mail.sport-tv.vip Open in urlscan Pro
2606:4700:3035::6815:432f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.sport-tv.vip/
Submission: On December 22 via api (December 22nd 2023, 4:47:31 pm UTC) from US — Scanned from US

Summary HTTP 173 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 52 IPs in 4 countries across 52 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3035::6815:432f, located in United States and belongs to CLOUDFLARENET, US. The main domain is mail.sport-tv.vip.
TLS certificate: Issued by GTS CA 1P5 on December 19th 2023. Valid for: 3 months.

This is the only time mail.sport-tv.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::6815:432f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:dc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
24	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	149.56.240.132 149.56.240.132	16276 (OVH) (OVH)
3	208.93.230.28 208.93.230.28	29893 (CHATANGO) (CHATANGO)
2	2a03:2880:f08... 2a03:2880:f082:108:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f082:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:5459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:46::40 2620:1ec:46::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	85.184.96.0 85.184.96.0	47171 (UNIBET-AS) (UNIBET-AS)
1 15	2606:4700:440... 2606:4700:4400::ac40:9098	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.157.142.40 108.157.142.40	16509 (AMAZON-02) (AMAZON-02)
3	3.135.156.190 3.135.156.190	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.196.3.185 23.196.3.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.157.150.51 108.157.150.51	16509 (AMAZON-02) (AMAZON-02)
1	108.157.142.99 108.157.142.99	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
1 4	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
5 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	3.18.123.179 3.18.123.179	16509 (AMAZON-02) (AMAZON-02)
3 4	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 10	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
2 3	18.213.232.194 18.213.232.194	14618 (AMAZON-AES) (AMAZON-AES)
4 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.206.6.177 34.206.6.177	14618 (AMAZON-AES) (AMAZON-AES)
1	34.225.230.9 34.225.230.9	14618 (AMAZON-AES) (AMAZON-AES)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	23.7.64.229 23.7.64.229	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	108.157.150.20 108.157.150.20	16509 (AMAZON-02) (AMAZON-02)
1 2	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	107.21.239.57 107.21.239.57	14618 (AMAZON-AES) (AMAZON-AES)
1	18.173.132.65 18.173.132.65	16509 (AMAZON-02) (AMAZON-02)
4	208.93.230.22 208.93.230.22	29893 (CHATANGO) (CHATANGO)
3 3	34.232.58.254 34.232.58.254	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	85.184.96.5 85.184.96.5	47171 (UNIBET-AS) (UNIBET-AS)
1	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:ca6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	2600:9000:251... 2600:9000:2511:9600:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6811:7ff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:ed:... 2600:1f18:ed:550e:3daf:be5a:6a09:50	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.204.77.239 52.204.77.239	() ()
2 2	142.251.40.130 142.251.40.130	() ()
2 2	34.200.65.202 34.200.65.202	() ()
2 2	151.101.130.49 151.101.130.49	() ()
173	52

12 2606:4700:3035::6815:432f (United States)

ASN13335 (CLOUDFLARENET, US)

mail.sport-tv.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)

earn.dynamicapl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.93.230.28 (United States)

ASN29893 (CHATANGO, US)

st.chatango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.248.11 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:5459 (United States)

ASN13335 (CLOUDFLARENET, US)

promos-ro.betano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::40 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b1.trickyrock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.184.96.0 (Malta) 2 redirects

ASN47171 (UNIBET-AS, MT)

www.unibet.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::ac40:9098 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

welcome.unibet.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.142.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-40.mci50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.135.156.190 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-156-190.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.196.3.185 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-185.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.150.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-150-51.mci50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.142.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-99.mci50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.64 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.47.69.85 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.18.123.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-123-179.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.154.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.230.62.22 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.21 (Chicago, United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.213.232.194 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-232-194.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.6.177 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-6-177.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.230.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-230-9.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.7.64.229 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.150.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-150-20.mci50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.51 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.239.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-239-57.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-65.jfk52.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.93.230.22 (United States)

ASN29893 (CHATANGO, US)

ust.chatango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.232.58.254 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-58-254.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.184.96.5 (Malta)

ASN47171 (UNIBET-AS, MT)

a1s-cdn.unibet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1s.unibet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:ca6e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:9600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:7ff9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:3daf:be5a:6a09:50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.77.239 (None, ) 2 redirects

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (None, ) 2 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-ord5-2.xx.fbcdn.net — Cisco Umbrella Rank: 3512 scontent-ord5-1.xx.fbcdn.net — Cisco Umbrella Rank: 3765	473 KB
18	unibet.ro 3 redirects www.unibet.ro welcome.unibet.ro	236 KB
12	sport-tv.vip mail.sport-tv.vip	119 KB
10	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	6 KB
10	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 11669 t.sharethis.com — Cisco Umbrella Rank: 5617 sync.sharethis.com — Cisco Umbrella Rank: 2848	17 KB
8	bannerflow.com cdn.bannerflow.com — Cisco Umbrella Rank: 94812	415 KB
7	chatango.com st.chatango.com — Cisco Umbrella Rank: 68242 ust.chatango.com — Cisco Umbrella Rank: 79979	249 KB
7	gstatic.com fonts.gstatic.com	142 KB
5	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com	4 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4856 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14842	15 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	30 KB
4	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8227	440 KB
4	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 517 i6.liadm.com — Cisco Umbrella Rank: 2358	2 KB
4	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 650 ce.lijit.com — Cisco Umbrella Rank: 835	3 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	1 KB
4	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	1 KB
4	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 638 stags.bluekai.com — Cisco Umbrella Rank: 848	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	178 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7853	2 KB
3	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 11078 dp1.33across.com — Cisco Umbrella Rank: 7877	1 KB
3	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net	19 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13327 ic.tynt.com — Cisco Umbrella Rank: 11417 de.tynt.com — Cisco Umbrella Rank: 1577	9 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 17386 t.dtscout.com — Cisco Umbrella Rank: 14358	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	33 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	641 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	568 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	85 KB
2	unibet.com a1s-cdn.unibet.com — Cisco Umbrella Rank: 230089 a1s.unibet.com — Cisco Umbrella Rank: 232469	3 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424 dis.criteo.com — Cisco Umbrella Rank: 550	651 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020	215 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1751 beacon.krxd.net — Cisco Umbrella Rank: 699	499 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1824	556 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2916	726 B
2	bit.ly 2 redirects bit.ly — Cisco Umbrella Rank: 5695	508 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 15174 s4.histats.com — Cisco Umbrella Rank: 14862	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	147 KB
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	41 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	607 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1419
1	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4338	178 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5121	16 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	632 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 15253	600 B
1	trickyrock.com 1 redirects b1.trickyrock.com — Cisco Umbrella Rank: 161353	947 B
1	betano.com promos-ro.betano.com — Cisco Umbrella Rank: 661515
1	dynamicapl.com earn.dynamicapl.com
0	tv-sport-hd.com Failed www.tv-sport-hd.com Failed
0	tvs-widget.com Failed www.tvs-widget.com Failed
173	52

	Domain	Requested by
20	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
15	welcome.unibet.ro	1 redirects mail.sport-tv.vip welcome.unibet.ro
12	mail.sport-tv.vip	mail.sport-tv.vip
10	ps.eyeota.net	4 redirects mail.sport-tv.vip data-beacons.s-onetag.com
8	cdn.bannerflow.com	welcome.unibet.ro
7	fonts.gstatic.com	fonts.googleapis.com
5	match.adsrvr.org	5 redirects
5	www.facebook.com	mail.sport-tv.vip static.xx.fbcdn.net
4	c.bannerflow.net	welcome.unibet.ro
4	ust.chatango.com	st.chatango.com mail.sport-tv.vip
4	secure.adnxs.com	3 redirects mail.sport-tv.vip
4	px.ads.linkedin.com	1 redirects mail.sport-tv.vip
4	idsync.rlcdn.com	3 redirects mail.sport-tv.vip
4	t.sharethis.com	pd.sharethis.com t.sharethis.com mail.sport-tv.vip
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com st.chatango.com
4	connect.facebook.net	mail.sport-tv.vip connect.facebook.net
3	i.liadm.com	3 redirects
3	pixel.tapad.com	3 redirects
3	map.go.affec.tv	2 redirects mail.sport-tv.vip
3	sync.sharethis.com	mail.sport-tv.vip
3	tags.bluekai.com	1 redirects mail.sport-tv.vip de.tynt.com
3	pd.sharethis.com	e.dtscout.com mail.sport-tv.vip t.sharethis.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
3	www.unibet.ro	2 redirects welcome.unibet.ro
3	st.chatango.com	mail.sport-tv.vip st.chatango.com
2	sync-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	ce.lijit.com	mail.sport-tv.vip
2	use.fontawesome.com	welcome.unibet.ro use.fontawesome.com
2	ap.lijit.com	1 redirects mail.sport-tv.vip
2	cdn.taboola.com	st.chatango.com cdn.taboola.com
2	dp2.33across.com	2 redirects
2	ml314.com	1 redirects mail.sport-tv.vip
2	pixel.onaudience.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	bit.ly	2 redirects
2	scontent-ord5-2.xx.fbcdn.net	www.facebook.com
2	www.googletagmanager.com	mail.sport-tv.vip www.googletagmanager.com
2	fonts.googleapis.com	mail.sport-tv.vip welcome.unibet.ro
1	ib.adnxs.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	i6.liadm.com	mail.sport-tv.vip
1	tags.tiqcdn.com	welcome.unibet.ro
1	um.simpli.fi	1 redirects
1	a1s.unibet.com	welcome.unibet.ro
1	ajax.googleapis.com	welcome.unibet.ro
1	a1s-cdn.unibet.com	welcome.unibet.ro
1	dis.criteo.com	mail.sport-tv.vip
1	api.intentiq.com	data-beacons.s-onetag.com
1	track2.securedvisit.com	data-beacons.s-onetag.com
1	stags.bluekai.com	tags.bkrtx.com
1	gum.criteo.com	cdn.taboola.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	tags.bkrtx.com	pd.sharethis.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	mail.sport-tv.vip
1	usermatch.krxd.net	1 redirects
1	pippio.com	1 redirects
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	mail.sport-tv.vip
1	t.dtscdn.com	e.dtscout.com
1	tags.crwdcntrl.net	e.dtscout.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	e.dtscout.com
1	b1.trickyrock.com	1 redirects
1	promos-ro.betano.com	mail.sport-tv.vip
1	e.dtscout.com	s4.histats.com
1	scontent-ord5-1.xx.fbcdn.net	www.facebook.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	mail.sport-tv.vip
1	earn.dynamicapl.com	mail.sport-tv.vip
0	www.tv-sport-hd.com Failed	mail.sport-tv.vip
0	www.tvs-widget.com Failed	mail.sport-tv.vip
173	75

This site contains links to these domains. Also see Links.

Domain
www.tv-sport-hd.com

Subject Issuer	Validity	Valid
sport-tv.vip GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dynamicapl.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.chatango.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-03` - `2024-07-02`	a year	crt.sh
dtscout.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
promos-ro.betano.com Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
welcome.unibet.ro E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
cert1-prod.aut.a24365.net R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
unibet.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://mail.sport-tv.vip/
Frame ID: E75AEDEC88ACFE371F9120E56284FAB3
Requests: 57 HTTP requests in this frame

Frame: https://mail.sport-tv.vip/Sport.php
Frame ID: F344166FC9A8435CC72A88362DE2FC9F
Requests: 15 HTTP requests in this frame

Frame: https://www.tvs-widget.com/
Frame ID: 431829735A06708E915AFBD757F39FA5
Requests: 1 HTTP requests in this frame

Frame: https://www.tvs-widget.com/widget/tv-online.php
Frame ID: 2A47C086597743C6DBF6404F9BB3EE3A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Meciuri-si-TV-pe-Net/530484173643269&width=200&height=55&show_faces=false&colorscheme=light&stream=false&border_color&header=true
Frame ID: 170186D1BB5B56ACBDA455F7D27DDD26
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FMeciuri-si-TV-pe-Net%252F530484173643269%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId
Frame ID: 802DAD97F1C031154A0D9503DECA0E0B
Requests: 19 HTTP requests in this frame

Frame: https://mail.sport-tv.vip/chat.php
Frame ID: 77A68B87D9DB3BBBB07C9A160555DC5E
Requests: 3 HTTP requests in this frame

Frame: https://mail.sport-tv.vip/x.php
Frame ID: D56119B1E98142B98041B9E12FEAD1DB
Requests: 1 HTTP requests in this frame

Frame: https://promos-ro.betano.com/1000-lei-bonus-casino/index.html?btag=a_894b_2621c_[CustomMergeFields]&siteid=894
Frame ID: 1120EB6AEECF68150EA46FB2436ADBB9
Requests: 1 HTTP requests in this frame

Frame: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Frame ID: 7C75377FB372189DE7126EEC41D9C465
Requests: 40 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401703263645F6BF8F2F876F281F13
Frame ID: 4A53DD9924FEA420D568BBC397C269B1
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 3AD56FEA07FC5D083B7678AF2D780E9B
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 097674450A995CBDA270E4DFEB883AEB
Requests: 7 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r1214231145/id.html
Frame ID: D604CF22B700BBAA6F8CD492539DEE07
Requests: 9 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: ED8D79F11F391090CB3379CFD0CA6880
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212391354827564&ret=html&random=1703263646
Frame ID: 39403A6008B1DD83F3742E047D78658D
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGcABmWFvZ4AAAAIJU0NAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=87830681
Frame ID: 89E0760130F4CF9E1AC0EDB3F982EA7C
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14547
Frame ID: 9998AE8EB4D3B4379FA33156692A3772
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F137F59CD02B0DD627EC591A0BD82BDD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TV-Sport-HD.com | Meciuri Live, TV Online, OrangeSport, PrimaSport, DigiSport

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

173
Requests

76 %
HTTPS

36 %
IPv6

52
Domains

75
Subdomains

52
IPs

4
Countries

2939 kB
Transfer

6828 kB
Size

72
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tv-sport-hd.com/

Search URL Search Domain Scan URL

URL: https://www.tv-sport-hd.com/meciuri-live-hd.php
Title: Meciuri Live HD

Search URL Search Domain Scan URL

URL: https://www.tv-sport-hd.com/canale-tv-online.php
Title: Canale TV Online HD

Search URL Search Domain Scan URL

URL: https://www.tv-sport-hd.com/livescore.php
Title: FlashScore/LiveScore

Search URL Search Domain Scan URL

URL: https://www.tv-sport-hd.com/program-tv.php
Title: Program TV Online

Search URL Search Domain Scan URL

URL: https://www.tv-sport-hd.com/tenis-live-online.php
Title: Tenis Live Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://bit.ly/tvshd1 HTTP 301
https://promos-ro.betano.com/1000-lei-bonus-casino/index.html?btag=a_894b_2621c_[CustomMergeFields]&siteid=894

Request Chain 63

https://bit.ly/tvshd2 HTTP 301
https://b1.trickyrock.com/redirect.aspx?pid=13832455&bid=37605 HTTP 307
https://www.unibet.ro/stan/campaign.do?cmpId=1105051&affiliateId=1&unibetTarget=/ro/aff/casino-online/casino-celebration-2023/index.html&targetDomain=https://welcome.unibet.ro&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&affiliateId=1&pid=13832455&bid=37605 HTTP 301
https://www.unibet.ro/stan/redirecttocampaign.do?cmpId=1105051&affiliateId=1&unibetTarget=/ro/aff/casino-online/casino-celebration-2023/index.html&targetDomain=https://welcome.unibet.ro&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&affiliateId=1&pid=13832455&bid=37605&landingPageUrl=https%3A%2F%2Fwelcome.unibet.ro%2Fro%2Faff%2Fcasino-online%2Fcasino-celebration-2023%2Findex.html%3Fmktid%3D1%3A81744203%3A13832455-37605 HTTP 301
https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455

Request Chain 64

https://mail.sport-tv.vip/fonts/monda-regular-webfont.woff HTTP 0
http://www.tv-sport-hd.com/404.shtml

Request Chain 76

https://pixel.onaudience.com/?partner=137085098&mapped=10401703263645F6BF8F2F876F281F13 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=6d723988ee42c479

Request Chain 90

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&gdpr=0&gdpr_consent=

Request Chain 91

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdjQUJtV0Z2WjRBQUFBSUpVME5Bdz09EAAaDQie-5asBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&rand=08012722

Request Chain 92

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2N1yEavUzhaT2wz_l2JzL7VsxRaSb6t--35jWqF8riF8&gdpr=0&gdpr_consent=

Request Chain 93

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3640816194143387672 HTTP 307
https://ml314.com/csync.ashx?fp=38336e7eaf426cf89e234a8d296f86ef8093a346821964777307955aff8df1b4f4cb09cee1a4f8eb&person_id=3640816194143387672&eid=50082

Request Chain 94

https://tags.bluekai.com/site/59574?id=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 96

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1703263646463.6 HTTP 302
https://tags.bluekai.com/site/27519?id=212391354827564&ret=html&random=1703263646

Request Chain 97

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703263646463.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703263646463.1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&bid=1e2n4ou

Request Chain 98

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2&expected_cookie=aa04c6a3-3fcd-4fc2-89c9-fa1f06072a51

Request Chain 99

https://map.go.affec.tv/map/3a/?pid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&ts=1703263646463.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6585bd9e68ac570001f82914%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6585bd9e68ac570001f82914%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/8519367046122621226?ch=6585bd9e68ac570001f82914&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 100

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cc0439ff-3cc1-41cc-ad65-1bb6dfaa2501%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&ttd_puid=cc0439ff-3cc1-41cc-ad65-1bb6dfaa2501%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 101

https://dp2.33across.com/ps/?pid=1205&rand=1703263646463.5 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212391268849554

Request Chain 102

https://dp1.33across.com/ps/?pid=669&uid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.7&pu=https%3A%2F%2Fmail.sport-tv.vip%2F HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212391266692695&seg_code=33x&random=1703263646 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212391266692695%26seg_code%3D33x%26random%3D1703263646

Request Chain 109

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 116

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=57751 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=57751&_li_chk=true&previous_uuid=07694db542214aba9ccefed136af8f86 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 136

https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/gambling-commission.png HTTP 302
https://www.unibet.ro/

Request Chain 138

https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/com-payments.svg HTTP 302
https://www.unibet.ro/

Request Chain 140

https://um.simpli.fi/lj_match?r=49901 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E36DE4DFEB69467CAECC7C6D71982F55

Request Chain 154

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705 HTTP 303
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705

Request Chain 165

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H3VPjSZHGIrvyBmXRL2fkdwg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=H3VPjSZHGIrvyBmXRL2fkdwg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=8ee9f8c31814af33713c255137802f71

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVRZ1h1c0NCYzhpMkpXTkRrWjRrRlJhZjZqMHowS0k0V1FXeEMwZ1k4eEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVRZ1h1c0NCYzhpMkpXTkRrWjRrRlJhZjZqMHowS0k0V1FXeEMwZ1k4eEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ8Mdym8_Z5dvZiq1cp6sTs&google_cver=1

Request Chain 168

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-27pu2NhE2pV2jIV5xknlTf30mEo.yJr07EY-~A

Request Chain 169

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZYW9owAIxbXhbgAM HTTP 302
https://ps.eyeota.net/match?uid=ZYW9owAIxbXhbgAM&bid=0rijhbu&referrer_pid=51md42u&_test=ZYW9owAIxbXhbgAM

Request Chain 170

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=8519367046122621226&bid=2cr76e1&referrer_pid=51md42u

Request Chain 171

https://tags.bluekai.com/site/29537?limit=1&id=2rHk62RNc8Uhgm_-6kRj2Ie-VKWjEl798lWaGW9nuWQc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=Wk0yaS9Dd005OTlmK0dQaw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=Wk0yaS9Dd005OTlmK0dQaw%3D%3D&google_tc= HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEKFJhSsM-lZ3FDrg__Titx4&google_cver=1

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mail.sport-tv.vip/ 13 KB
5 KB 352ms
271ms Document
text/html 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c1dc8088fb3bde5c8ba269e420c674fd307801e64f7d491989ad46f82f096e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8399d8b35f3b4bcf-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:24 GMT
last-modified: Sat, 30 Sep 2023 04:42:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIc6lA%2BC8a8OxmznoXhwb7%2FK7kROqy6m14w8u%2F7kNvvwU%2BqXStJtjz4BKGz9L9ITyzePKPw63fAD3uj4x%2Fy3chtKJ%2FanleC7Sqv0YOLZWUR%2B06sXldnam7YWZaSwBz0bnQb9kzGgQf4klHcElUEsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 tema.css
mail.sport-tv.vip/ 107 KB
22 KB 404ms
401ms Stylesheet
text/css 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/tema.css
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5dbfd1b2b8f1f74739822d78af533b96abb1d134f1d0e28b2e1c3879a52699

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ac67-5a8d5003b8b91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yipQpVZixh7109Nc4zRA8z%2BMIb%2B3NA6mfEfjW6Oorgwm%2BGXRqYEvdU0qbIcx2AUKVhrQowTKcwe%2FD7vcQGD7IrdwUl8HeMyfic12OGGqTjpS0hqb8biqdiup4rEt%2FIYhiiwnAbox4keR3odSa5Q7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8399d8b5186a4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 99ms
40ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 15:42:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 16:47:25 GMT

GET
H2 200 adipolo-marginal-advantage-20dbb2fde655c3e7d0bea924956df905-1685216834402.js Show response
earn.dynamicapl.com/ 0
0 336ms
53ms Script
text/javascript 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earn.dynamicapl.com/adipolo-marginal-advantage-20dbb2fde655c3e7d0bea924956df905-1685216834402.js
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 logo.png
mail.sport-tv.vip/ 8 KB
9 KB 271ms
269ms Image
image/png 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.sport-tv.vip/logo.png
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5131f6c3a378032ad46de09d43ab368359ba8714149ee4253bbbf021cd5fd022

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "219a-5a8d5002ebe36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iirrP3gxMMk8E6aoWxoG6L2iWRGJfeTEYVk8Q7tAUf3rY%2BUvWirTlVmbkv4TKxGqkUlNi8xucAxvMjbmeEn0Ad6D7%2BY3WU%2BckErdkAOixSJ2Z2RgZj1E3W9aZBW798nXuv3CCKOWqiDWgWlyr2O4rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8399d8b5186f4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 8602

GET
H2 200 reclama-ta-aici.png
mail.sport-tv.vip/ 15 KB
15 KB 386ms
384ms Image
image/png 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.sport-tv.vip/reclama-ta-aici.png
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf9e6cdb08b3099d2dcdaff48c97a7c884ce41f8cf4d8f6b496ffd64384b769

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3c8e-5a8d50033a41f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwyKwyVWdrfL2gzVwtvtF76s%2B%2BAZu1m%2FrOJPRwccJG8MQXZfxw013UK%2F%2FsbWiksX7wK8UgjSb%2Fs9RbBiTKst3zVW6lEwQ9foovm8HaIHmwFSto6qGZukcZnEDF9O71SG1ijZ3w52ZTzlwW%2FriNHgmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8399d8b518724bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15502

GET
H2 200 close.png
mail.sport-tv.vip/ 250 B
574 B 269ms
267ms Image
image/png 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.sport-tv.vip/close.png
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d263177e85acbbefbafc2111672469cfe33d4498f8e7cb9e83ab52e7e16273

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fa-5a8d50024ee7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL3iOacuDcKt266IDeFr5Zwyhvg3ww5n%2BOnnQicvxIBiMQxtAIcg7vCiOyHHaOd0cQXgnr02GyDG3FUrWGlgPF8N0yljwaN4BPbMFe4ejaCZVM6JGW5cpaDLTT8rlUEosQxAaKVNo8DhFL5SMal05A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8399d8b528b94bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 250

GET
H2 200 %5E.png
mail.sport-tv.vip/ 2 KB
2 KB 269ms
269ms Image
image/png 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.sport-tv.vip/%5E.png
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65b32ccf7cf28f4e29b61c25a82b3e16e8e127ffbde237a32df142339d63ac5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8a1-5a8d50020db83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1YAIWHn4m1TuYsgbb75bOPljXSE2yxHkPbOhJ0Nh1ZCsQJRZb4unpVY4I0V%2Fd3RHZRGycLqmXeumrxIvMLZ1oOJx1q%2BAkc54kJJpAj7exlcowPRFO%2BLX%2FIhFLhcGjYA3oVKKal63RkeO30CiMQ%2FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8399d8b528bc4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2209

GET
H2 200 email-decode.min.js Show response
mail.sport-tv.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.sport-tv.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLEyTWtzFB3MEkNJRFiL3IPrBNvJlU2rU2WTWAY2yAUVFo87B6WTJleLBAYA0pp%2Fl0DT%2FqfPPpGldAfkPWyM3HI8pQsnTNpaUiDeG5ZFGg9TNc4u67gfTNZvZs1SH0FqQsxgezrgEG6gF0kY%2BxxLgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8399d8b528ba4bcf-BUF
expires: Sun, 24 Dec 2023 16:47:24 GMT

GET
H2 200 tema.js Show response
mail.sport-tv.vip/ 154 KB
53 KB 518ms
517ms Script
application/javascript 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/tema.js
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8954c81ed7f95b918f07b8ea817b285a5d1224a7037939acf4532eea6dd31285

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Jun 2020 14:07:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2673d-5a8d5003cf6d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Qqn3BcQfbFGPzI0jYXgfnSG3RzlNkjaqo%2BsgV4HI6A9Xg4lnFvQId8o%2B7YFiz4ZJcKPALd3LK081%2Bc9PdVGcKBee5Q8onPZ5yb1SBMXmzvITwjwgzJjK0%2BL%2FZVuyNZg5zTogYTlZ4OVxMJvrpAKVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8399d8b528bb4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 150ms
60ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52778325-1

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79adf63f3ea7297f58ee59ccebe8b1e3baf7516ab941fbed63f16151b2309042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68840
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 16:47:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 89ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Dec 2023 16:47:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ev0qm5Cil79v6TK2Vmn88pUWX6OF0q7jLWFGyLW33M+rAidnq7pYtbiNC7dr9Rl+SWK7MU1w7PdJD6odrU8xTQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 115ms
56ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.sport-tv.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:26:11 GMT
x-content-type-options: nosniff
age: 228074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 01:26:11 GMT

GET
H3 200 Sport.php Show response
mail.sport-tv.vip/ Frame F344 3 KB
1 KB 271ms
270ms Document
text/html 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/Sport.php
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8RC1
Resource Hash: 7422e83450cc78f8d671deafb63a716e689b043c8c1fc4e2d54b4f786132e8f4

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8399d8b7dc846aed-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbOvaDeDjO7iFf2KZ%2FfyYhHoUn2ugXd%2FCclvnxxX9vD9Bo%2Buu2H6UoQ0bCgsfVKe4VGkJTMUH4AzNA9xpyKZxuxVmEfUihqG0eXUIBazdgpRPEzWrXxER0mll56GJtPS77mNmpJnwmY3YDOP63XkiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.8RC1

GET /
www.tvs-widget.com/ Frame 4318 0
0

GET tv-online.php
www.tvs-widget.com/widget/ Frame 2A47 0
0

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 1701 44 KB
15 KB 303ms
237ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Meciuri-si-TV-pe-Net/530484173643269&width=200&height=55&show_faces=false&colorscheme=light&stream=false&border_color&header=true

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8f2a09a56f012d2787db402f80f5448c714c386ba308b95fe6301339aed5c9c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 16:47:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zSyVkJAhyKB7haF+n6K4grQxkbVOR23DDgvqH3PbbPK++PjuPGQQEHn+3R7Z4+/sJgMJYAv7lANxny0GszZduA==
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 802D 48 KB
14 KB 329ms
266ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b27d3197fa7fa6df63a8f752791fb20219a85edd8aa024f819b34f80ae7c4e8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 16:47:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 9Wu5jcYxmQeBxZX7o8ZmaWlHcLb9qp7S9UuX/UJ+mzgwpi9U03Anwg/VCnN9qLtEhYOw9RiXMtKidJ+yFTBLCw==
x-xss-protection: 0

GET
H3 200 chat.php Show response
mail.sport-tv.vip/ Frame 77A6 755 B
932 B 266ms
265ms Document
text/html 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/chat.php
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8RC1
Resource Hash: 6e42d91a876123b154adafbc94a57c3e5522b7c046e342c5a3c532e189d30a58

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8399d8b7ec896aed-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDH4KXQomYWREXNfXC3mBfcP5U0HkAzeTJLNBxd5fmr%2BeZhLD5mRaZ7EXP%2Ff4ksGmUW14IRVYxmoN9XVziEGkHe8gWLHQxyN%2FLd3EbRSydJaxW5MPH0tdPqTfpZ4fnUnAPWuGRrNKZGnsFjCQkawyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.8RC1

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 51ms
24ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.sport-tv.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 15:33:20 GMT
x-content-type-options: nosniff
age: 90845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 15:33:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/tema.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ddcbca058fdf99192e6c0177a677462455d00b53b6ba023f7661553b5d8ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 16:47:25 GMT
content-md5: ivje3zCWnhauQp05poJ2oQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: qCf13D3xsGtU2DCiwM8JPrADOV+YuX4IzyXSjr1zKy3Pf/Ye7nvgeqDJgizaKqwnTDpNPBkFA1iC4xTJMwlZ7Q==
x-fb-content-md5: ddc490aaa3dfdbcd851036c7f3fbea1b
cross-origin-opener-policy: same-origin-allow-popups
etag: "860dec60f0da15aad8da4fd02a492187"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 22 Dec 2023 16:59:51 GMT

GET
H3 200 x.php Show response
mail.sport-tv.vip/ Frame D561 390 B
574 B 266ms
265ms Document
text/html 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/x.php
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8RC1
Resource Hash: 592176957abcdb14353764f43c99f072a6d112070bb335d0c6e4e543d8c60c5b

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8399d8b8eced6aed-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZAXyNXfDccP9eTqf0HP%2B1pUP0h5y3beQccv%2B1%2BJkvRmjigP2WU2hIxO73OJUqtUzjQkcHqOw6cX%2B%2Fgk8qHkfSadvHehRAgz%2BsR5mThWnR9kh18txoU9HsfgvqhotBQx9039Thr6fMnGlNcmmBzisQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.8RC1

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 100ms
38ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 29725
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8399d8b94d584bc1-BUF
content-length: 4547

GET
H2 200 1003523476488315 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 261ms
259ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1003523476488315?v=2.9.138&r=stable&domain=mail.sport-tv.vip

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cbee3eeb82f658468dd25ec921fc6f6407a1a832b95d4a6ff7dc1740bfaf5a3e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Dec 2023 16:47:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9sIZH+DKzq6wGNOi2f5J7lPA547xtScUF9qLOjORxlz6KHqKOtbUzMW+SmxMU1qEtYmZb+vc0mPGUhHIv/HWaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 84ms
83ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YG7EZNRMPY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52778325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aae77dddad431aa824d65eb39d96962a580c34b81e6505f108248db50ff328da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 16:47:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
25ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52778325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 15:32:54 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Dec 2023 17:32:54 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 62ms
32ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=858cd7d90d5570631810b595fd1dbd59

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b83ceb47a0b89d08eccd8be3663b0897d3c91235ea47233e8e1941bc690888c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.sport-tv.vip/
Origin: https://mail.sport-tv.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 16:47:25 GMT
content-md5: OSB+nTUTKY9NuiwN1HfQ1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86867
reporting-endpoints
x-fb-debug: qfoKyY98HUaOu8MyZhA7J0qOKl62mF1Ol8Ix0xGGWEWQue34ZJwySyXnO4HviTsCJ4QqME4j8PjbIapLArGwvw==
x-fb-content-md5: 7a7fa0f90301829da8f3711c93b08674
cross-origin-opener-policy: same-origin-allow-popups
etag: "6003a0971034929dc7102151b2ff6781"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 21 Dec 2024 16:24:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 379 B
514 B 84ms
26ms Script
text/html 149.56.240.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4609060&@f16&@g1&@h1&@i1&@j1703263645674&@k0&@l1&@mTV-Sport-HD.com%20%7C%20Meciuri%20Live%2C%20TV%20Online%2C%20OrangeSport%2C%20PrimaSport%2C%20DigiSport&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-97180072&@b3:1703263646&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmail.sport-tv.vip%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534300.ip-149-56-240.net
Software: /
Resource Hash: 16af53394458327a598a592eb56110a80b46194af28d6a70a7b904d9237300d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:29 GMT
Connection: close
Content-Length: 379
Content-Type: text/html;charset=UTF-8

GET
H3 200 sport2.css
mail.sport-tv.vip/ Frame F344 34 KB
9 KB 158ms
157ms Stylesheet
text/css 2606:4700:3035::6815:432f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.sport-tv.vip/sport2.css
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/Sport.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:432f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa794a89e62615a9c008915dfa69a6534a0c06fecf07c7f55d0c5f180fa9e2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/Sport.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Apr 2022 17:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8831-5dda67a0b58b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUMAcLMv3yvAluQBshcWtZIaHbOmLvRgTwgdNfjQ76WzCyvzostj5XkZ1Cw6g1hQ2hrM9ePQV2gCjxFRDubJHckFDF499Ypf4rAnlaPkwPorKTb8kOyYxJw55edxnViQA2ezBq6K215qW2OlmrR%2FuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8399d8b99d7e6aed-BUF
alt-svc: h3=":443"; ma=86400

GET meciuri.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET tvonlinex.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET orangesport1.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET orangesport2.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET orangesport3.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET orangesport4.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET eurosport.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET eurosport2.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET primasport1.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET primasport2.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET primasport3.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET primasport4.png
www.tvs-widget.com/photos/ Frame F344 0
0

GET
H/1.1 200
OK emb.js Show response
st.chatango.com/js/gz/ Frame 77A6 68 KB
24 KB 667ms
222ms Script
application/x-javascript 208.93.230.28
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/js/gz/emb.js
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/chat.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a00c24c97c8483eed0dfb3f812c87cb481b0ddcc6cb6adede296d439acc662b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Dec 2023 19:49:34 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23805
Expires: Fri, 22 Dec 2023 16:47:26 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 1701 20 KB
5 KB 139ms
73ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Meciuri-si-TV-pe-Net/530484173643269&width=200&height=55&show_faces=false&colorscheme=light&stream=false&border_color&header=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: gqE4PfJRilVG+2GdbNllCjXvNq0dEOWKUTy3zz9lAPvpWUQyk/c26h1zm88wzX9WguY0nEYSJwCf7n7sNKbEoQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 19 Dec 2024 18:25:05 GMT

GET
H2 200 iZpNYL8JfUb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1701 355 KB
92 KB 140ms
74ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xsO4Q3RmuC1PPAMeNJW+pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93994
reporting-endpoints
x-fb-debug: vrIDk2ThKGOSsL5nBBkJDguj7sMHJNM20GhVghUmt//mSgEacK3zhz9uiE4fTh1ZMd/H5eAhBNqY3RR/edVwHQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 00:05:00 GMT

GET
H2 200 t0ReYFsBFxb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 1701 10 KB
4 KB 97ms
31ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/t0ReYFsBFxb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0699ec87a5948593704673dd827854964f845df3971d277cfb1dc9322a4d7faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9Z6npeNNnMeScC7Vi4kYOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3562
reporting-endpoints
x-fb-debug: Fnq7U2DiiEbWmWWsvvluu9ZYcRKXzk/uYa95ALt0Gxhfroeddol3na9TvKXad0rnusFSxfpOgscUdXq06+rNqg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 17:31:33 GMT

GET
H2 200 BNOmQqjYezI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 1701 92 KB
27 KB 96ms
31ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/BNOmQqjYezI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab81ab8a69b4b0e1fb397e2311aa8ee984f00296fec1d3a41e6d6c428f36fbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rMbe+5UrTMpZGpVaQ4gtwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26964
reporting-endpoints
x-fb-debug: fgRmRJc3VUWiFYuael7Ffk68UyNDLIwXXn/U+iQhx4g1KnronCRSJAnyrF+olUZFWBSMAnqqcxGdIgfUYHkucg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 01:28:48 GMT

GET
H2 200 ZuO3Risk2lA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 1701 52 KB
17 KB 248ms
183ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ZuO3Risk2lA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3MfG3bosQwuBrrCMGI/XpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16972
reporting-endpoints
x-fb-debug: wm3ngnEiH7yRg05Y4+nL2Uj4W9B5ITadvYOjWVfbkFRmhlR6oIj1feJdo0T1HJnT3qN4Oonb6VWsF8v7+yODpg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:07:09 GMT

GET
H2 200 y1wKntgIB6R.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame 1701 70 KB
20 KB 247ms
183ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

230c606098a56269e556cfdb000c7097f75403003a3282447dc17ecf4094c3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hn7BldaKbU4aK2oO7OaGZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20025
reporting-endpoints
x-fb-debug: /7IBEwLB+OycmHnU2PNwrsQAkIgRSa9T2wK4moGVbsKzbiGHMmNUCQMwfm+GVYsi3tQ4bEPueIuYksZMPp8sMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 22:58:56 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1701 507 B
488 B 249ms
185ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: kVVdklcoKW0WZdA9EAVe7ffNSiQlE2yjiLqXPS2GDbWLtrCzQqgOUj/9cWg53KEfF+lv7+DYkeJrKacWi+HVcA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 11:58:59 GMT

GET
H2 200 308665289_387392300268780_6860788838389705052_n.png
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 1701 3 KB
4 KB 114ms
55ms Image
image/png 2a03:2880:f082:108:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/308665289_387392300268780_6860788838389705052_n.png?stp=cp0_dst-png_p50x50&_nc_cat=100&ccb=1-7&_nc_sid=4da83f&_nc_ohc=aYEarDg8uEAAX9ciW0q&_nc_ht=scontent-ord5-2.xx&edm=AEDRbFQEAAAA&oh=00_AfDnzUiBHgFhjThPhCgY_paSBNVgdhEFtJJQbACIdpYOdQ&oe=6589D4C8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Meciuri-si-TV-pe-Net/530484173643269&width=200&height=55&show_faces=false&colorscheme=light&stream=false&border_color&header=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b63244b26af2114db45a9757e1e3e632775c3af1abd0c5cd6cb10e47ca31c20d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 27 Sep 2022 17:47:48 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3691167804
thrift_fmhk: GBBNhYOeGVsmnm0MjnUIlZV+FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3742648294
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3528

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 38ms
37ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YG7EZNRMPY&gtm=45je3bt0v9119194835&_p=1703263645569&gcd=11l1l1l1l1&dma=0&cid=1937431057.1703263646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703263645&sct=1&seg=0&dl=https%3A%2F%2Fmail.sport-tv.vip%2F&dt=TV-Sport-HD.com%20%7C%20Meciuri%20Live%2C%20TV%20Online%2C%20OrangeSport%2C%20PrimaSport%2C%20DigiSport&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1172
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG7EZNRMPY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.sport-tv.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 802D 20 KB
5 KB 90ms
74ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: gqE4PfJRilVG+2GdbNllCjXvNq0dEOWKUTy3zz9lAPvpWUQyk/c26h1zm88wzX9WguY0nEYSJwCf7n7sNKbEoQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 19 Dec 2024 18:25:05 GMT

GET
H2 200 iZpNYL8JfUb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 802D 355 KB
92 KB 198ms
182ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xsO4Q3RmuC1PPAMeNJW+pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93994
reporting-endpoints
x-fb-debug: vrIDk2ThKGOSsL5nBBkJDguj7sMHJNM20GhVghUmt//mSgEacK3zhz9uiE4fTh1ZMd/H5eAhBNqY3RR/edVwHQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 00:05:00 GMT

GET
H2 200 t0ReYFsBFxb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 802D 10 KB
4 KB 201ms
185ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/t0ReYFsBFxb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0699ec87a5948593704673dd827854964f845df3971d277cfb1dc9322a4d7faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9Z6npeNNnMeScC7Vi4kYOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3562
reporting-endpoints
x-fb-debug: Fnq7U2DiiEbWmWWsvvluu9ZYcRKXzk/uYa95ALt0Gxhfroeddol3na9TvKXad0rnusFSxfpOgscUdXq06+rNqg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 17:31:33 GMT

GET
H2 200 BNOmQqjYezI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 802D 92 KB
26 KB 199ms
184ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/BNOmQqjYezI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab81ab8a69b4b0e1fb397e2311aa8ee984f00296fec1d3a41e6d6c428f36fbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rMbe+5UrTMpZGpVaQ4gtwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26964
reporting-endpoints
x-fb-debug: fgRmRJc3VUWiFYuael7Ffk68UyNDLIwXXn/U+iQhx4g1KnronCRSJAnyrF+olUZFWBSMAnqqcxGdIgfUYHkucg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 01:28:48 GMT

GET
H2 200 ZuO3Risk2lA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 802D 52 KB
17 KB 199ms
183ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ZuO3Risk2lA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3MfG3bosQwuBrrCMGI/XpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16972
reporting-endpoints
x-fb-debug: wm3ngnEiH7yRg05Y4+nL2Uj4W9B5ITadvYOjWVfbkFRmhlR6oIj1feJdo0T1HJnT3qN4Oonb6VWsF8v7+yODpg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:07:09 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 802D 507 B
442 B 200ms
185ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: kVVdklcoKW0WZdA9EAVe7ffNSiQlE2yjiLqXPS2GDbWLtrCzQqgOUj/9cWg53KEfF+lv7+DYkeJrKacWi+HVcA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 11:58:59 GMT

GET
H2 200 JMOqY9JKrro.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y1/l/en_GB/ Frame 802D 28 KB
8 KB 201ms
186ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y1/l/en_GB/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00fd6601121fa4380ad28e159b3a2586711087cd44163ec14cfb19f8eb0d6db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jPNVSxjGpLuydkE7xIGrcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7911
reporting-endpoints
x-fb-debug: HRJvT4FF+soOkVTDpPrXa0FYWLRkGw7b00D/7b+6rc6Je+T8BhCXD6lnd8Gzj9lp3jv+hsomi/5AJQbCKLvDEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 17 Dec 2024 02:46:55 GMT

GET
H2 200 y1wKntgIB6R.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame 802D 70 KB
20 KB 199ms
184ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

230c606098a56269e556cfdb000c7097f75403003a3282447dc17ecf4094c3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hn7BldaKbU4aK2oO7OaGZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20025
reporting-endpoints
x-fb-debug: /7IBEwLB+OycmHnU2PNwrsQAkIgRSa9T2wK4moGVbsKzbiGHMmNUCQMwfm+GVYsi3tQ4bEPueIuYksZMPp8sMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 22:58:56 GMT

GET
H2 200 310599696_403713235303353_6442098958595432507_n.png
scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 802D 66 KB
66 KB 90ms
28ms Image
image/png 2a03:2880:f082:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-1.xx.fbcdn.net/v/t39.30808-6/310599696_403713235303353_6442098958595432507_n.png?stp=dst-png_p130x130&_nc_cat=111&ccb=1-7&_nc_sid=081abc&_nc_ohc=I0JfSk-U15MAX-2q6SV&_nc_ht=scontent-ord5-1.xx&edm=ADwHzz8EAAAA&oh=00_AfC-JOIivH-XYnsi7D7eneA_8a9gT3X56BVV-wMZ6U8QAA&oe=658A2AD7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c4c6d067ded099cf628e0d45f278536abaf887c2471d670471b5c7113ebf5ebf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 17 Oct 2022 21:32:05 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=2128283862
thrift_fmhk: GBA4MErb+Qb0mTho9unebvBpFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3228026752
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 67104

GET
H2 200 308665289_387392300268780_6860788838389705052_n.png
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 802D 3 KB
4 KB 112ms
55ms Image
image/png 2a03:2880:f082:108:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/308665289_387392300268780_6860788838389705052_n.png?stp=cp0_dst-png_p50x50&_nc_cat=100&ccb=1-7&_nc_sid=4da83f&_nc_ohc=aYEarDg8uEAAX9ciW0q&_nc_ht=scontent-ord5-2.xx&edm=ADwHzz8EAAAA&oh=00_AfBALjoebRtjy9TWOFFfCoL9pCXHCcY9ctsLER_8vU0Qvg&oe=6589D4C8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b63244b26af2114db45a9757e1e3e632775c3af1abd0c5cd6cb10e47ca31c20d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 27 Sep 2022 17:47:48 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3691167804
thrift_fmhk: GBBNhYOeGVsmnm0MjnUIlZV+FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3742648294
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3528

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 38ms
38ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=207864335&t=pageview&_s=1&dl=https%3A%2F%2Fmail.sport-tv.vip%2F&ul=en-us&de=UTF-8&dt=TV-Sport-HD.com%20%7C%20Meciuri%20Live%2C%20TV%20Online%2C%20OrangeSport%2C%20PrimaSport%2C%20DigiSport&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=457054175&gjid=1814180086&cid=1937431057.1703263646&tid=UA-52778325-1&_gid=1925247815.1703263646&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=432198824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.sport-tv.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.sport-tv.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 140ms
77ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4609060&@f16&@g1&@h1&@i1&@j1703263645674&@k0&@l1&@mTV-Sport-HD.com%20%7C%20Meciuri%20Live%2C%20TV%20Online%2C%20OrangeSport%2C%20PrimaSport%2C%20DigiSport&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-97180072&@b3:1703263646&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmail.sport-tv.vip%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f2fe85af3a173bcf250c50eeba7856335015011c7f128242333cecb9e66b347

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:25 GMT
x-t: 0.252
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDRxlidlPn%2BssP0Yiti573%2FPjEVaSKvPEvkqUhqsKIKjDPIFso3HiDzVhVMLPzkt%2Fx4Pxn5DCEFRFZDIjFfsmLWFHhzS0TY41bcZtREDnLXnCt9YCQH3Fv1HOHuw2J02MzR9nc7B5L%2FvwIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 8399d8babbd74bbd-BUF
expires: Fri, 22 Dec 2023 16:47:24 GMT

GET
H2

403

index.html
promos-ro.betano.com/1000-lei-bonus-casino/ Frame 1120
Redirect Chain

https://bit.ly/tvshd1
https://promos-ro.betano.com/1000-lei-bonus-casino/index.html?btag=a_894b_2621c_[CustomMergeFields]&siteid=894

0
0

132ms
46ms

Document
text/html

2606:4700::6811:5459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos-ro.betano.com/1000-lei-bonus-casino/index.html?btag=a_894b_2621c_[CustomMergeFields]&siteid=894

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/x.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=15
cf-ray: 8399d8bbfe434bcf-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:26 GMT
expires: Fri, 22 Dec 2023 16:47:41 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 201
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 16:47:25 GMT
location: https://promos-ro.betano.com/1000-lei-bonus-casino/index.html?btag=a_894b_2621c_[CustomMergeFields]&siteid=894
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2

200

index.html Show response
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75
Redirect Chain

https://bit.ly/tvshd2
https://b1.trickyrock.com/redirect.aspx?pid=13832455&bid=37605
https://www.unibet.ro/stan/campaign.do?cmpId=1105051&affiliateId=1&unibetTarget=/ro/aff/casino-online/casino-celebration-2023/index.html&targetDomain=https://welcome.unibet.ro&btag=81744203_B2E06D2...
https://www.unibet.ro/stan/redirecttocampaign.do?cmpId=1105051&affiliateId=1&unibetTarget=/ro/aff/casino-online/casino-celebration-2023/index.html&targetDomain=https://welcome.unibet.ro&btag=817442...
https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=138...

19 KB
5 KB

819ms
151ms

Document
text/html

2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/x.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9d9b55a254e35c6325e2b0be5c09a7f4d77a08791586ccb1f5970443072a51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-cache-status: MISS
cf-ray: 8399d8cebf084bbb-BUF
content-encoding: br
content-md5: bfaAs2ftbfGTgFcXUtS2lQ==
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 16:47:29 GMT
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e567e6d5-b01e-0059-12f6-349581000000
x-ms-version: 2014-02-14

Redirect headers

cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
date: Fri, 22 Dec 2023 16:47:28 GMT
expires: Fri, 22 Dec 2023 16:47:27 GMT
location: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-browser-class: A
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ooops-debug: /500-pages/www.unibet.ro/index.html
x-os-class: M
x-xss-protection: 1; mode=block

GET

404.shtml
www.tv-sport-hd.com/ Frame F344
Redirect Chain

https://mail.sport-tv.vip/fonts/monda-regular-webfont.woff
http://www.tv-sport-hd.com/404.shtml

0
0

GET
H2 200 /
www.facebook.com/tr/ 0
106 B 30ms
28ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1003523476488315&ev=PageView&dl=https%3A%2F%2Fmail.sport-tv.vip%2F&rl=&if=false&ts=1703263645894&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703263645892.822017834&cs_est=true&ler=empty&it=1703263645585&coo=false&rqm=GET

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Dec 2023 16:47:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 4A53 1 KB
789 B 76ms
75ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401703263645F6BF8F2F876F281F13
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a048f3a43181f9ca7fb097a6fb984f9ac2264742b420cb0e5b52bc33cf41df

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8399d8bb4c214bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 16:47:26 GMT
expires: Fri, 22 Dec 2023 16:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtcfo8PdFLq6KIUZ8qU%2Bp5xeruK9zf7hkcxXJAT4QW2BQE7LEw%2Br3NRs0GbGGmE6UwTymTN6%2B1D5H2kcuSb6j%2BoTEBfGPEOtx%2FrfAjR%2BP53at2qXGp2uz0ZauSWUymAd8%2FLhlBv6q0BAtK4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 159ms
46ms Script
text/javascript 108.157.142.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-40.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront)
date: Thu, 21 Dec 2023 19:34:10 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: MCI50-P1
age: 76397
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 9dI79u6gVlBh-0ntO3KCgjODfUh0t93y97BQ4LZ5Hj0RJotu38YcwQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 163ms
37ms Script
application/javascript 3.135.156.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.156.190 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-156-190.us-east-2.compute.amazonaws.com

Software

Resource Hash

240d108ebefb8c0aa34036600fb93ad4400781817fff1aeefed81fb6cd4817e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 80ms
27ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 187682
etag: W/"651ed188-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8399d8bb9ddc548b-YYZ
expires: Mon, 25 Dec 2023 16:47:26 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
375 B 72ms
71ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=mail.sport-tv.vip&_ss=23oy1454ck&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=44cb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa6e3388f298ff1ee48a7b3701b60a7887709c593dfdb8d469759666f3d5585

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-t: 0.154
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqL8ihPkBb%2Fo%2BqyQz88NWoidTdapOmYAf7o8R7wYcEV%2BTBtJwypN7O%2BZO35mQL%2FM0cQ9%2B5gsj3TvXK5eH8gRv3FuMaX7JU%2BWM0xSJNOjmsgVDk4RZKJGkE%2Ffa3G2YYiOSZV9qxZGDYvb%2B1U%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8399d8bb4c224bbd-BUF
expires: Fri, 22 Dec 2023 16:47:24 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 130ms
29ms Script
application/javascript 23.196.3.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.029493785226724745&stid=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Fri, 22 Dec 2023 17:47:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 37ms
37ms Image
image/gif 3.135.156.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmail.sport-tv.vip%2F&event_source=dtscout&rnd=0.029493785226724745&exptid=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&fcmp=false

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.156.190 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-156-190.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
457 B 168ms
69ms Fetch
application/json 108.157.150.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.150.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-150-51.mci50.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
via: 1.1 b39e6d7c3a0b7ad08db4db7d030c76b6.cloudfront.net (CloudFront), 1.1 5e2c18481aee203964e7bfce3a71a06c.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, MCI50-P2
x-amzn-requestid: 2747e201-3d1c-4e45-a7a0-2516ba963da4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: QWqQyH1CCYcEbVQ=
content-length: 50
x-amz-cf-id: 08brx7LLUrfEgHJ1rUuuEvpyLKF50asN-FOhHxc4xuRjyeWb4LQWcg==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 134ms
44ms Script
text/javascript 108.157.142.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-99.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:16:37 GMT
content-encoding: gzip
via: 1.1 f94f111858ae30776d9438404c17ed14.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: MCI50-P1
age: 12650
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: H8xrc9yFc4QbvC6-iBrRCANkOPpnvdPm4MyrxW3-YN2lzAVNuznXWA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
600 B 163ms
101ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401703263645F6BF8F2F876F281F13&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmail.sport-tv.vip%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmail.sport-tv.vip%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-t: 1.08
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BztcXF0v5ybeA0fGmHucwroovAd72KXl6JEWBXaBu%2BCAZgT8JOJZDQTVlHUjSxQvwPXuAdvMy9RL%2B913Q4hu48wC46sWWe70yHcCU8rUBgBqWiXt5rQdyQsArMA19U%2FYL780J3RyZ1b0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8399d8bd1c324bbb-BUF
expires: Fri, 22 Dec 2023 16:27:14 GMT

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401703263645F6BF8F2F876F281F13
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=6d723988ee42c479

62 B
426 B

236ms
131ms

Image
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=6d723988ee42c479
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 22 Dec 2023 16:47:26 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=6d723988ee42c479
content-length: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 1701 573 B
713 B 29ms
28ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:26 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZWmkkBam3OTuXbsGlLSENq0hVCpsRS5DpaUW0Nkn7jwMgekFQb3viSknHWEjcmN0dp6yD1BO27ZwZyYSqIzkgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Dec 2024 09:59:58 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 802D 573 B
710 B 29ms
29ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:26 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZWmkkBam3OTuXbsGlLSENq0hVCpsRS5DpaUW0Nkn7jwMgekFQb3viSknHWEjcmN0dp6yD1BO27ZwZyYSqIzkgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Dec 2024 09:59:58 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 89ms
27ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1703263646241&dn=AFWU&iso=0&pu=https%3A%2F%2Fmail.sport-tv.vip%2F&t=TV-Sport-HD.com%20%7C%20Meciuri%20Live%2C%20TV%20Online%2C%20OrangeSport%2C%20PrimaSport%2C%20DigiSport&chmob=0
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H3 200 uJcry4Jjx7c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 802D 208 KB
59 KB 31ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/uJcry4Jjx7c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6NU2u2NaljUSgCnnqgTgQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60780
reporting-endpoints
x-fb-debug: 8ZuT/PRMkGYjKKNw3lcUcClUBGqrwoWq/Bdm5VpqsvkqxQ0h5PXti4wgiue7Az8FNdlvJlETNFdelTRhosgA5w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:26:48 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3AD5 2 KB
1 KB 30ms
29ms Document
text/html 23.196.3.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.029493785226724745&stid=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Fri, 22 Dec 2023 16:47:26 GMT
Expires: Fri, 29 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 802D 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 802D 988 B
676 B 89ms
89ms XHR
application/x-javascript 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5244fd40d97fa9b14dd4028d6bd5e59d282d1af84af788a5e6e7c6110c4387b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 5rcgdJ9EoI6LHLmElsD3Fu
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
X-ASBD-ID: 129477
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 16:47:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 3GMo0Rmwcta8spIoJw5GPQLPgcTBgrjpznjE3SWEdV3+EVYF+QRXrnsBa6iadRQOSSCAgKJ9dkynDhA4LR3EEw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 802D 1 KB
1 KB 29ms
28ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:26 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: oNaxWhk10eXbnqUlRpTe14Om01Z0HPPkDu1qvlUaZCxScAF+IYrVCZy9R+pNlJL2FbZyjgQDyEt9RTyGRemtBw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Dec 2024 09:38:01 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23366/a/US/ Frame 0976 19 KB
9 KB 32ms
31ms Script
text/javascript 23.196.3.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Fri, 29 Dec 2023 16:47:26 GMT

GET
H/1.1 200
OK id.html Show response
st.chatango.com/h5/gz/r1214231145/ Frame D604 681 KB
219 KB 157ms
156ms Document
text/html 208.93.230.28
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/h5/gz/r1214231145/id.html
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: eac36362258f5e84353339374dbd3a71b7cb4217e6c03aedd5247a8cf98ecd98

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224196
Content-Type: text/html
Date: Fri, 22 Dec 2023 16:47:26 GMT
Expires: Sat, 21 Dec 2024 16:47:26 GMT
Last-Modified: Thu, 14 Dec 2023 19:49:34 GMT
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Server: nginx

GET
H/1.1 200
OK r.json Show response
st.chatango.com/cfg/nc/ Frame 77A6 20 B
338 B 370ms
74ms XHR
application/octet-stream 208.93.230.28
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/cfg/nc/r.json?4664220020000301665891570
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c3bdb58b5a0a6dd9beaf47519f3dc9d4aec7679918f0e4464157ad0567af2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Last-Modified: Thu, 14 Dec 2023 19:49:34 GMT
Server: nginx
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 33ms
27ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fmail.sport-tv.vip%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 71795cdb68df36498d1ca7b7fae677b451a690366881a50f5b951d3586404d7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 22 Dec 2023 16:47:25 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1350
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame ED8D 438 B
675 B 39ms
39ms Script
application/javascript 3.135.156.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.156.190 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-156-190.us-east-2.compute.amazonaws.com

Software

Resource Hash

c7f9a51391e10cbf3c931abc1b49d365581cc4ae168d7ee5f016debcf99c59a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 0976
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&gdpr=0&gdpr_consent=

42 B
297 B

181ms
59ms

Image
image/gif

3.18.123.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&gdpr=0&gdpr_consent=

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Server

3.18.123.179 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-123-179.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmWFvZ4AAAAIJU0NAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&gdpr=0&gdpr_consent=
date: Fri, 22 Dec 2023 16:47:26 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 0976
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdjQUJtV0Z2WjRBQUFBSUpVME5Bdz09EAAaDQie-5asBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&rand=08012722

0
141 B

129ms
129ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&rand=08012722
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DB575C4FA97143C99C147E2C4C865D20 Ref B: NYCEDGE1608 Ref C: 2023-12-22T16:47:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNG/ihI8ESv9/iG6lctQ==

Redirect headers

date: Fri, 22 Dec 2023 16:47:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b322e4ceec2e79cd07171ece6b3a941b628ca68a19fd6a679a8bc2f1286dae93791426b5417dce21&rand=08012722
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 0976
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2N1yEavUzhaT2wz_l2JzL7VsxRaSb6t--35jWqF8riF8&gdpr=0&gdpr_consent=

42 B
297 B

164ms
36ms

Image
image/gif

3.18.123.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2N1yEavUzhaT2wz_l2JzL7VsxRaSb6t--35jWqF8riF8&gdpr=0&gdpr_consent=

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Server

3.18.123.179 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-123-179.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmWFvZ4AAAAIJU0NAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2N1yEavUzhaT2wz_l2JzL7VsxRaSb6t--35jWqF8riF8&gdpr=0&gdpr_consent=
Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 0976
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3640816194143387672
https://ml314.com/csync.ashx?fp=38336e7eaf426cf89e234a8d296f86ef8093a346821964777307955aff8df1b4f4cb09cee1a4f8eb&person_id=3640816194143387672&eid=50082

43 B
124 B

51ms
50ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=38336e7eaf426cf89e234a8d296f86ef8093a346821964777307955aff8df1b4f4cb09cee1a4f8eb&person_id=3640816194143387672&eid=50082
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 16:47:26 GMT
date: Fri, 22 Dec 2023 16:47:26 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Fri, 22 Dec 2023 16:47:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=38336e7eaf426cf89e234a8d296f86ef8093a346821964777307955aff8df1b4f4cb09cee1a4f8eb&person_id=3640816194143387672&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 0976
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGcABmWFvZ4AAAAIJU0NAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

37ms
37ms

Image
image/gif

3.18.123.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Server

3.18.123.179 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-123-179.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGcABmWFvZ4AAAAIJU0NAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Fri, 22 Dec 2023 16:47:26 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 802D 213 B
349 B 28ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 22 Dec 2023 16:47:26 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: uhsqhFo90kfrMUWmW+nBDdns0xnKPTKl7Xr1gpHFCBDVdDSW7z9Z3mK2QRAitKMD2hHx9/ktm3TOYTp6vwO8mA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 13 Dec 2024 07:41:05 GMT

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame 3940
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1703263646463.6
https://tags.bluekai.com/site/27519?id=212391354827564&ret=html&random=1703263646

71 B
552 B

366ms
130ms

Document
text/html

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212391354827564&ret=html&random=1703263646
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fmail.sport-tv.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

bk-server: 3610
content-length: 71
content-type: text/html
date: Fri, 22 Dec 2023 16:47:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Fri, 22 Dec 2023 16:47:25 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212391354827564&ret=html&random=1703263646
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 400000000040080C

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703263646463.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703263646463.1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&bid=1e2n4ou

70 B
440 B

43ms
42ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&bid=1e2n4ou
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&bid=1e2n4ou
date: Fri, 22 Dec 2023 16:47:26 GMT
server: Kestrel
content-length: 191

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2&expected_cookie=aa04c6a3-3fcd-4fc2-89c9-fa1f06072a51

0
141 B

135ms
134ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2&expected_cookie=aa04c6a3-3fcd-4fc2-89c9-fa1f06072a51
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DC2605E9C21043BEB086CD028AC1949B Ref B: NYCEDGE1608 Ref C: 2023-12-22T16:47:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNG/ifmyK1LgUOSdrfig==

Redirect headers

date: Fri, 22 Dec 2023 16:47:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0C0A11A2C1E7417EA1EBF71E33A037BF Ref B: NYCEDGE1608 Ref C: 2023-12-22T16:47:26Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: /db_sync?pid=15927&puuid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&_rand=1703263646463.2&expected_cookie=aa04c6a3-3fcd-4fc2-89c9-fa1f06072a51
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNG/idgJq8yvREeUcqMw==

GET
H2

204

a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&ts=1703263646463.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6585bd9e68ac570001f82914%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6585bd9e68ac570001f82914%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/8519367046122621226?ch=6585bd9e68ac570001f82914&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8?ttd_puid=&gdpr=0&gdpr_consent=

0
561 B

39ms
39ms

Image
text/plain

18.213.232.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 18.213.232.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-232-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8?ttd_puid=&gdpr=0&gdpr_consent=
date: Fri, 22 Dec 2023 16:47:26 GMT
server: Kestrel
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cc0439ff-3cc1-41cc-ad65-1bb6dfaa2501%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8&ttd_puid=cc0439ff-3cc1-41cc-ad65-1bb6dfaa2501%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

147ms
35ms

Image
text/plain

34.225.230.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 34.225.230.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-230-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n031-ash-prod.krxd.net
date: Fri, 22 Dec 2023 16:47:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1703263647
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Fri, 22 Dec 2023 16:47:26 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1703263646463.5
https://idsync.rlcdn.com/405716.gif?partner_uid=212391268849554

42 B
289 B

54ms
53ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212391268849554
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:26 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212391268849554
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKSGWFvZ5GK2xuBt5vAg%3D%3D&us_privacy=&random=1703263646463.7&pu=https%3A%2F%2Fmail.sport-tv.vip%2F
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212391266692695&seg_code=33x&random=1703263646
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212391266692695%26seg_code%3D33x%26random%3D1703263646

43 B
838 B

33ms
32ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212391266692695%26seg_code%3D33x%26random%3D1703263646

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:26 GMT
an-x-request-uuid: 27edef93-fd92-433e-af60-69ff44fb1eac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.37; 96.9.249.37; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:26 GMT
an-x-request-uuid: 2484711f-4498-462b-8f93-606e67f71b01
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212391266692695%26seg_code%3D33x%26random%3D1703263646
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.37; 96.9.249.37; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame ED8D 51 KB
16 KB 279ms
42ms Script
application/javascript 23.7.64.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-7-64-229.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 22 Dec 2023 16:47:26 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 29 Dec 2023 16:47:26 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 802D 0
0 134ms
133ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FMeciuri-si-TV-pe-Net%252F530484173643269%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Dec 2023 16:47:26 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: tBJ85CK38xvRgODKKZeWePt+jvNrdsqn5RxR9s7ir36u2t58GniEtG8Lnd5IP8XvQTp+sFUsk5VthbqJ5aX3gA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/chatango-network/ Frame D604 140 KB
43 KB 72ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r1214231145/id.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc8eee0cc8abf387721362adf0e4fd700be3c506b8260eff5f5b845a4491c8b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: eDtXBvAaMzBfzhc0fli8C3kmGbzWtmzB
content-encoding: gzip
via: 1.1 varnish
date: Fri, 22 Dec 2023 16:47:26 GMT
x-amz-request-id: DRV1J09JJ8VX106S
age: 114
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 43692
x-amz-id-2: FSe9G6jIuY4paUq3PEIvY3HHFSPvc1qX5Y9nv9MpKkKPEBcFMsjWS3rVb3mQrIr4UC4WjWpB4IQ=
x-served-by: cache-yyz4549-YYZ
last-modified: Thu, 21 Dec 2023 11:01:53 GMT
server: AmazonS3
x-timer: S1703263647.665393,VS0,VE0
etag: "c648d196bde74b3128bf4c7e2a8c9941"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 146ms
40ms Script
text/javascript 108.157.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.150.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-150-20.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 24948856b0f7ba2a78f73187b329c3d6.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 15:56:06 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: MCI50-P2
age: 3081
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ujEiRmsHbjZyg_IbdIJd5bFOmdyXYyHYI9lFkjHR9w6OM7m0duY3rQ==

POST bz
www.facebook.com/ajax/ Frame 802D 0
0

GET
H2 200 impl.20231221-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame D604 828 KB
172 KB 21ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vNZAYZ60TOWTB9Ads6U8C7BOy9GG6RmI
content-encoding: br
via: 1.1 varnish
date: Fri, 22 Dec 2023 16:47:26 GMT
x-amz-request-id: A52TGABHVZBJ3YJM
age: 23183
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 175420
x-amz-id-2: 1VLcUTYcXx0PsvTXmZVcrcBG5B7vRMIh3G3jBErJUo3qm8krtHryOMvgedeJeIwESzdWXU2t7Qs=
x-served-by: cache-yyz4549-YYZ
last-modified: Thu, 21 Dec 2023 10:13:58 GMT
server: AmazonS3-br
x-timer: S1703263647.724317,VS0,VE0
etag: "2e5fc0835e8fbe3a1c0438d18f279d96"
vary: Accept-Encoding
content-type: application/javascript
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 13137

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
465 B

32ms
32ms

Fetch
application/json

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: f1cf462291bc8bdcbbc4e45f4b0471d6f5bac8b81d2fab2306e6a3954f4d6ba0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mail.sport-tv.vip
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Fri, 22 Dec 2023 16:47:26 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://mail.sport-tv.vip
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame D604 46 B
288 B 92ms
30ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 456841
expires: 60

GET
H2 200 59574 Show response
stags.bluekai.com/site/ Frame 89E0 62 B
580 B 100ms
97ms Document
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGcABmWFvZ4AAAAIJU0NAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=87830681
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Fri, 22 Dec 2023 16:47:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 100ms
36ms Script
image/gif 107.21.239.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=H3VPjSZHGIrvyBmXRL2fkdwg
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-239-57.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:27 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9998 0
0 519ms
38ms Document
text/plain 18.173.132.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14547
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-65.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Fri, 22 Dec 2023 16:47:28 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ab8bcd9c092f618064e495d01acbd726.cloudfront.net (CloudFront)
x-amz-cf-id: mOD8-eFQZ0LovVFB2-Y7qSodEFa8yxxUP2nqlvQ7d-SiTdPH9Atslg==
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D604 52 KB
21 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r1214231145/id.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 15:32:54 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4474
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Dec 2023 17:32:54 GMT

GET
H/1.1 200
OK gprofile.xml Show response
ust.chatango.com/groupinfo/t/v/tv-sport-hd1/ Frame D604 118 B
424 B 516ms
74ms XHR
text/xml 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.chatango.com/groupinfo/t/v/tv-sport-hd1/gprofile.xml
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r1214231145/id.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: ddfd4b641c5fad5599fe69504e1018bfa6bbd897e53579104a01146492d7aebb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:28 GMT
Last-Modified: Sat, 30 Sep 2023 04:45:20 GMT
Server: nginx
Content-Type: text/xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
Expires: Fri, 22 Dec 2023 16:47:28 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=57751
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=57751&_li_chk=true&previous_uuid=07694db542214aba9ccefed136af8f86
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

171ms
28ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:28 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 253114
expires: Fri, 22 Dec 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Fri, 22 Dec 2023 16:47:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
141 B 135ms
135ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H3VPjSZHGIrvyBmXRL2fkdwg&rand=51280&pu=
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:28 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5C20482925E34122A1355FDE14B5F93D Ref B: NYCEDGE1608 Ref C: 2023-12-22T16:47:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNG/jB4Fs1JtZMeJA74w==

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/p/i/piturcaofisal/ Frame D604 1 KB
2 KB 375ms
74ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/p/i/piturcaofisal/thumb.jpg
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b2602f8205b8bcef2bfa66378891916f94d1a9a84f64fe2aa877697ecf68d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:29 GMT
Last-Modified: Tue, 13 Apr 2021 20:46:48 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1367
Expires: Fri, 22 Dec 2023 16:47:29 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/b/i/bibone/ Frame D604 1 KB
2 KB 375ms
75ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/b/i/bibone/thumb.jpg
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ea39610c6247c6290719ea8021e3d9f93bcce971f2b29b1b1590a3d79003272

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:29 GMT
Last-Modified: Tue, 08 May 2018 17:31:51 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1535
Expires: Fri, 22 Dec 2023 16:47:29 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/m/i/micksvw/ Frame D604 1 KB
1 KB 354ms
74ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/m/i/micksvw/thumb.jpg
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ab87682329bb2c0b38b25123b65299da006f3b65ddc4ada66e28f9b2b832793

Request headers

accept-language: en-US,en;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:29 GMT
Last-Modified: Fri, 02 Mar 2018 19:57:00 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1147
Expires: Fri, 22 Dec 2023 16:47:29 GMT

GET
H2 200 master_tag.js Show response
a1s-cdn.unibet.com/unibet/bannerflow/scripts/ Frame 7C75 957 B
1 KB 635ms
33ms Script
application/javascript 85.184.96.5
UNIBET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

Requested by

Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),

Reverse DNS

Software

kindred-loadbalancer /

Resource Hash

c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:29 GMT
strict-transport-security: max-age=63072000; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
server: kindred-loadbalancer
x-browser-class: A
etag: "3bd-5dd799309c310"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=1800, public, must-revalidate
x-os-class: M
accept-ranges: bytes
content-length: 957
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 7C75 85 KB
30 KB 83ms
24ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 23:51:11 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ Frame 7C75 53 KB
12 KB 100ms
37ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1521961
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMiBs4XnzpleQsHqH5F77oPxtoGv3hvbxb%2BxKdw02ck4I5zFO0FYhZKgR9Mts4Z0LJYB5oaCd6Quq%2BPVCK%2F3s0glWGr7qP%2FX7FsmA9a%2Ftts%2Bkpn8ipqozjpKjDkEr3Kq5MjnE%2F0kE9ACN5ZgJsxGNHy3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8399d8d02f524314-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 1-styles.css
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 23 KB
6 KB 59ms
55ms Stylesheet
text/css 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-styles.css
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1309a5ec0ca1b482194142cc7a2f243fa5b3022c96cd76e4257e69b20abb242

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: tO4kP8mAQfpRyzdOOLFU0w==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC8AD5506"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 091d4451-d01e-003d-16c5-336419000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbff64bbb-BUF

GET
H2 200 1-main.js Show response
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 4 KB
2 KB 63ms
60ms Script
application/javascript 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-main.js
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC8BE4272"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: afc208fa-e01e-0044-7df9-21983d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbff74bbb-BUF

GET
H2 200 css
fonts.googleapis.com/ Frame 7C75 6 KB
802 B 40ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 14:47:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 16:47:29 GMT

GET
H2 200 read_json_bf.js Show response
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 6 KB
2 KB 113ms
111ms Script
application/javascript 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/read_json_bf.js
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfbc1f6c8c6c4b63320a93c994ad6ac9de3bbcdd0ad1dacc9ba38e5c2679615

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 5VMXSqFlpwF0JiSAmQqZnw==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:23 GMT
server: cloudflare
etag: W/"0x8DB6B3AC9684C1C"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ca7b2e8f-a01e-0055-66a9-240289000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbff84bbb-BUF

GET
H2 200 custom.js Show response
welcome.unibet.ro/ Frame 7C75 6 KB
2 KB 62ms
61ms Script
application/javascript 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/custom.js
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
server: cloudflare
etag: W/"0x8DA115DA300B0C1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2c9de519-901e-0061-2f5c-213141000000
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbff94bbb-BUF

GET
H2 200 unibet-logo.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 3 KB
1 KB 67ms
66ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/unibet-logo.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb461ad12e6f931815042b57a447b64e8d3a06d1576c1f7c79b9c7e5a42a8b34

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC8EF0F43"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e20f926c-b01e-0059-6004-239581000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbffa4bbb-BUF

GET
H2 200 utv-logo.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 807 B
615 B 59ms
59ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/utv-logo.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: QazcDvviTF55mXL/M8kCWQ==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC8E7BD52"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fb784199-101e-001d-0d84-151fbe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8cfbffb4bbb-BUF

GET
H2 200 app-store-ro.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 12 KB
4 KB 61ms
61ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/app-store-ro.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:23 GMT
server: cloudflare
etag: W/"0x8DB6B3AC98C227C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5774b70e-301e-0047-4504-237959000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8d018904bbb-BUF

GET
H2 200 google-play-ro.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 6 KB
2 KB 62ms
61ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/google-play-ro.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf35a33c9a8a912b82a62cffbca0c69a5db72aba6c622b77d471a1428b969dd2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:23 GMT
server: cloudflare
etag: W/"0x8DB6B3AC9937475"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e9338fa6-301e-001a-52a9-2473dd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8d028964bbb-BUF

GET
H2 200 icon-trust.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 1 KB
760 B 56ms
56ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/icon-trust.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323e94b4a6a0b33de9b79d4dac91274635e005ba31335ac6f961af518f976ffe

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC911FB6C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 33ed4a49-a01e-0045-238e-23c7e1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8d3aac24bbb-BUF

GET
H2 200 icon-expert.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 966 B
667 B 56ms
55ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/icon-expert.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbca379909a5f57b65b90094901804655f8cd82c05312a754320b7ae30c5187

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Z4302O+bSqlX5UM92U+35A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC918D839"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5d9ecdbc-001e-005c-7ea9-24475a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8d3bac44bbb-BUF

GET
H2 200 icon-sports.svg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 1 KB
1 KB 79ms
77ms Image
image/svg+xml 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/icon-sports.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758ddcbcbe402aaf16d21ab756daa63b3353b2abf619ca1873a4b6c6b5ac53cf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: W/"0x8DB6B3AC91FB509"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6aa9f407-201e-0016-0fc5-33e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8399d8d3cace4bbb-BUF

GET

/
www.unibet.ro/ Frame 7C75
Redirect Chain

https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/gambling-commission.png
https://www.unibet.ro/

0
0

GET
H2 200 ca4bf41b-2ee9-4af9-b150-f3931ce5d618.png
c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/ Frame 7C75 5 KB
5 KB 127ms
53ms Image
image/png 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/ca4bf41b-2ee9-4af9-b150-f3931ce5d618.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7edd6449a4be5372d0ea121f65559df228165a21cd3da2697494d7b05a6f4c2b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
cf-cache-status: HIT
content-md5: aGfuLId0MvHHRN9x2T+GKQ==
content-length: 4779
x-ms-lease-status: unlocked
last-modified: Thu, 01 Sep 2022 15:07:53 GMT
server: cloudflare
etag: "0x8DA8C2BBE98C715"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bbce5506-801e-006c-6fe1-233e44000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 8399d8d44e774bd3-BUF

GET
H2

200

/
www.unibet.ro/ Frame 7C75
Redirect Chain

https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/com-payments.svg
https://www.unibet.ro/

0
0

285ms
284ms

Image
text/html

85.184.96.0
UNIBET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unibet.ro/
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Server: 85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location: https://www.unibet.ro/
date: Fri, 22 Dec 2023 16:47:29 GMT
server: cloudflare
cf-ray: 8399d8d3cad04bbb-BUF
content-length: 0
vary: Accept-Encoding

GET
H2 200 lastclick.min.js Show response
a1s.unibet.com/orval/tracking/ Frame 7C75 2 KB
1 KB 504ms
29ms Script
application/javascript 85.184.96.5
UNIBET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a1s.unibet.com/orval/tracking/lastclick.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),

Reverse DNS

Software

kindred-loadbalancer /

Resource Hash

5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
server: kindred-loadbalancer
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
etag: W/"705-5e57dfbd5830d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=1800, public, must-revalidate
x-os-class: M
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=49901
https://ce.lijit.com/merge?pid=2&3pid=E36DE4DFEB69467CAECC7C6D71982F55

43 B
679 B

90ms
29ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E36DE4DFEB69467CAECC7C6D71982F55
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 16:47:29 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 16:47:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=E36DE4DFEB69467CAECC7C6D71982F55
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 21 Dec 2023 16:47:29 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 0976 0
289 B 32ms
31ms Image
text/plain 23.196.3.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGcABmWFvZ4AAAAIJU0NAw%253D%253D&tt=t.dhj&dhjLcy=1703263646305&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=mail.sport-tv.vip&pn=%2F&qs=na&rdn=mail.sport-tv.vip&rpn=%2F&rqs=na&cc=US&cont=NA&evid=0LLbSyYAex2JBpJCbZ4N&urls=!1!400!b-13j,!0!480!b-13l,!1!401!b-14s,!1!0!b-14t,!1!254!b-150,!1!490!b-16f&rnd=1703263649468&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=35

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 16:47:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Fri, 22 Dec 2023 16:47:29 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/kindred/bannerflow/prod/ Frame 7C75 151 KB
41 KB 221ms
111ms Script
application/javascript 2600:9000:2511:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/kindred/bannerflow/prod/utag.js
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/custom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d155d75ebb10883d2851d0faa6354ea6306b7596305ae874cfe5a77fdb5a85d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: kEPpliW7JnorcY_Z7MZxrLygyTSah109
content-encoding: br
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 16:47:31 GMT
last-modified: Fri, 15 Dec 2023 09:35:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"01982eab42132ea49729c1e3be104c8b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: sSpz8-3S7yjH4mJtM1LS2fdlZQ3zQP27vdVFA34076XCldl-77DDZQ==

GET
H2 200 1-bg-mobile-black.jpg
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 192 KB
192 KB 78ms
78ms Image
image/jpeg 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-bg-mobile-black.jpg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eed0edd84881bb81d28c62a12a12f8d83fcf22b5ee2c2e275b0a1eff99eb202

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
cf-cache-status: HIT
content-md5: 3ZJasVbPQc1utZJxw1uHnQ==
content-length: 196677
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:22 GMT
server: cloudflare
etag: "0x8DB6B3AC8E0927E"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b92c21f9-401e-004d-458e-23ddee000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d3dad24bbb-BUF

GET
H2 200 Unibet_Pro_2020.woff2
welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/ Frame 7C75 11 KB
11 KB 129ms
59ms Font
application/font-woff2 2606:4700:4400::ac40:9098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/Unibet_Pro_2020.woff2
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

Request headers

Referer: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/1-styles.css
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:29 GMT
cf-cache-status: HIT
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
content-length: 10924
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jun 2023 11:47:23 GMT
server: cloudflare
etag: "0x8DB6B3AC94A683D"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 0591e8d9-601e-0007-02c5-337e61000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d44fa44bcf-BUF

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C75 16 KB
16 KB 62ms
58ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:33:07 GMT
x-content-type-options: nosniff
age: 198862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 09:33:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C75 15 KB
15 KB 31ms
27ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:14:19 GMT
x-content-type-options: nosniff
age: 217990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 04:14:19 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ Frame 7C75 73 KB
73 KB 37ms
34ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 793810
alt-svc: h3=":443"; ma=86400
content-length: 74320
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
server: cloudflare
etag: "3638e62ea50e6f5859b6a15276c25c87"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI4Yup%2BCW%2FMU9PM%2Fdq6WgRqosx6%2FLYlbbCzuAMOYzK0NSETANspatYLQdx5mYRAvL8F7%2FsjEasF4QqNurP73pF6jLuLwZ%2BpweTEOSUuYB9jtFF%2BqWy5j1LyrZ9%2BfGZslktMFdC9%2BPX5VGP51s3XbA1%2Be"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8399d8d3ebb94314-EWR

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C75 15 KB
15 KB 58ms
56ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 03:48:51 GMT
x-content-type-options: nosniff
age: 219518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 03:48:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C75 12 KB
12 KB 63ms
63ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:05:14 GMT
x-content-type-options: nosniff
age: 204135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 08:05:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C75 12 KB
12 KB 58ms
57ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:27:45 GMT
x-content-type-options: nosniff
age: 245984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 20:27:45 GMT

GET
H2 200 ro-onjn-952e36b7-0554-4ae9-9cb7-ee6bf7d19f38.png
cdn.bannerflow.com/resources/ Frame 7C75 12 KB
13 KB 185ms
85ms Image
image/webp 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/ro-onjn-952e36b7-0554-4ae9-9cb7-ee6bf7d19f38.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866d748a6a8949bc33e6ec79768696000fedc9b03a2dc04a18293948166f65c4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: HIT
content-md5: dc+ZQ+c+3nkbo0/zDLx8UQ==
cf-polished: origFmt=png, origSize=13798
content-disposition: inline; filename="ro-onjn-952e36b7-0554-4ae9-9cb7-ee6bf7d19f38.webp"
content-length: 12794
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Dec 2020 10:21:24 GMT
server: cloudflare
etag: "0x8D89A99D9A06A45"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 1371c7b1-701e-0034-3037-2221ca000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d4afab4bd8-BUF

GET
H2 200 18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
cdn.bannerflow.com/resources/ Frame 7C75 1 KB
862 B 155ms
55ms Image
image/svg+xml 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236697ea60459d9dd37a6550a42916ece502faaf3c86f93c26b7a4026aa53bdb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DtBEzXf8HuXNecd90Rx/1w==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
server: cloudflare
etag: W/"0x8D892DCBC244A27"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e6b5fe2f-b01e-0066-3e50-245d22000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
cf-ray: 8399d8d4afac4bd8-BUF

GET
H2 200 612e113cb7697481ec778571.json Show response
c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/ Frame 7C75 10 KB
2 KB 231ms
168ms Fetch
application/json 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/612e113cb7697481ec778571.json?cb=1703263649927
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/read_json_bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ae86938bf8e67835fe0b659b84969ab5a34209809ef0fe89f69a4dd9a8ed07

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:47:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Dec 2023 16:47:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=15, stale-if-error=28800, stale-while-revalidate=28800
cf-ray: 8399d8d48f516aed-BUF
request-context: appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b

GET
H/1.1

200
OK

57333
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705

43 B
548 B

125ms
29ms

Image
image/gif

2600:1f18:ed:550e:3daf:be5a:6a09:50
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705

Requested by

Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:3daf:be5a:6a09:50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 16:47:30 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H3VPjSZHGIrvyBmXRL2fkdwg&rnd=705
Date: Fri, 22 Dec 2023 16:47:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame F137 85 B
481 B 39ms
38ms Document
text/html 108.157.142.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-40.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://mail.sport-tv.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 570706
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Sat, 16 Dec 2023 02:15:44 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront)
x-amz-cf-id: 5anemZu9c1Qi3seyH6mi7-9C-GBPRVa1jDDB4sfPKdUBj4nDmL_m0g==
x-amz-cf-pop: MCI50-P1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame F137 766 B
1 KB 39ms
38ms Script
text/javascript 108.157.142.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-40.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Mon, 18 Dec 2023 19:33:13 GMT
via: 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: MCI50-P1
age: 335658
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: U_XOHsVbRDr-8PtthaRtqV92Z3lgvlMgspgzeLf5xHdBg7x4Ll9TMg==

GET
H2 200 fa4ae94a-9d16-425e-9aad-c7221e0e0abb.png
c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/ Frame 7C75 78 KB
78 KB 53ms
51ms Image
image/png 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/fa4ae94a-9d16-425e-9aad-c7221e0e0abb.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6bed1be9f09306274d3f5a6ce2248c8d10358a11d71d6326c93f2bab795192

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: HIT
content-md5: qkiLXauL4HVpKhIz3HAvSQ==
content-length: 79475
x-ms-lease-status: unlocked
last-modified: Fri, 28 Oct 2022 15:13:40 GMT
server: cloudflare
etag: "0x8DAB8F6FF16B70B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 069b20fc-501e-0032-312e-15d5a4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 8399d8d59f524bd3-BUF

GET
H2 200 gr-ro-payments-1f12deba-1aa8-4734-b3b0-4f1763849aa9.svg
cdn.bannerflow.com/resources/ Frame 7C75 29 KB
9 KB 378ms
376ms Image
image/svg+xml 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/gr-ro-payments-1f12deba-1aa8-4734-b3b0-4f1763849aa9.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540e9bfeee632217d2cceca8714962d8f34dc24ce3314ed6cb3c96604720887b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: G7noNm/O1llqyABWKgk6Nw==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
server: cloudflare
etag: W/"0x8D89A9A12C2FB49"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 692e102a-201e-0016-74b9-27e4d5000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
cf-ray: 8399d8d598124bd8-BUF

GET
H2 200 gb-middlesbrough-74ebeaf1-0581-479c-889b-c68d39ab710d.svg
cdn.bannerflow.com/resources/ Frame 7C75 50 KB
18 KB 384ms
382ms Image
image/svg+xml 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/gb-middlesbrough-74ebeaf1-0581-479c-889b-c68d39ab710d.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dd5d340ec7e64fcc573ac7f81160dc6f9dd4285719291735b34a07f39df13a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: TaVKmIH2e6mJ8K/jjYWZ2w==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 07 Dec 2020 10:24:43 GMT
server: cloudflare
etag: W/"0x8D89A9A5066661A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b615db9f-301e-0035-809a-227e16000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
cf-ray: 8399d8d598134bd8-BUF

GET
H2 200 adcedaf6-ac40-45bf-8d37-1741402f73e3.png
c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/ Frame 7C75 354 KB
355 KB 84ms
83ms Image
image/png 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/adcedaf6-ac40-45bf-8d37-1741402f73e3.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d1dca5113cc9e5b87e3d1af5c3e10a35843b21a87f0b0d25cf3b306faadabc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: HIT
content-md5: IGUrpEtyANO3ugn/AkUncQ==
content-length: 362728
x-ms-lease-status: unlocked
last-modified: Fri, 02 Sep 2022 09:10:03 GMT
server: cloudflare
etag: "0x8DA8CC2EBC244D8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8f7dbdb6-701e-0035-5f82-24b9c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 8399d8d59f544bd3-BUF

GET
H2 200 rangers-fc-dca9b7f7-5e49-411e-9e3a-24553efcc074.png
cdn.bannerflow.com/resources/ Frame 7C75 90 KB
90 KB 166ms
165ms Image
image/webp 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/rangers-fc-dca9b7f7-5e49-411e-9e3a-24553efcc074.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80793479cfea18e1b108efa96e5e44e2b4c57d546c4baa8b4cfa6c26696b412d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: REVALIDATED
content-md5: GAFPInkuTnelYFvXCw0EZg==
cf-polished: origFmt=png, origSize=242067
content-disposition: inline; filename="rangers-fc-dca9b7f7-5e49-411e-9e3a-24553efcc074.webp"
content-length: 91700
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Sep 2022 08:31:27 GMT
server: cloudflare
etag: "0x8DAA1F50064D368"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 370998fc-101e-001d-4ae1-231fbe000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d598144bd8-BUF

GET
H2 200 club-brugge-kv-logo-c66d46ee-5eb1-4667-acb9-58526566ba19.png
cdn.bannerflow.com/resources/ Frame 7C75 98 KB
99 KB 136ms
135ms Image
image/webp 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/club-brugge-kv-logo-c66d46ee-5eb1-4667-acb9-58526566ba19.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d3e8f7a774fb7d5513e0406ee68a08a1c80009977485c561b4ba8587a21bda

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: REVALIDATED
content-md5: 7WoT5DvfdcXKn9ulqF2V+Q==
cf-polished: origFmt=png, origSize=236515
content-disposition: inline; filename="club-brugge-kv-logo-c66d46ee-5eb1-4667-acb9-58526566ba19.webp"
content-length: 100824
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Sep 2022 08:31:28 GMT
server: cloudflare
etag: "0x8DAA1F5014F1172"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 05806e7c-801e-0030-4f37-29accd000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d598154bd8-BUF

GET
H2 200 fc-copenhagen-logo-28120f9a-5258-4f34-ae15-ab26c30f663b.svg
cdn.bannerflow.com/resources/ Frame 7C75 190 KB
140 KB 166ms
166ms Image
image/svg+xml 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/fc-copenhagen-logo-28120f9a-5258-4f34-ae15-ab26c30f663b.svg
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e27d77beab3cd52526b9d1ef6132f2de9a6326015f92ee3964e4329508b852

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: wweupArxwy9NM15VYS1Yfw==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 29 Sep 2022 08:31:31 GMT
server: cloudflare
etag: W/"0x8DAA1F502D61507"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 47b3938a-201e-0006-1244-2221bd000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
cf-ray: 8399d8d598164bd8-BUF

GET
H2 200 royal-charleroi-sporting-club-logo-c78e69fb-781c-4fcc-8b35-974d96a9b9b0.png
cdn.bannerflow.com/resources/ Frame 7C75 45 KB
45 KB 166ms
165ms Image
image/webp 2606:4700::6811:7ff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannerflow.com/resources/royal-charleroi-sporting-club-logo-c78e69fb-781c-4fcc-8b35-974d96a9b9b0.png
Requested by: Host: welcome.unibet.ro
URL: https://welcome.unibet.ro/ro/aff/casino-online/casino-celebration-2023/index.html?mktid=1:81744203:13832455-37605&btag=81744203_B2E06D2B58654AA4A6D903CA482D6CCE&bid=37605&campaignId=1105051&pid=13832455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7ff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffced602d84b8965187daca69af51436ff00129760fa07332dc840a81dc485a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Dec 2023 16:47:30 GMT
cf-cache-status: REVALIDATED
content-md5: /YNWtFeMNVsULU3br8hJOg==
cf-polished: origFmt=png, origSize=98425
content-disposition: inline; filename="royal-charleroi-sporting-club-logo-c78e69fb-781c-4fcc-8b35-974d96a9b9b0.webp"
content-length: 46188
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Sep 2022 08:31:30 GMT
server: cloudflare
etag: "0x8DAA1F502570C65"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 270d1c19-f01e-0077-47bc-1cc796000000
cache-control: public,max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8399d8d598174bd8-BUF

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H3VPjSZHGIrvyBmXRL2fkdwg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=H3VPjSZHGIrvyBmXRL2fkdwg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=8ee9f8c31814af33713c255137802f71

43 B
999 B

30ms
30ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=8ee9f8c31814af33713c255137802f71
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 16:47:30 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=8ee9f8c31814af33713c255137802f71
cache-control: no-cache
x-server: 10.40.9.1
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 763 B
1 KB 70ms
69ms Script
application/javascript 3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: fd16b9b7e50ab63e9df199b984be7ce8e3e4b381e177cfeeb4edd3ef6766540b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Fri, 22 Dec 2023 16:47:31 GMT
Content-Length: 763
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjVRZ1h1c0NCYzhpMkpXTkRrWjRrRlJhZjZqMHowS0k0V1FXeEMwZ1k4eEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjVRZ1h1c0NCYzhpMkpXTkRrWjRrRlJhZjZqMHowS0k0V1FXeEMwZ1k4eEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ8Mdym8_Z5dvZiq1cp6sTs&google_cver=1

70 B
440 B

44ms
44ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ8Mdym8_Z5dvZiq1cp6sTs&google_cver=1
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 22 Dec 2023 16:47:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ8Mdym8_Z5dvZiq1cp6sTs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-27pu2NhE2pV2jIV5xknlTf30mEo.yJr07EY-~A

70 B
440 B

37ms
37ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-27pu2NhE2pV2jIV5xknlTf30mEo.yJr07EY-~A
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 22 Dec 2023 16:47:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-27pu2NhE2pV2jIV5xknlTf30mEo.yJr07EY-~A
date: Fri, 22 Dec 2023 16:47:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZYW9owAIxbXhbgAM
https://ps.eyeota.net/match?uid=ZYW9owAIxbXhbgAM&bid=0rijhbu&referrer_pid=51md42u&_test=ZYW9owAIxbXhbgAM

70 B
440 B

53ms
53ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZYW9owAIxbXhbgAM&bid=0rijhbu&referrer_pid=51md42u&_test=ZYW9owAIxbXhbgAM
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 22 Dec 2023 16:47:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-yyz4549-YYZ
pragma: no-cache
date: Fri, 22 Dec 2023 16:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703263651.231334,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZYW9owAIxbXhbgAM&bid=0rijhbu&referrer_pid=51md42u&_test=ZYW9owAIxbXhbgAM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=8519367046122621226&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

40ms
40ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8519367046122621226&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: mail.sport-tv.vip
URL: https://mail.sport-tv.vip/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.sport-tv.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 22 Dec 2023 16:47:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 16:47:31 GMT
an-x-request-uuid: e78ca3f8-ffc0-45eb-b82c-2db232b3d288
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=8519367046122621226&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 96.9.249.37; 96.9.249.37; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

2981
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/29537?limit=1&id=2rHk62RNc8Uhgm_-6kRj2Ie-VKWjEl798lWaGW9nuWQc
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=Wk0yaS9Dd005OTlmK0dQaw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=Wk0yaS9Dd005OTlmK0dQaw%3D%3D&google_tc=
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEKFJhSsM-lZ3FDrg__Titx4&google_cver=1

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/widget/tv-online.php

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/meciuri.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/tvonlinex.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/orangesport1.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/orangesport2.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/orangesport3.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/orangesport4.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/eurosport.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/eurosport2.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/primasport1.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/primasport2.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/primasport3.png

Domain: www.tvs-widget.com
URL: https://www.tvs-widget.com/photos/primasport4.png

Domain: www.tv-sport-hd.com
URL: http://www.tv-sport-hd.com/404.shtml

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fpages%2FMeciuri-si-TV-pe-Net%2F530484173643269%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fmail.sport-tv.vip%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19713.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010575894&__s=%3A%3Aeu0wu0&__hsi=7315461652259347667&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__hs=19713.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7315461652259347667&__req=3&__rev=1010575894&__s=%3A%3Aeu0wu0&__sp=1&__user=0&dpr=1&jazoest=21838&lsd=5rcgdJ9EoI6LHLmElsD3Fu

Domain: www.unibet.ro
URL: https://www.unibet.ro/

Domain: tags.bluekai.com
URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEKFJhSsM-lZ3FDrg__Titx4&google_cver=1

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 17:50:55	Name: _li_ss Value: ChMKBgjdARDlFgoJCP____8HEO8W
i6.liadm.com/s	1970-01-20 17:50:55	Name: _li_ss Value: CgA
.earn.dynamicapl.com/	1970-01-20 17:07:45	Name: __cf_bm Value: PaUQY2Mc_ZWbpaxhj78FFFeKcWMBcbTnjbYcIA3OiOI-1703263645-1-AelHpAcq40O+GNQxEN+vcF2hD3gALQR+zpkwnIdUU47O59q64AD0e3Ww7X+DEUP2Qn0/Or3Qs3NzidL4qpeCjRs=
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstCfa4609060 Value: 1703263645674
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstCla4609060 Value: 1703263645674
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstCmu4609060 Value: 1703263645674
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstPn4609060 Value: 1
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstPt4609060 Value: 1
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstCnv4609060 Value: 1
mail.sport-tv.vip/	1970-01-21 01:53:19	Name: HstCns4609060 Value: 1
.sport-tv.vip/	1970-01-21 02:43:43	Name: _ga_YG7EZNRMPY Value: GS1.1.1703263645.1.0.1703263645.0.0.0
.sport-tv.vip/	1970-01-21 02:43:43	Name: _ga Value: GA1.2.1937431057.1703263646
.sport-tv.vip/	1970-01-20 17:09:10	Name: _gid Value: GA1.2.1925247815.1703263646
.sport-tv.vip/	1970-01-20 17:07:43	Name: _gat_gtag_UA_52778325_1 Value: 1
.sport-tv.vip/	1970-01-20 19:17:19	Name: _fbp Value: fb.1.1703263645892.822017834
.dtscout.com/	1970-01-20 17:07:48	Name: m Value: 1
.dtscout.com/	1970-01-20 17:07:47	Name: st Value: 1
.dtscout.com/	1970-01-20 17:07:58	Name: oa Value: 1
.dtscout.com/	1970-01-20 19:31:43	Name: df Value: 1703263645
.dtscout.com/	1970-01-20 19:15:53	Name: l Value: 10401703263645F6BF8F2F876F281F13
.betano.com/	1970-01-20 17:07:45	Name: __cf_bm Value: pKGgU7zLmClZ3brpcqsHXgce4.jQsgEGdEdSkyshiXQ-1703263646-1-AXhpBD0fjHAwzHl9aldpUaaxgLwNeGeuZmqU8UXSK/RHkr+zVGjkMih1TanzZNYB5AoJH+4iUnU5XQytSqj1je0=
.sharethis.com/	1970-01-21 01:54:46	Name: __stid Value: ZGcABmWFvZ4AAAAIJU0NAw==
.sharethis.com/	1970-01-21 01:54:46	Name: __stidv Value: 2
.sport-tv.vip/	1970-01-20 19:13:00	Name: __dtsu Value: 10401703263645F6BF8F2F876F281F13
.sport-tv.vip/	1970-01-20 17:07:43	Name: lotame_domain_check Value: sport-tv.vip
.tynt.com/	1970-01-21 01:53:19	Name: uid Value: CoIKSGWFvZ5GK2xuBt5vAg==
.dtscdn.com/	1970-01-20 21:25:29	Name: uid Value: 10401703263645F6BF8F2F876F281F13
.t.sharethis.com/	1970-01-20 17:27:53	Name: pxcelPage_default_c010_C Value: 1_0_1703263646467
.tynt.com/	1970-01-20 19:17:19	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1703263646463%7D%5D
.33across.com/	1970-01-21 01:53:19	Name: 33x_ps Value: u%3D212391266692695%3As1%3D1703263646588%3Ats%3D1703263646588
.onaudience.com/	1970-01-21 01:53:19	Name: cookie Value: acf30e4b95cf9e05
.onaudience.com/	1970-01-20 17:09:10	Name: done_redirects109 Value: 1
.ml314.com/	1970-01-21 01:54:46	Name: pi Value: 3640816194143387672
.adsrvr.org/	1970-01-21 01:54:46	Name: TDID Value: a0daaaae-bed0-49d4-bb25-be6e5d9b8cd8
.tapad.com/	1970-01-20 18:34:07	Name: TapAd_TS Value: 1703263646597
.tapad.com/	1970-01-20 18:34:07	Name: TapAd_DID Value: cc0439ff-3cc1-41cc-ad65-1bb6dfaa2501
.go.affec.tv/	1970-01-21 01:53:19	Name: ck Value: 6585bd9e68ac570001f82913
.go.affec.tv/	1970-01-21 01:53:19	Name: oo Value: 1
.eyeota.net/	1970-01-21 01:54:46	Name: mako_uid Value: 18c926cb3ab-77af0000010a57e2
.rlcdn.com/	1970-01-21 01:53:19	Name: rlas3 Value: rj3WWlm0baFNxRiwYWEzweBf0DcfO/+YyWUgJi6RGFk=
.rlcdn.com/	1970-01-20 18:34:07	Name: pxrc Value: CJ77lqwGEgUI204QAA==
.eyeota.net/	1970-01-20 17:07:44	Name: SERVERID Value: 22498~DM
.linkedin.com/	1970-01-20 19:17:19	Name: li_sugr Value: aa04c6a3-3fcd-4fc2-89c9-fa1f06072a51
.linkedin.com/	1970-01-21 01:53:19	Name: bcookie Value: "v=2&9a4db5c0-bd2f-4a48-8bdd-958ac5ba6742"
.linkedin.com/	1970-01-20 17:09:10	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3093:u=1:x=1:i=1703263646:t=1703350046:v=2:sig=AQHNd0Ar1kXPZck8pwQ7WNWfdmzQFyQR"
.adnxs.com/	1970-01-20 19:17:19	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVNl^-X2!]tbP6j2F-XstGt!@DtT$wZge
.tapad.com/	1970-01-20 18:34:07	Name: TapAd_3WAY_SYNCS Value: 1!8560
.adnxs.com/	1970-01-20 19:17:19	Name: uuid2 Value: 8519367046122621226
.trickyrock.com/	1970-01-21 02:43:43	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a13832455%2c%22BID%22%3a37605%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1703263646711)%5c%2f%22%2c%22CookieTag%22%3a%22376051383245511%3a%3a401%3a2%3a8cff%3a2062C202312221647%22%7d%5d
.pippio.com/	1970-01-21 01:53:19	Name: did Value: oxVeodhEzNXdY2JT
.pippio.com/	1970-01-21 01:53:19	Name: didts Value: 1703263646
.pippio.com/	1970-01-20 18:34:07	Name: nnls Value:
.pippio.com/	1970-01-20 18:34:07	Name: pxrc Value: CJ77lqwGEgYIgr0rEAA=
.adsrvr.org/	1970-01-21 01:54:46	Name: TDCPM Value: CAEYASABKAIyCwjo5KyRjcbBPBAFOAFaB21zc20xMTVgAg..
.lijit.com/	1970-01-21 01:53:19	Name: ljt_reader Value: H3VPjSZHGIrvyBmXRL2fkdwg
.go.affec.tv/	1970-01-21 01:53:19	Name: pt Value: eyJhbiI6eyJkdCI6MTcwMzI2MzY0NiwiaWQiOiI4NTE5MzY3MDQ2MTIyNjIxMjI2IiwibHMiOjE3MDMyNjM2NDZ9LCJ0dCI6eyJkdCI6MTcwMzI2MzY0NiwiaWQiOiJDb0lLU0dXRnZaNUdLMnh1QnQ1dkFnPT0iLCJscyI6MTcwMzI2MzY0Nn0sInRkIjp7ImR0IjoxNzAzMjYzNjQ2LCJpZCI6ImEwZGFhYWFlLWJlZDAtNDlkNC1iYjI1LWJlNmU1ZDliOGNkOCIsImxzIjoxNzAzMjYzNjQ2fSwidiI6MH0=\|1703263646\|59ce72e680d0d8bb9d67f980240b9a5b100073bd
.bluekai.com/	1970-01-20 21:26:55	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:31:14	Name: bku Value: +rQ99Jb2CVDdBs/i
.bluekai.com/	1970-01-20 21:31:14	Name: bkpa Value: KJ0XMLavHYWRCjdZF6+cdKzb+oYyhvCaryCZ/81J0+Vbb1d+2KBsiIQOjFA5prWfCNWGcKSqIUuXfRk1okS7Bjzw1rD56J64GgNgglTfcbtN2FcoCEdqn69cbc8f/qy+R47cSy56ZVQ5QOSAOIZJMUpoiU/jncTtAwb0oTakSGOIud+W1YsPjCJHvj93do0/Uw95bQO62lIN2u3Ve59CW6py3jjV01hEBd3AAuL+FQz9pHCQQy==
.krxd.net/	1970-01-20 21:26:55	Name: _kuid_ Value: P_Yh_Ibz
.www.unibet.ro/	1969-12-31 23:59:59	Name: clientId Value: polopoly_desktop
.intentiq.com/	1970-01-21 02:43:43	Name: IQver Value: 1.9
.liadm.com/	1970-01-21 02:43:43	Name: lidid Value: 07694db5-4221-4aba-9cce-fed136af8f86
st.chatango.com/	1970-01-21 01:53:19	Name: session_id Value: 6538193350332069
.unibet.ro/	1970-01-20 17:50:55	Name: btag Value: 81744203_B2E06D2B58654AA4A6D903CA482D6CCE
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 33
.simpli.fi/	1970-01-21 01:54:46	Name: suid Value: E36DE4DFEB69467CAECC7C6D71982F55
.lijit.com/	1970-01-21 01:53:19	Name: _ljtrtb_2 Value: E36DE4DFEB69467CAECC7C6D71982F55
.a1s.unibet.com/	1969-12-31 23:59:59	Name: clientId Value: polopoly_desktop
.a1s-cdn.unibet.com/	1969-12-31 23:59:59	Name: clientId Value: polopoly_desktop

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://connect.facebook.net/signals/config/1003523476488315?v=2.9.138&r=stable&domain=mail.sport-tv.vip(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://promos-ro.betano.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security	error	URL: https://mail.sport-tv.vip/Sport.php Message: Mixed Content: The page at 'https://mail.sport-tv.vip/' was loaded over HTTPS, but requested an insecure font 'http://www.tv-sport-hd.com/404.shtml'. This request has been blocked; the content must be served over HTTPS.
rendering	warning	URL: https://st.chatango.com/h5/gz/r1214231145/id.html(Line 4) Message: The key "target-densitydpi" is not supported.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://mail.sport-tv.vip/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H3VPjSZHGIrvyBmXRL2fkdwg' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1s-cdn.unibet.com
a1s.unibet.com
ajax.googleapis.com
ap.lijit.com
api.intentiq.com
b1.trickyrock.com
bcp.crwdcntrl.net
beacon.krxd.net
bit.ly
c.bannerflow.net
cdn.bannerflow.com
cdn.taboola.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
data-beacons.s-onetag.com
de.tynt.com
dis.criteo.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
earn.dynamicapl.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
mail.sport-tv.vip
map.go.affec.tv
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.tapad.com
promos-ro.betano.com
ps.eyeota.net
px.ads.linkedin.com
s10.histats.com
s4.histats.com
scontent-ord5-1.xx.fbcdn.net
scontent-ord5-2.xx.fbcdn.net
secure.adnxs.com
st.chatango.com
stags.bluekai.com
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tags.tiqcdn.com
track2.securedvisit.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
ust.chatango.com
welcome.unibet.ro
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tv-sport-hd.com
www.tvs-widget.com
www.unibet.ro
tags.bluekai.com
www.facebook.com
www.tv-sport-hd.com
www.tvs-widget.com
www.unibet.ro
107.178.254.65
107.21.239.57
108.157.142.40
108.157.142.99
108.157.150.20
108.157.150.51
141.94.170.64
142.251.40.130
149.56.240.132
15.197.193.217
151.101.1.44
151.101.130.49
172.64.153.173
18.173.132.65
18.213.232.194
208.93.230.22
208.93.230.28
23.196.3.185
23.47.69.85
23.7.64.229
2600:1f18:ed:550e:3daf:be5a:6a09:50
2600:9000:2511:9600:7:2bfb:7c00:93a1
2606:4700:10::6814:5063
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2606:4700:3035::6815:432f
2606:4700:4400::ac40:9098
2606:4700::6811:5459
2606:4700::6811:7ff9
2606:4700::6811:ca6e
2606:4700::6812:dc0
2606:4700:e2::ac40:8d0d
2607:f8b0:4006:809::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:824::200a
2620:100:a001::c
2620:1ec:21::14
2620:1ec:46::40
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.135.156.190
3.18.123.179
3.230.62.22
34.111.113.62
34.117.77.79
34.200.65.202
34.206.6.177
34.225.230.9
34.232.58.254
35.236.220.17
35.244.154.8
52.204.77.239
63.251.86.50
63.251.86.51
67.199.248.11
67.202.105.21
67.202.105.22
67.202.105.34
68.67.179.166
74.119.119.150
85.184.96.0
85.184.96.5
00fd6601121fa4380ad28e159b3a2586711087cd44163ec14cfb19f8eb0d6db6
0699ec87a5948593704673dd827854964f845df3971d277cfb1dc9322a4d7faf
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16af53394458327a598a592eb56110a80b46194af28d6a70a7b904d9237300d6
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb
1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451
230c606098a56269e556cfdb000c7097f75403003a3282447dc17ecf4094c3f5
236697ea60459d9dd37a6550a42916ece502faaf3c86f93c26b7a4026aa53bdb
240d108ebefb8c0aa34036600fb93ad4400781817fff1aeefed81fb6cd4817e3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ab87682329bb2c0b38b25123b65299da006f3b65ddc4ada66e28f9b2b832793
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
323e94b4a6a0b33de9b79d4dac91274635e005ba31335ac6f961af518f976ffe
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3a00c24c97c8483eed0dfb3f812c87cb481b0ddcc6cb6adede296d439acc662b
3bf9e6cdb08b3099d2dcdaff48c97a7c884ce41f8cf4d8f6b496ffd64384b769
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
43a048f3a43181f9ca7fb097a6fb984f9ac2264742b420cb0e5b52bc33cf41df
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
46d3e8f7a774fb7d5513e0406ee68a08a1c80009977485c561b4ba8587a21bda
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6
4c9d9b55a254e35c6325e2b0be5c09a7f4d77a08791586ccb1f5970443072a51
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5131f6c3a378032ad46de09d43ab368359ba8714149ee4253bbbf021cd5fd022
5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53c3bdb58b5a0a6dd9beaf47519f3dc9d4aec7679918f0e4464157ad0567af2f
540e9bfeee632217d2cceca8714962d8f34dc24ce3314ed6cb3c96604720887b
592176957abcdb14353764f43c99f072a6d112070bb335d0c6e4e543d8c60c5b
5b83ceb47a0b89d08eccd8be3663b0897d3c91235ea47233e8e1941bc690888c
5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2
5ddcbca058fdf99192e6c0177a677462455d00b53b6ba023f7661553b5d8ae8d
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65b32ccf7cf28f4e29b61c25a82b3e16e8e127ffbde237a32df142339d63ac5d
65e27d77beab3cd52526b9d1ef6132f2de9a6326015f92ee3964e4329508b852
6a5dbfd1b2b8f1f74739822d78af533b96abb1d134f1d0e28b2e1c3879a52699
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339
6e42d91a876123b154adafbc94a57c3e5522b7c046e342c5a3c532e189d30a58
70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf
71795cdb68df36498d1ca7b7fae677b451a690366881a50f5b951d3586404d7d
7422e83450cc78f8d671deafb63a716e689b043c8c1fc4e2d54b4f786132e8f4
758ddcbcbe402aaf16d21ab756daa63b3353b2abf619ca1873a4b6c6b5ac53cf
79adf63f3ea7297f58ee59ccebe8b1e3baf7516ab941fbed63f16151b2309042
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7edd6449a4be5372d0ea121f65559df228165a21cd3da2697494d7b05a6f4c2b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7f2fe85af3a173bcf250c50eeba7856335015011c7f128242333cecb9e66b347
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
80793479cfea18e1b108efa96e5e44e2b4c57d546c4baa8b4cfa6c26696b412d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
866d748a6a8949bc33e6ec79768696000fedc9b03a2dc04a18293948166f65c4
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8954c81ed7f95b918f07b8ea817b285a5d1224a7037939acf4532eea6dd31285
8b27d3197fa7fa6df63a8f752791fb20219a85edd8aa024f819b34f80ae7c4e8
8d155d75ebb10883d2851d0faa6354ea6306b7596305ae874cfe5a77fdb5a85d
8fa6e3388f298ff1ee48a7b3701b60a7887709c593dfdb8d469759666f3d5585
96d1dca5113cc9e5b87e3d1af5c3e10a35843b21a87f0b0d25cf3b306faadabc
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
98ae86938bf8e67835fe0b659b84969ab5a34209809ef0fe89f69a4dd9a8ed07
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
9ea39610c6247c6290719ea8021e3d9f93bcce971f2b29b1b1590a3d79003272
9eed0edd84881bb81d28c62a12a12f8d83fcf22b5ee2c2e275b0a1eff99eb202
a1309a5ec0ca1b482194142cc7a2f243fa5b3022c96cd76e4257e69b20abb242
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
aae77dddad431aa824d65eb39d96962a580c34b81e6505f108248db50ff328da
ab81ab8a69b4b0e1fb397e2311aa8ee984f00296fec1d3a41e6d6c428f36fbea
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b2602f8205b8bcef2bfa66378891916f94d1a9a84f64fe2aa877697ecf68d8
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
b63244b26af2114db45a9757e1e3e632775c3af1abd0c5cd6cb10e47ca31c20d
bb461ad12e6f931815042b57a447b64e8d3a06d1576c1f7c79b9c7e5a42a8b34
bdbca379909a5f57b65b90094901804655f8cd82c05312a754320b7ae30c5187
bf35a33c9a8a912b82a62cffbca0c69a5db72aba6c622b77d471a1428b969dd2
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
c4c6d067ded099cf628e0d45f278536abaf887c2471d670471b5c7113ebf5ebf
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7f9a51391e10cbf3c931abc1b49d365581cc4ae168d7ee5f016debcf99c59a0
ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0
ca6bed1be9f09306274d3f5a6ce2248c8d10358a11d71d6326c93f2bab795192
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbee3eeb82f658468dd25ec921fc6f6407a1a832b95d4a6ff7dc1740bfaf5a3e
cc8eee0cc8abf387721362adf0e4fd700be3c506b8260eff5f5b845a4491c8b1
d1c1dc8088fb3bde5c8ba269e420c674fd307801e64f7d491989ad46f82f096e
d7dd5d340ec7e64fcc573ac7f81160dc6f9dd4285719291735b34a07f39df13a
d8f2a09a56f012d2787db402f80f5448c714c386ba308b95fe6301339aed5c9c
ddfd4b641c5fad5599fe69504e1018bfa6bbd897e53579104a01146492d7aebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5244fd40d97fa9b14dd4028d6bd5e59d282d1af84af788a5e6e7c6110c4387b
eac36362258f5e84353339374dbd3a71b7cb4217e6c03aedd5247a8cf98ecd98
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cf462291bc8bdcbbc4e45f4b0471d6f5bac8b81d2fab2306e6a3954f4d6ba0
f2d263177e85acbbefbafc2111672469cfe33d4498f8e7cb9e83ab52e7e16273
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
faa794a89e62615a9c008915dfa69a6534a0c06fecf07c7f55d0c5f180fa9e2a
fbfbc1f6c8c6c4b63320a93c994ad6ac9de3bbcdd0ad1dacc9ba38e5c2679615
fd16b9b7e50ab63e9df199b984be7ce8e3e4b381e177cfeeb4edd3ef6766540b
fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b
ffced602d84b8965187daca69af51436ff00129760fa07332dc840a81dc485a9

mail.sport-tv.vip Open in urlscan Pro 2606:4700:3035::6815:432f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

173 Requests

76 %HTTPS

36 %IPv6

52 Domains

75 Subdomains

52 IPs

4 Countries

2939 kBTransfer

6828 kBSize

72 Cookies

6 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.sport-tv.vip Open in urlscan Pro
2606:4700:3035::6815:432f Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

76 %
HTTPS

36 %
IPv6

52
Domains

75
Subdomains

52
IPs

4
Countries

2939 kB
Transfer

6828 kB
Size

72
Cookies

173 HTTP transactions
0 data transactions