22.915972843263996188%22%3B%7D; expires=Wed, 24 May 2023 12:25:57 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding: gzip

Redirect headers

content-type: text/plain
content-length: 0
location: https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl
date: Mon, 24 May 2021 12:25:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8aa6bd17-b920-47c0-9d59-22a07ae2e3cc
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vuq8BSZ8H4GGVccx0KdFrS9MHfbXHYhzyzMWcv01Hr3ToP-rEnQTDQ==

GET
H2

200

/
widgets.amung.us/draw/ Frame A256
Redirect Chain

https://whos.amung.us/cwidget/telerium/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=5855&c=000000ffffff&p=

1 KB
2 KB

18ms
18ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=5855&c=000000ffffff&p=
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602fba13ef31ce3a26b2a3ba046c327d98dff6ad7c2358cf67e6379d6be33a45

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:56 GMT
cf-cache-status: HIT
server: cloudflare
age: 142224
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 65468271eedd4d8a-FRA
cf-request-id: 0a3fefdb3400004d8a3103d000000001
expires: Sun, 23 May 2021 20:55:31 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=5855&c=000000ffffff&p=
date: Mon, 24 May 2021 12:25:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

GET
H3-29 200 1621945500000.json Show response
teleriumtv.net/streams/25505/ Frame A256 224 B
805 B 238ms
222ms Fetch
text/html 2606:4700:3031::ac43:8b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teleriumtv.net/streams/25505/1621945500000.json
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb2760889a721ba858cd7432a947883fc40fc0fe8f10c55fc897276aee2e04e

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:56 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rAIDFDqRkMvF9BmyGICGym9VajhSnj2i3mFlu%2BDVekUUyf3yty4KZYRZBgdEztFa97FZbOP3OD16rzC950URhr6dlm%2FgQo4WzdNtw4j49MXys%2FjYT999zdMZGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=1800, s-maxage=30
cf-ray: 6546827158f11f15-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3fefdada00001f15842f1000000001
x-proxy-cache: MISS

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame A256 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3360
date: Mon, 24 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 24 May 2021 13:29:56 GMT

GET
H3-29 200 telerium.js Show response
dcn.espncdn.shop/ Frame A256 510 KB
121 KB 58ms
47ms Script
application/javascript 2606:4700:3036::6815:200b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dcn.espncdn.shop/telerium.js?v=0.46
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:200b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72bb1fd923ecb481ab56a18e3ac2756c521e9825d2c15e475f1d0bdd2574851

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1238
cf-polished: origSize=523365
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3fefdbd300000eab20aec000000001
last-modified: Sat, 24 Apr 2021 03:43:57 GMT
server: cloudflare
etag: W/"608393fd-7fc65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AAop5rzdTh1mvVISsLodulZMWNfY1Bwpw92o52wuc1JGLv8WwMSgMUJRNKskMKatVDJxXBG97%2FtvOTdOYeXNdV8NPQmNgswZzFzShzm3JTM3UJE8%2Fm62bwvXB0v6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 65468272ece50eab-FRA
cf-bgj: minify

GET
H2 200 38861cba61c66739c1452c3a71e39852.ttf
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame A256 32 KB
19 KB 7ms
7ms Font
font/ttf 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/38861cba61c66739c1452c3a71e39852.ttf

Requested by

Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://teleriumtv.net
Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5007
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 18775
etag: W/"7f8c-Sx71jkdreJyXUhg0q996L9ZtbK8"
x-served-by: cache-fra19143-FRA, cache-hhn4038-HHN
date: Mon, 24 May 2021 12:25:57 GMT
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 25505.m3u8 Show response
teleriumtv.net/ingest09/ Frame A256 785 B
708 B 199ms
198ms Fetch
text/javascript 2606:4700:3031::ac43:8b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://teleriumtv.net/ingest09/25505.m3u8?sf=NVNwczEwU2JE&token=O_kdN1voSs1uZQHQVDLgcw&expires=1621859396&rnd=25505
Requested by: Host: teleriumtv.net
URL: https://teleriumtv.net/embed/25505.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bed9c4953b703b18744629a27ece416d97e8f244a960959edadc355452ee77c

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 12:25:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PrCTQ1q0U2xqW%2B3MYrKyJJVR2URK3rqjC%2BU1BhC50cV2ntFAApdPBjXDe%2FjmIcPkCM8yoIehyPP5nP6vpI36fj8tfbpiDjq0WDwxQ%2Fz3F430a4%2F4g7MzFkprVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 654682739de11f15-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3fefdc4000001f156890e000000001

GET
H2

200

/
www.nutaku.net/signup/landing/booty-calls/17-asa/ Frame 3B6F
Redirect Chain

https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM...
https://www.nutaku.net/signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK...

0
0

230ms
183ms

Document
text/html

66.254.114.205
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nutaku.net/signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK6V1lMzqJZp7bKXT3W21S2OldK6d07pXSumdK6V0zqaKqN5tpraJuN66tK9pdNrK.KLJ9t6apnV2XU6T1b8Z8aXV2U7W2UWcS6T7T0y3S2utumqtmdtqCPcoga7AjL0ETnOldK6V1tzpXSuD7A-&atc=4062180_{zoneid}&exffir=eyJjIjoiNjFkZmE5NjJjMDQ5MDhmZTk4MzlkMTljZTYwMDFmYTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDgiLCJpIjoiMSJ9

Requested by

Host: s.optnx.com
URL: https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.254.114.205 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.nutaku.net
:scheme: https
:path: /signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK6V1lMzqJZp7bKXT3W21S2OldK6d07pXSumdK6V0zqaKqN5tpraJuN66tK9pdNrK.KLJ9t6apnV2XU6T1b8Z8aXV2U7W2UWcS6T7T0y3S2utumqtmdtqCPcoga7AjL0ETnOldK6V1tzpXSuD7A-&atc=4062180_{zoneid}&exffir=eyJjIjoiNjFkZmE5NjJjMDQ5MDhmZTk4MzlkMTljZTYwMDFmYTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDgiLCJpIjoiMSJ9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.optnx.com/cimp.php?data=TVRZeU1UZzFPVEUxTm54bFlqRXhZemRrTW1ZMFpHRTJPVEV4TnpnM1ltTmxOVFV4TVRRM01UUmxOZy0tfGh0dHBzOi8vd3d3Lm51dGFrdS5uZXQvc2lnbnVwL2xhbmRpbmcvYm9vdHktY2FsbHMvMTctYXNhLz9hdHM9ZXlKaElqb3pNRGN5TkRBc0ltTWlPalU0T1RreE1qWTJMQ0p1SWpveExDSnpJam94TENKbElqbzVNakl6TENKd0lqb3pNVGg5JmFwYj1vb2RiUEhOTFBITmJITk5TN2dtYnFLcmE1cTVuVTBYVHoxMVR1dXF1bmxjNnFhWjFNenAzVXl1bGRLNlYxbE16cUpacDdiS1hUM1cyMVMyT2xkSzZkMDdwWFN1bWRLNlYwenFhS3FONXRwcmFKdU42NnRLOXBkTnJLLktMSjl0NmFwblYyWFU2VDFiOFo4YVhWMlU3VzJVV2NTNlQ3VDB5M1MydXR1bXF0bWR0cUNQY29nYTdBakwwRVRuT2xkSzZWMXR6cFhTdUQ3QS0mYXRjPTQwNjIxODBfe3pvbmVpZH18aHR0cHN8ODIuMTAyLjE4LjExNHxGUkF8NDF8YWQtbWF2ZW4uY29tfDcwMjU5NHw0MzA2NzV8ODE3NjQ3fDM1ODYxNjF8NTExfDQwNjIxODB8NDM5MjI2NTJ8NDB8MnwwfDB8NzQxfDg5MTU4MXwzfDc1fFVTRHxVU0R8MXwxfDIyfHwxfEZSQXx8MTAyfDR8MXx8NDM1M2UxZDE4MzFmZTY1YjZkMGJkNzZmMzcyZGU0NTF8Njc5NGIyNWVmYWZiOTY3NGQ4NzM3ZjBiMmQyNDA5MDh8MHwyfGRjbi5lc3BuY2RuLnNob3B8MHw1MDY5OHw5NTkyMHwwLjE0fDF8MHxleGNoYW5nZV9saW5rfDB8MHwzMDEyODc0fC0xfDB8Mjk4ODUwN3xob3N0aW5nfHZwbnwyfDE0NDB8fDJ8MHwwfDg5fDB8MHwxfE9LfDZjY2M1ZGUzOGUxZTMzMjc2YzlmZGFhODI5MTQzYzBl

Response headers

server: nginx
date: Mon, 24 May 2021 12:25:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: NUTAKUID=704fbf4ec8b0295870ad9f7742cf808e; path=/;samesite=None; secure; HttpOnly Nutaku_Language=en; expires=Sat, 20-Nov-2021 13:25:57 GMT; Max-Age=15555600; path=/; httponly RNLBSERVERID=ded3465m; path=/
x-frame-options: SAMEORIGIN
pragma: no-cache
cache-control: no-cache
content-encoding: gzip
x-request-id: 60AB9B55-42FE72CD01BB57B5-223B5C

Redirect headers

Server: nginx
Date: Mon, 24 May 2021 12:25:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ab9b55165c22.915972843263996188%22%3B%7D; expires=Wed, 24 May 2023 12:25:57 GMT; path=; domain=.optnx.com; Secure; SameSite=none impressions=x%9C%ABV21032%B40%D051%B642235R%B2%8A6%D41%04%89%99Z%1A%9A%9A%EB%18%9A%98%18%C4%D6%02%00%AE%FF%08%C1; expires=Tue, 25 May 2021 12:25:57 GMT; path=/; domain=.optnx.com; Secure; SameSite=none c-tag=%7B%22tag-link%22%3A%22v3%7C%7CFRA%7C3586161%7C43922652%7C95920%7C%7C511%7C41%7C2%7C40%7C0%7C0%7C0%7C741%7C3012874%7C2988507%7C0%7C0%7C5%7C146%7C0%7C0%7C1%7C0%7C0%7C1%7C60ab9b55165c22.915972843263996188%7C6794b25efafb9674d8737f0b2d240908%7C891581%7Cdcn.espncdn.shop%7C1600x1200%7C%7C0%7C0%7C0%7C89%7C0%7C0%7Cok%22%7D; expires=Tue, 25 May 2021 12:25:57 GMT; path=/; domain=.optnx.com; Secure; SameSite=none
Location: https://www.nutaku.net/signup/landing/booty-calls/17-asa/?ats=eyJhIjozMDcyNDAsImMiOjU4OTkxMjY2LCJuIjoxLCJzIjoxLCJlIjo5MjIzLCJwIjozMTh9&apb=oodbPHNLPHNbHNNS7gmbqKra5q5nU0XTz11Tuuqunlc6qaZ1Mzp3UyuldK6V1lMzqJZp7bKXT3W21S2OldK6d07pXSumdK6V0zqaKqN5tpraJuN66tK9pdNrK.KLJ9t6apnV2XU6T1b8Z8aXV2U7W2UWcS6T7T0y3S2utumqtmdtqCPcoga7AjL0ETnOldK6V1tzpXSuD7A-&atc=4062180_{zoneid}&exffir=eyJjIjoiNjFkZmE5NjJjMDQ5MDhmZTk4MzlkMTljZTYwMDFmYTUiLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIweDgiLCJpIjoiMSJ9

GET
H2 200 tele.png
rolo.nocdnrlly.xyz/ Frame A256 10 KB
11 KB 73ms
44ms Image
image/png 2606:4700:3038::6815:eaa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rolo.nocdnrlly.xyz/tele.png
Requested by: Host: freefeds.com
URL: https://freefeds.com/stream/2/106584.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83480d1b6b2269e08b0f30ab5f6aafa9da37f881cae5e2a6554f53eb71cfa8f2

Request headers

Referer: https://teleriumtv.net/embed/25505.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 12:25:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1237
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10316
cf-request-id: 0a3fefdd550000dfcf88859000000001
last-modified: Wed, 24 Jun 2020 17:10:47 GMT
server: cloudflare
etag: "5ef38917-284c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CKBl0hTs%2BrXEy5QUOnFUiHrcHhEl%2FnH9GJKJ%2BTNimWNFZwHJz2Em9B9zySRkXI4KqrXF4h3B6EUqDOc5rh0mPjakWMOM6gEm3N9SOCwS8BV5CbyG5wtHemgOXBP%2BwNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 654682752db2dfcf-FRA

GET 25505.m3u8
e2.cdnfoxtv.com/ingest09/ Frame A256 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x-live-espn-stgec.uplynk.com
URL: https://x-live-espn-stgec.uplynk.com/ause/slices/f90/c1e5068c9c4046ed97eba0e62fd1c6f5/f90db30e8b2d461cbdfd91df5a9e2127/C00000E7D.ts

Domain: dcn.espncdn.shop
URL: https://dcn.espncdn.shop/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e2.cdnfoxtv.com
URL: https://e2.cdnfoxtv.com/ingest09/25505.m3u8?sf=NVNwczEwU2JE&token=BmTQ77YuOmIqNvDzgsO4Lg&expires=1621873557&rnd=

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.0dt.net/	1970-01-19 18:30:59	Name: __utmt Value: 1
0dt.net/	1970-01-20 03:16:35	Name: HstPn1826235 Value: 1
.0dt.net/	1970-01-19 22:53:47	Name: __utmz Value: 41129635.1621859153.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
freefeds.com/	1970-01-20 03:16:35	Name: volume Value: 0
.0dt.net/	1969-12-31 23:59:59	Name: __utmc Value: 41129635
0dt.net/	1970-01-20 03:16:35	Name: HstCns1826235 Value: 1
.0dt.net/	1970-01-20 12:02:11	Name: __utma Value: 41129635.1483593795.1621859153.1621859153.1621859153.1
0dt.net/	1970-01-20 03:16:35	Name: HstCnv1826235 Value: 1
0dt.net/	1970-01-20 03:16:35	Name: HstCmu1826235 Value: 1621859153154
0dt.net/	1970-01-20 03:16:35	Name: HstPt1826235 Value: 1
.0dt.net/	1970-01-19 18:31:00	Name: __utmb Value: 41129635.1.10.1621859153
0dt.net/	1970-01-20 03:16:35	Name: HstCla1826235 Value: 1621859153154
0dt.net/	1970-01-20 03:16:35	Name: HstCfa1826235 Value: 1621859153154

63 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://z.cdn.ftd.agency/load?z=1449294483&div=m1hnu1f9l8g&sr=1600x1200&df=1&cw=1600&ch=1200&tz=120&bh=2&tl=463&hc=12&n=1621859153147&url=0dt.net%2Fvideo%2F2888035.html&vc=0&zyx=4258121558(Line 8) Message: function init
console-api	log	URL: https://z.cdn.ftd.agency/load?z=1449294483&div=m1hnu1f9l8g&sr=1600x1200&df=1&cw=1600&ch=1200&tz=120&bh=2&tl=463&hc=12&n=1621859153147&url=0dt.net%2Fvideo%2F2888035.html&vc=0&zyx=4258121558(Line 7) Message: >>> set no pop
console-api	log	URL: https://z.cdn.ftd.agency/load?z=1449294483&div=m1hnu1f9l8g&sr=1600x1200&df=1&cw=1600&ch=1200&tz=120&bh=2&tl=463&hc=12&n=1621859153147&url=0dt.net%2Fvideo%2F2888035.html&vc=0&zyx=4258121558(Line 7) Message: >>> set no pop .h67517
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: https://f1.cdn.ftd.agency/libs/script.22.js(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0dt.net
apis.google.com
cdn.ftd.agency
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
dcn.espncdn.shop
e10.cdnfoxtv.me
e2.cdnfoxtv.com
f1.cdn.ftd.agency
foxcdn.life
freefeds.com
google.com
lime.cdncontentdelivery.com
platform.twitter.com
rolo.nocdnrlly.xyz
s.optnx.com
s10.histats.com
s4.histats.com
samyarct.top
serving.adbetclickin.pink
smetrics.centurylink.com
smokingpetty.com
syndication.twitter.com
teleriumtv.net
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
www.nutaku.net
x-live-espn-stgec.uplynk.com
z.cdn.ftd.agency
dcn.espncdn.shop
e2.cdnfoxtv.com
google.com
x-live-espn-stgec.uplynk.com
104.244.42.136
13.225.74.49
149.28.242.46
15.237.136.106
178.162.205.12
192.243.59.20
192.99.0.58
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:4bab
2606:4700:3030::6815:aa6
2606:4700:3031::ac43:8b6a
2606:4700:3036::6815:200b
2606:4700:3038::6815:eaa6
2606:4700:3038::6815:eb34
2606:4700::6810:125e
2a00:1450:4001:802::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:1b::621
45.134.13.9
46.105.201.240
46.19.141.46
66.254.114.205
67.202.94.93
95.211.229.245
03709be14feed8cd375baa444ccd05974b016a880ca768c6b070ce2d04c80b0f
03b6907d967a54c75f504ad3e34184f3e11ae84b479c1c389d0ac296cb77d059
0b902f0d9861b8a5edcddd76de10a1cb145f4a560ccfce6af635fd10d169f932
0d936b380966395c5c859a63c591dbbc56e6ff6db00f4b368424cd02ce5158b8
120b394becdce3e428bc27082a4dbcf4c307a65f9c51eba90e18e02e0a4cedc8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f
2a2a3864f33ff46560bb5b859a9856424054fef3c130f0e17157ad5d74e2ce4b
2bed9c4953b703b18744629a27ece416d97e8f244a960959edadc355452ee77c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31ca620b2320f15cc20a945da3e880a6a50a9ce53031b93c0c72754f95c502bd
324218ddb47eb46a023e3a1cbe93e1e51162307a4327c9101ca69232371f7293
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
43105c850441a641d781f5c98b7e9215b7b059ef08bd7cafd9248155892e81ff
4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
602fba13ef31ce3a26b2a3ba046c327d98dff6ad7c2358cf67e6379d6be33a45
604947d5f67866704629587d776eece99d886716b48bb5a3c54e0b90b336841a
62d9b8fb7d8a5c3c7b3de4644008eb23db482561a27a826d0ae3da28cfaa0506
6bf76a952a1e27b4788589099bb874be96aaf3db6422c91a09f83edcb273a7e9
80ece22505e8057a5eed2c9da0caec7e80aba0bc4ced245775101065528e7eeb
82c8b648df0a5ae2bbf4b9598679fb74c4ba17f92b1ae21991c4f8275eb4a311
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83480d1b6b2269e08b0f30ab5f6aafa9da37f881cae5e2a6554f53eb71cfa8f2
9331af283dc6151604eaaf245b4a033cba2c8f901946535e07b54293e12f3d8d
967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5
99e4938e8ead226d38aa205b9a855f6afe2d39e73a3671210cb92451b0cd8aa8
9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb
9c2b817a1cc01386b7c489eb9c87c29c076ab3ae4c6b83c962832d0afc78617c
9f6b337c1b603905a884a73dee36ff377167c37f49a1c45b5953ac88d443686b
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a2bd39e39588626b02a46ce2ba08c3a02be9d0df7e105854b6a33ba749f2287b
b5b3b849f78643af7bd4e72b4df2b1fb4e1fe6c2624300a87834abee570aef37
b72bb1fd923ecb481ab56a18e3ac2756c521e9825d2c15e475f1d0bdd2574851
bd4068e7376527a1ce2dcce285e47a3f6e9319ff8735c1364f65387862e98213
bf0524f9cc923608d0d6d94ec28fd39b932a3991c0e55ad12bbb9d7542dc3245
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ccb33d92446441ca3ad18f152c380fa5c67b4f0a9f10d96971f7044920f21761
d86201dfe61a1a007aa476a1a60a60c8fbfec81d89ead7fcd8debf9026aff3ae
db26122ea11f573123e21a553d1074c7d066c74eaf8f88a1d3c346bd8689ee72
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
deb2760889a721ba858cd7432a947883fc40fc0fe8f10c55fc897276aee2e04e
e381518158dd6a901acce5aae5d741a0eeafd396e11f32861e6f4fa068c4dc90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e39f3702418e1e21cc8cd0b858268d4b183fc53ee42aa7b319cd12641be6a3
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f6e44d58134675d3e527e00a6190649fb0999011c9a97cea1ad686ef3cfbcad7
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

0dt.net Open in urlscan Pro 46.19.141.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

73 %HTTPS

54 %IPv6

26 Domains

32 Subdomains

27 IPs

7 Countries

1270 kBTransfer

3607 kBSize

13 Cookies

9 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

0dt.net Open in urlscan Pro
46.19.141.46 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

73 %
HTTPS

54 %
IPv6

26
Domains

32
Subdomains

27
IPs

7
Countries

1270 kB
Transfer

3607 kB
Size

13
Cookies

66 HTTP transactions
-1 data transactions