www.redditmlbstream.ml Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Submission Tags: falconsandbox
Submission: On March 13 via api (March 13th 2021, 5:45:42 am UTC) from US

Summary HTTP 242 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 35 domains to perform 242 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.redditmlbstream.ml.

This is the only time www.redditmlbstream.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2009	15169 (GOOGLE) (GOOGLE)
3	208.93.230.24 208.93.230.24	29893 (CHATANGO) (CHATANGO)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:a479	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.0.123.31 37.0.123.31	198310 (PALLADA-AS) (PALLADA-AS)
2	81.171.10.215 81.171.10.215	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::6815:2798	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3035::6815:3fc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.99.13.63 192.99.13.63	16276 (OVH) (OVH)
6	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:303... 2606:4700:3032::ac43:d035	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
16 16	67.202.114.216 67.202.114.216	32748 (STEADFAST) (STEADFAST)
16	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
17	77.83.117.17 77.83.117.17	30860 (YURTEH-AS) (YURTEH-AS)
1	162.252.213.208 162.252.213.208	53334 (TUT-AS) (TUT-AS)
8	2606:4700:e6:... 2606:4700:e6::ac40:ce0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
8	213.196.2.1 213.196.2.1	7979 (SERVERS-COM) (SERVERS-COM)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
8	213.196.5.1 213.196.5.1	7979 (SERVERS-COM) (SERVERS-COM)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
242	43

8 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.redditmlbstream.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.93.230.24 (United States)

ASN29893 (CHATANGO, US)

st.chatango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:a479 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.0.123.31 (Russian Federation)

ASN198310 (PALLADA-AS, RU)
PTR: moe.mhx24.to

extrafreetv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.171.10.215 (Nijverdal, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

deloplen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

masontotally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
barefootedenvy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2798 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newdmn.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::6815:3fc6 (United States)

ASN13335 (CLOUDFLARENET, US)

lowend.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.13.63 (Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

fworx4kprbnb.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

fworx4kprbnb.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

fworx4kprbnb.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3032::ac43:d035 (United States)

ASN13335 (CLOUDFLARENET, US)

foxcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 67.202.114.216 (United States) 16 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 77.83.117.17 (Russian Federation)

ASN30860 (YURTEH-AS, UA)

e10.espncdn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.252.213.208 (United States)

ASN53334 (TUT-AS, US)

betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e6::ac40:ce0b (United States)

ASN13335 (CLOUDFLARENET, US)

pianistrefutationgoose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.196.2.1 (Netherlands)

ASN7979 (SERVERS-COM, US)

r.remarketingpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.196.5.1 (Netherlands)

ASN7979 (SERVERS-COM, US)

payingnoodlescam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	amung.us 16 redirects whos.amung.us widgets.amung.us	27 KB
23	foxcdn.me foxcdn.me	33 KB
17	espncdn.xyz e10.espncdn.xyz	18 KB
16	jsdelivr.net cdn.jsdelivr.net	1 MB
14	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re fworx4kprbnb.l4.adsco.re fworx4kprbnb.n4.adsco.re fworx4kprbnb.s4.adsco.re	46 KB
9	google-analytics.com www.google-analytics.com	167 KB
8	payingnoodlescam.com payingnoodlescam.com	3 KB
8	remarketingpixel.com r.remarketingpixel.com	3 KB
8	pianistrefutationgoose.com pianistrefutationgoose.com	108 KB
8	barefootedenvy.com barefootedenvy.com	138 KB
8	googletagmanager.com www.googletagmanager.com	312 KB
8	cloudflare.com cdnjs.cloudflare.com	218 KB
8	lowend.xyz lowend.xyz	43 KB
8	redditmlbstream.ml www.redditmlbstream.ml	250 KB
5	google.com apis.google.com google.com Failed	150 KB
5	blogger.com www.blogger.com	64 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	gstatic.com fonts.gstatic.com	23 KB
3	chatango.com st.chatango.com	243 KB
2	taboola.com cdn.taboola.com	127 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	betteradsystem.com www.betteradsystem.com betteradsystem.com	10 KB
2	facebook.net connect.facebook.net	62 KB
2	deloplen.com deloplen.com	22 KB
2	extrafreetv.com extrafreetv.com	3 KB
2	acscdn.com acscdn.com	21 KB
2	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com	22 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	78 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	newdmn.icu 1 redirects newdmn.icu	651 B
1	onclickgenius.com onclickgenius.com	132 B
1	masontotally.com masontotally.com
1	ufpcdn.com ufpcdn.com	2 KB
1	googlesyndication.com pagead2.googlesyndication.com	658 B
1	blogblog.com resources.blogblog.com	833 B
242	35

	Domain	Requested by
23	foxcdn.me	lowend.xyz
17	e10.espncdn.xyz	cdn.jsdelivr.net
16	widgets.amung.us	lowend.xyz
16	whos.amung.us	16 redirects
16	cdn.jsdelivr.net	lowend.xyz
9	www.google-analytics.com	www.googletagmanager.com st.chatango.com
8	payingnoodlescam.com	www.redditmlbstream.ml
8	r.remarketingpixel.com	pianistrefutationgoose.com
8	pianistrefutationgoose.com	barefootedenvy.com
8	barefootedenvy.com	lowend.xyz
8	www.googletagmanager.com	lowend.xyz
8	cdnjs.cloudflare.com	lowend.xyz
8	lowend.xyz	extrafreetv.com lowend.xyz
8	www.redditmlbstream.ml	www.redditmlbstream.ml ajax.googleapis.com
5	apis.google.com	www.redditmlbstream.ml apis.google.com www.blogger.com
5	www.blogger.com	www.redditmlbstream.ml apis.google.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com st.chatango.com
3	4.adsco.re	extrafreetv.com c.adsco.re
3	6.adsco.re	extrafreetv.com c.adsco.re
3	c.adsco.re	www.betteradsystem.com c.adsco.re
3	fonts.gstatic.com	fonts.googleapis.com
3	st.chatango.com	www.redditmlbstream.ml st.chatango.com
2	cdn.taboola.com	st.chatango.com cdn.taboola.com
2	adsco.re	c.adsco.re
2	connect.facebook.net	www.redditmlbstream.ml connect.facebook.net
2	deloplen.com	www.redditmlbstream.ml deloplen.com
2	extrafreetv.com	www.redditmlbstream.ml extrafreetv.com
2	acscdn.com	www.redditmlbstream.ml
2	maxcdn.bootstrapcdn.com	www.redditmlbstream.ml maxcdn.bootstrapcdn.com
1	betteradsystem.com	www.betteradsystem.com
1	3.bp.blogspot.com	www.redditmlbstream.ml
1	fworx4kprbnb.s4.adsco.re	c.adsco.re
1	fworx4kprbnb.n4.adsco.re	c.adsco.re
1	fworx4kprbnb.l4.adsco.re	c.adsco.re
1	s4.histats.com	s10.histats.com
1	newdmn.icu	1 redirects
1	onclickgenius.com	www.redditmlbstream.ml
1	s10.histats.com	extrafreetv.com
1	www.betteradsystem.com	extrafreetv.com
1	masontotally.com	extrafreetv.com
1	ufpcdn.com	www.redditmlbstream.ml
1	pagead2.googlesyndication.com	www.redditmlbstream.ml
1	resources.blogblog.com	www.redditmlbstream.ml
1	1.bp.blogspot.com	www.redditmlbstream.ml
1	ajax.googleapis.com	www.redditmlbstream.ml
1	fonts.googleapis.com	www.redditmlbstream.ml
0	google.com Failed	cdn.jsdelivr.net
242	47

This site contains links to these domains. Also see Links.

Domain
www.freesportsforall.ml
facebook.com
twitter.com
instagram.com
pinterest.com
www.blogger.com
www.themexpose.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
1285643437.rsc.cdn77.org R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-06` - `2021-12-05`	a year	crt.sh
histats.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.n4.adsco.re R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.s4.adsco.re R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.chatango.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-07` - `2022-07-06`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
barefootedenvy.com R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.espncdn.me R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
r.remarketingpixel.com R3	`2021-03-05` - `2021-06-03`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
payingnoodlescam.com R3	`2021-01-27` - `2021-04-27`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Frame ID: ED954A49E54DF8C812E0C34251A6FCFB
Requests: 34 HTTP requests in this frame

Frame: http://extrafreetv.com/embed3/ncaabball23/1.php
Frame ID: 61E3E1DA83C55E3FD4FA152AA940758E
Requests: 16 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 27215CE49A863492EA53506CB597E106
Requests: 1 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: 6FC8963D5B13501DC23AE52A687B1456
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4623367801006963515&blogName=Reddit+MLB+Streams&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.redditmlbstream.ml/search&blogLocale=en&v=2&homepageUrl=http://www.redditmlbstream.ml/&targetPostID=1737399779813090566&blogPostOrPageUrl=http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html&vt=-6089690439908004536&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 7D8E1EBEB8E4AB2A0539539B68B53A30
Requests: 3 HTTP requests in this frame

Frame: http://extrafreetv.com/embed/live.php?98482
Frame ID: 6D9FC9A471F4E07370D8585B40294B42
Requests: 1 HTTP requests in this frame

Frame: https://lowend.xyz/stream/2/98482.html
Frame ID: 1F13C68F0E4BFD1A550AA24B3A75568C
Requests: 166 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 319746298F0519811A715F452260089D
Requests: 6 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0307212205/id.html
Frame ID: 218141ADB49EE8C5267DC16B32400574
Requests: 6 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: C7EFA24DFD29659C0ADFD57C03BEFD3D
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: BA2E8F43D10D07B5D59947523D250833
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 05FAAA459D384439A4D8FB165B9C5B1D
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 68C6DF028E95D8C9C4C9A7CB99D4EDDB
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 2D132CB2D4EEBDA481B4DEF01455CAA6
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 170B4D97C963161099F0D5FFE3CCD05D
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 53C6A26AC58021312F945CC6C5EBA0B3
Requests: 1 HTTP requests in this frame

Frame: https://foxcdn.me/espnlo.htm
Frame ID: 912576B4464004853C615C539CB9A0E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

242
Requests

71 %
HTTPS

59 %
IPv6

35
Domains

47
Subdomains

43
IPs

8
Countries

3413 kB
Transfer

11433 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freesportsforall.ml/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.freesportsforall.ml/p/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.freesportsforall.ml/p/disclaimer.html
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.freesportsforall.ml/p/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://pinterest.com/

Search URL Search Domain Scan URL

URL: http://www.freesportsforall.ml/search/label/mlb
Title: MLB

Search URL Search Domain Scan URL

URL: http://www.freesportsforall.ml/search/label/nhl
Title: NHL

Search URL Search Domain Scan URL

URL: http://www.freesportsforall.ml/search/label/nba
Title: NBA

Search URL Search Domain Scan URL

URL: http://www.freesportsforall.ml/search/label/nfl
Title: NFL

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.themexpose.com/
Title: ThemeXpose

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 38

https://newdmn.icu/stream/98482.html HTTP 301
https://lowend.xyz/stream/98482.html

Request Chain 64

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 78

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614326000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 85

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2Fwww.redditmlbstream.ml%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2Fwww.redditmlbstream.ml%2F&cs_ak_ss=1

Request Chain 94

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 105

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614328000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 116

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 127

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614329000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 138

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 149

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614331000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 160

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 171

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614332000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 182

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 193

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614334000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 204

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 215

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614335000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 226

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

Request Chain 237

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614337000 HTTP 307
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

242 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request wisconsin-badgers-iowa-hawkeyes_12.html Show response
www.redditmlbstream.ml/2021/03/ 315 KB
62 KB 224ms
156ms Document
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e40adafa1cf6401bb29abb9f82d6f799466e2d9027eba2878545fff134a2721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.redditmlbstream.ml
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Sat, 13 Mar 2021 05:45:24 GMT
Date: Sat, 13 Mar 2021 05:45:24 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
ETag: W/"a65138fc985ace5790069f9842acb19fe7fbde48e3b9eab8334ad7183329aa7e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 63145
Server: GSE

GET
H2 200 3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 22:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 17:18:20 GMT
server: sffe
age: 27607
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7982
x-xss-protection: 0
expires: Sat, 12 Mar 2022 22:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
633 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 04:04:46 GMT
server: ESF
date: Sat, 13 Mar 2021 05:45:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
8 KB 16ms
10ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 722, 617
Age: 209871
Transfer-Encoding: chunked
CDN-CachedAt: 2021-03-10 20:26:25
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74908000005f1cda48000000001
timing-allow-origin: *
access-control-allow-origin: *
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 9ea34949095d43cdb6f22ce94bc7b665
CF-RAY: 62f2f4bb480605f1-FRA
CDN-RequestCountryCode: DE
CDN-RequestPullSuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8596
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 03:22:09 GMT

GET
H2 200 freesportsforall-logo.png
1.bp.blogspot.com/-CL-Zyr9ly0I/XjBFpQ3FcUI/AAAAAAAAAhs/qO-aNcyyQQgDbEx799CFPwkolucT6HB7gCK4BGAYYCw/s1600/ 18 KB
18 KB 21ms
19ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-CL-Zyr9ly0I/XjBFpQ3FcUI/AAAAAAAAAhs/qO-aNcyyQQgDbEx799CFPwkolucT6HB7gCK4BGAYYCw/s1600/freesportsforall-logo.png

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4b63f22ab3c00ed2f0b7e1ee570ca119b2c1a0f9b29b64341c9cb6374478c648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="freesportsforall-logo.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18312
x-xss-protection: 0
server: fife
etag: "v21c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Mar 2021 20:52:22 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
833 B 26ms
6ms Image
image/png 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 14:42:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 19:10:08 GMT
server: sffe
age: 226949
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 17 Mar 2021 14:42:56 GMT

GET
H/1.1 200
OK emb.js Show response
st.chatango.com/js/gz/ 68 KB
24 KB 358ms
338ms Script
application/x-javascript 208.93.230.24
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: http://st.chatango.com/js/gz/emb.js
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 208.93.230.24 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 87a0e0459fbdf0138f2a86315b6719df1d34bf27ceb48cc4d3894b6b9ffac715

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 06:09:51 GMT
Server: nginx
ETag: "6045bfaf-5cdf"
Content-Type: application/x-javascript
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23775
Expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
665 B 134ms
120ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4623367801006963515&zx=4d0096e8-ae00-4c6a-980a-4c7de3594329

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Mar 2021 05:45:25 GMT
server: GSE
date: Sat, 13 Mar 2021 05:45:25 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wisconsin-badgers-iowa-hawkeyes_12.html
www.redditmlbstream.ml/2021/03/ 54 KB
54 KB 153ms
148ms Image
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: GSE
ETag: W/"a65138fc985ace5790069f9842acb19fe7fbde48e3b9eab8334ad7183329aa7e"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 63145
X-XSS-Protection: 1; mode=block
Expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.redditmlbstream.ml
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 15:06:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
age: 52747
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
expires: Sat, 12 Mar 2022 15:06:18 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 21ms
15ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

HTTP/1.1

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://www.redditmlbstream.ml
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 601, 617
Age: 202596
CDN-CachedAt: 2021-03-10 20:26:26
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 70728
cf-request-id: 08cbb749750000323799bc9000000001
timing-allow-origin: *
access-control-allow-origin: *
Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: font/woff2
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: fd531af6eaa0e0fdeb938d2bcbc34ce0
Accept-Ranges: bytes
CF-RAY: 62f2f4bbef993237-FRA
CDN-RequestCountryCode: DE
CDN-RequestPullSuccess: True

GET
H3-Q050 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.redditmlbstream.ml
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:13:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
age: 588701
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Sun, 06 Mar 2022 10:13:44 GMT

GET
H/1.1 200
OK compatibility.js Show response
acscdn.com/script/ 20 KB
9 KB 37ms
21ms Script
application/javascript 2606:4700:3035::ac43:a479
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/compatibility.js
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:a479 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2836
X-GUploader-UploadID: ABg5-UwzV4UPX2dxkIneQW96wZMTo0hclYCZ43yYycTzn7H3K77QD-3o6uzwZCae8swY6ErSwU6ePTT08eHaAJM1DYRcq63MCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7499800004a98ebb90000000001
Last-Modified: Tue, 15 Sep 2020 12:10:32 GMT
Server: cloudflare
ETag: W/"c2bbc1e2544049cb035c321919bef2bc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BnVg6e8dhv8nBAuuOLJEDNtKWZ02Q8%2BAl00nA70WXv1pXlEF8DH0AVbqO10uyYYDlc6yYlpc9zDRLfFDBKel1x%2FQ9KyhBAwOl9E9iuIUFEUvyYVFq7%2BL"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1600171832181211
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 20647
CF-RAY: 62f2f4bc2ad34a98-FRA
Expires: Sat, 13 Mar 2021 05:26:52 GMT

GET
H/1.1 200
OK 1.php Show response
extrafreetv.com/embed3/ncaabball23/ Frame 61E3 5 KB
3 KB 156ms
125ms Document
text/html 37.0.123.31
PALLADA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 37.0.123.31 , Russian Federation, ASN198310 (PALLADA-AS, RU),
Reverse DNS: moe.mhx24.to
Software: nginx / PHP/5.4.43
Resource Hash: a6253fec9c91b5b446cff32a0594ea9f4eb5dffa7c3520bb185e2faee80f2486

Request headers

Host: extrafreetv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.redditmlbstream.ml/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.redditmlbstream.ml/

Response headers

Server: nginx
Date: Sat, 13 Mar 2021 05:32:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.43
Content-Encoding: gzip

GET
H/1.1 200
OK apu.php Show response
deloplen.com/ 61 KB
22 KB 66ms
47ms Script
application/javascript 81.171.10.215
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

http://deloplen.com/apu.php?zoneid=5087

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

81.171.10.215 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

f6ebd7a9db6b3b5e0cb5c42f2ca24a20954700b03ec1ecbde10f09effc951679

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 750b423f870d7163a0563518c118d013
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G7q8N3xwhSdF6xJDDb7pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-G7q8N3xwhSdF6xJDDb7pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H3-Q050 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.redditmlbstream.ml
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:41:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 385449
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:41:16 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
51 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 314711
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:20:14 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 53 KB
17 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b453517c2e7cfa36bd4d9aec61fbee2e5dd84aedf5f10f8e60cabe211579d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 122749
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17667
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:39:36 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 12ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 19:41:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 36236
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Fri, 26 Mar 2021 19:41:29 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.redditmlbstream.ml/js/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/js/cookienotice.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 05:15:12 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Sat, 20 Mar 2021 05:45:25 GMT

GET
H3-Q050 200 981256326-widgets.js Show response
www.blogger.com/static/v1/widgets/ 143 KB
52 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/981256326-widgets.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 00:13:48 GMT
server: sffe
age: 360655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53138
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:34:30 GMT

GET
H/1.1 200
OK Cookie set identify.html Show response
ufpcdn.com/script/ Frame 2721 2 KB
2 KB 344ms
336ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Host: ufpcdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.redditmlbstream.ml/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.redditmlbstream.ml/

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3130fd395ed3bc93961efa6d2ac7de351615614325; expires=Mon, 12-Apr-21 05:45:25 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=0dc4b4020b2b6741f0546067969b3281d8e74326-1615614325-1800-AduaGjFPz24XRiXkiSqPwfRsSDgjpoq7uRapIbX+00NHPiUvCP2WQr0giIAokcyzOnL+S/IPKtgF2r+Vhf+1rRw=; path=/; expires=Sat, 13-Mar-21 06:15:25 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified: Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 08cbb749e60000177a31972000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OSyj6z52OsdxL4iEoxVFxGl0t5iAlz6HfMnfkKvxZbP5dlv7GlT7JAS6rYwR9NlXWmDGVzd5W%2B5Jmm9nsOMCxVyRmPqVjYVvvOy3DIKxC3TAQfzAYUhJ"}],"group":"cf-nel","max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 62f2f4bcaefa177a-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK default Show response
www.redditmlbstream.ml/feeds/posts/ 56 KB
4 KB 185ms
185ms XHR
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/feeds/posts/default?alt=json-in-script&callback=jQuery111005298150745614498_1615614325097&_=1615614325098

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

d4b903b49a9bac41565131765d471c129972303302c9b40a57f53a324bfa2ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: blogger-renderd
ETag: W/"e42db322985951b05508ad22ae18e8d59f804930aff8f92801b2a3496edca144"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Vary: Accept-Encoding
Content-Length: 3820
X-XSS-Protection: 0
Expires: Sat, 13 Mar 2021 05:45:26 GMT

GET
H/1.1 200
OK %7B%22handle%22:%22freesport4all%22,%22arch%22:%22js%22,%22styles%22:%7B%22a%22:%22000000%22,%22b%22:93,%22c%22:%22ffffff%22,%22d%22:%22FFFFFF%22,%22e%22:%22ffffff%22,%22f%22:93,%22g%22:%22333333%2... Show response
www.redditmlbstream.ml/feeds/posts/default/-/ 3 KB
1 KB 184ms
178ms XHR
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/feeds/posts/default/-/%7B%22handle%22:%22freesport4all%22,%22arch%22:%22js%22,%22styles%22:%7B%22a%22:%22000000%22,%22b%22:93,%22c%22:%22ffffff%22,%22d%22:%22FFFFFF%22,%22e%22:%22ffffff%22,%22f%22:93,%22g%22:%22333333%22,%22h%22:%22ffffff%22,%22i%22:93,%22k%22:%22ffcccc%22,%22l%22:%226600cc%22,%22m%22:%22000000%22,%22n%22:%22FFFFFF%22,%22o%22:93,%22p%22:%2210%22,%22q%22:%22333399%22,%22r%22:93,%22usricon%22:1.04,%22sbc%22:%22333399%22,%22surl%22:0,%22cnrs%22:%220.35%22%7D%7D?alt=json-in-script&max-results=3&callback=jQuery111005298150745614498_1615614325099&_=1615614325100

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6aac5a6ad54485584eb6c06fdac5570c702e2de3f028a752a54aba24e7fdfb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: blogger-renderd
ETag: W/"69c5f8d94f7805e8171446a1b0c17fea56a51553b8427ba5efb306d66a1c2f88"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Vary: Accept-Encoding
Content-Length: 951
X-XSS-Protection: 0
Expires: Sat, 13 Mar 2021 05:45:26 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c0973422df980f71f524bce17c58947f25ceba7fcaf4baae81c367c36b3ad6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aGV7+tNRNab5nYr33G/gcg==
cross-origin-resource-policy: cross-origin
expires: Sat, 13 Mar 2021 05:56:15 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: /ze4TYy4w+NW6vaKmX/ATTdR/Xav3u/uT9v/X/FQXYeYdiRjku4yOQozAviQDgRu0Y20oSHv6yU8fwKgb1ipIA==
x-fb-trip-id: 917726464
x-fb-content-md5: 27da143efa77b936f381ebadae913587
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 13 Mar 2021 05:45:25 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "02b5362a27f38cd6b25fda3ea7e51527"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5
Non-Authoritative-Reason: HSTS

GET
H/1.1 204
No Content fac.php
deloplen.com/ Frame 6FC8 0
0 30ms
29ms Document
text/html 81.171.10.215
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

http://deloplen.com/fac.php

Requested by

Host: deloplen.com
URL: http://deloplen.com/apu.php?zoneid=5087

Protocol

HTTP/1.1

Server

81.171.10.215 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: deloplen.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.redditmlbstream.ml/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.redditmlbstream.ml/

Response headers

Server: nginx
Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 435f37fc47a881ee1e2d53dc31b5324f
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
46 B 449ms
449ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4623367801006963515&zx=4d0096e8-ae00-4c6a-980a-4c7de3594329

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Mar 2021 05:45:25 GMT
server: GSE
date: Sat, 13 Mar 2021 05:45:25 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ole-miss-rebels-lsu-tigers.html Show response
www.redditmlbstream.ml/2021/03/ 315 KB
62 KB 188ms
183ms XHR
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/2021/03/ole-miss-rebels-lsu-tigers.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db92f10df66ad7c6b2e5997ccfaa3e0243d49c5f2f956e5d3da94455f8f3d0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: GSE
ETag: W/"a65138fc985ace5790069f9842acb19fe7fbde48e3b9eab8334ad7183329aa7e"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 63142
X-XSS-Protection: 1; mode=block
Expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H/1.1 200
OK uconn-huskies-creighton-bluejays.html Show response
www.redditmlbstream.ml/2021/03/ 315 KB
62 KB 187ms
182ms XHR
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/2021/03/uconn-huskies-creighton-bluejays.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee1e471a1549ac7118bdc8e9af53620444eb791185a1eddf6f38229714e7661f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: GSE
ETag: W/"a65138fc985ace5790069f9842acb19fe7fbde48e3b9eab8334ad7183329aa7e"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 63149
X-XSS-Protection: 1; mode=block
Expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H3-Q050 200 navbar.g Show response
www.blogger.com/ Frame 7D8E 7 KB
3 KB 683ms
683ms Document
text/html 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=4623367801006963515&blogName=Reddit+MLB+Streams&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.redditmlbstream.ml/search&blogLocale=en&v=2&homepageUrl=http://www.redditmlbstream.ml/&targetPostID=1737399779813090566&blogPostOrPageUrl=http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html&vt=-6089690439908004536&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c88348b45859649b36e45a0a2924a855a3ea1dad3d62ce4402264de2bad3d7c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=4623367801006963515&blogName=Reddit+MLB+Streams&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.redditmlbstream.ml/search&blogLocale=en&v=2&homepageUrl=http://www.redditmlbstream.ml/&targetPostID=1737399779813090566&blogPostOrPageUrl=http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html&vt=-6089690439908004536&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.redditmlbstream.ml/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.redditmlbstream.ml/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2668
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=41369e0cdbaa94b06844c3bdc301182f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2b457964f3f3573af7144beaabd44c36656276123fb31e340dc7b8d198d4d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://www.redditmlbstream.ml
Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: S9QvvvgfCw358+Cyd9D/ug==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60565
x-fb-rlafr: 0
x-fb-debug: PIwetVciBcGIzUKVRD/oq3n0juF45SQAvjmUfctDy8zp7F1qoecQfwRLDu567aAGLZl/G07FDITfMJ/OqVFtXw==
x-fb-trip-id: 917726464
x-fb-content-md5: 0d5f5502f670724ca93fc288f8bc6ff9
x-frame-options: DENY
date: Sat, 13 Mar 2021 05:45:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "29e658389696c0e8568fe4022f38d9d7"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 12 Mar 2022 23:45:03 GMT

GET
H/1.1 403
Forbidden ea5d8f0e049f8aafe6e93b8e093546a6.js
masontotally.com/ea/5d/8f/ Frame 61E3 0
0 248ms
215ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://masontotally.com/ea/5d/8f/ea5d8f0e049f8aafe6e93b8e093546a6.js
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Mar 2021 05:45:25 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 particle.min.js Show response
www.betteradsystem.com/ Frame 61E3 30 KB
9 KB 99ms
28ms Script
application/x-javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betteradsystem.com/particle.min.js
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 750c34447d22c5eba678434c9ac047d9bf62c27cc5bef891b61907a500cbd80f

Request headers

Origin: http://extrafreetv.com
Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1ryyVTFLvUekGAA==
date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray: /tOH0AA7suU=
x-77-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-77-pop: frankfurtDE
x-cache: HIT
x-age: 452945
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
expires: Sun, 14 Mar 2021 23:56:20 GMT

GET
H/1.1 200
OK live.php Show response
extrafreetv.com/embed/ Frame 6D9F 820 B
669 B 71ms
71ms Document
text/html 37.0.123.31
PALLADA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://extrafreetv.com/embed/live.php?98482
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Server: 37.0.123.31 , Russian Federation, ASN198310 (PALLADA-AS, RU),
Reverse DNS: moe.mhx24.to
Software: nginx / PHP/5.4.43
Resource Hash: c00b71e4498e87066beea05152d189f159ce2309eae5809f67da3bc592c34584

Request headers

Host: extrafreetv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://extrafreetv.com/embed3/ncaabball23/1.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://extrafreetv.com/embed3/ncaabball23/1.php

Response headers

Server: nginx
Date: Sat, 13 Mar 2021 05:32:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.43
Content-Encoding: gzip

GET
H/1.1 200
OK js15.js Show response
s10.histats.com/ Frame 61E3 11 KB
5 KB 76ms
56ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15.js
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "980881274"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32943
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
X-IPLB-Request-ID: 526614EB:6ADE_2E69C9F0:0050_604C5175_7E5D5:1631
Content-Length: 4405
X-Request-ID: 883132412

GET
H/1.1 204
No Content suurl.php Show response
onclickgenius.com/script/ 0
132 B 260ms
242ms Script
text/plain 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://onclickgenius.com/script/suurl.php?r=2930031&cbrandom=0.7152314784662805&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Wisconsin%20Badgers%20%40%20Iowa%20Hawkeyes%20-%20Reddit%20MLB%20Streams&cbref=&cbdescription=&cbkeywords=YOUR%20KEYWORDS%20HERE&cbcdn=acscdn.com
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Mar 2021 05:45:25 GMT
Via: 1.1 google
Server: openresty

GET
H/1.1 200
OK chrome.js Show response
acscdn.com/script/ 36 KB
13 KB 11ms
10ms Script
application/javascript 2606:4700:3035::ac43:a479
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/chrome.js
Requested by: Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:a479 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 615
X-GUploader-UploadID: ABg5-UyS5we2iEeSHnUjLpuT56ggov3br_bIu_Omme5loA7kHrTWZVp2bLxwxM7x8m7JvZ_Sl1liWmXOjRUn1sLH188n1uqnJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74aa600004a981e3da000000001
Last-Modified: Mon, 14 Sep 2020 09:15:29 GMT
Server: cloudflare
ETag: W/"ef6565ab259dafbc08468b4d0bb46762"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fc0%2BZe6EhaDEVdWrDvjVuRAzEQPidKxZlExpN1cL3ZriPqFyvpmXjQQ0bAP70ERVJuVx%2BFrSCmoMiJj3NepC%2Fm7lQWoYxe16DLiO33p1X5IZvYsDj%2BOR"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation: 1600074929755781
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 37300
CF-RAY: 62f2f4bddc6c4a98-FRA
Expires: Sat, 13 Mar 2021 06:35:10 GMT

GET
H2

200

98482.html Show response
lowend.xyz/stream/ Frame 1F13
Redirect Chain

https://newdmn.icu/stream/98482.html
https://lowend.xyz/stream/98482.html

13 KB
6 KB

295ms
271ms

Document
text/html

2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/98482.html
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed/live.php?98482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff6e5c8dd31f813f32846654afd1b5be8e7a0ba9519388e94b6c29b92b11bb6

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://extrafreetv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://extrafreetv.com/

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d20fd0f204ee08e873944e464cba56c4b1615614325; expires=Mon, 12-Apr-21 05:45:25 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb74b0b000016f2ba003000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UZjJtwmApdQwuJN%2BFIRbVHT6jB4MlZyy6TYjsIL2FxQbCSgIo3MIaFcnNUNGRRUSd6iUyrva%2Bh8RDf2WNlRf6Ry%2BtXiJlgA9hn9ux4djsbJ2EkXjbvZZ"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4be793416f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-type: text/html
set-cookie: __cfduid=d180dafdbf92e06331df9025746145f341615614325; expires=Mon, 12-Apr-21 05:45:25 GMT; path=/; domain=.newdmn.icu; HttpOnly; SameSite=Lax; Secure
location: https://lowend.xyz/stream/98482.html
cf-cache-status: DYNAMIC
cf-request-id: 08cbb74ac600004e6dcc0e8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bKB6m9ait9fa%2Ba6aMU8a1JnpZxq9BMFNW4eGeVhxEswnUQ4289uIp8M%2Bqy06bvlADP2HJaZh4bwaCKSfZpd5s0W8l4ThBGqNUVQEYzXUCXQSoNkszqOb"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62f2f4be0aa94e6d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 61E3 52 B
186 B 364ms
120ms Script
text/html 192.99.13.63
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2784968&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fwww.redditmlbstream.ml%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-37528895&@b3:1615614325&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fextrafreetv.com%2Fembed3%2Fncaabball23%2F1.php&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns504751.ip-192-99-13.net
Software: /
Resource Hash: 5457ce5fedfcfdf05f8946d520460189cbdb7ba3a04e11d0a8930e5175de9796

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK default Show response
www.redditmlbstream.ml/feeds/posts/ 8 KB
2 KB 338ms
338ms XHR
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.redditmlbstream.ml/feeds/posts/default?alt=json-in-script&start-index=3&max-results=3&callback=jQuery111005298150745614498_1615614325097&_=1615614325101

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

65b510106c0aa922459aed3ddaa8e1de97d01546c2ec14c5655f1a0e0cb4d2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Mar 2021 01:07:51 GMT
Server: blogger-renderd
ETag: W/"84719e3fe644b28d7cff7f971fdce69e260a0c59d518ca67c13ac7fbc1d1e018"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Content-Length: 1511
X-XSS-Protection: 0
Expires: Sat, 13 Mar 2021 05:45:26 GMT

GET
H2 200 / Show response
c.adsco.re/ Frame 61E3 35 KB
12 KB 34ms
13ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/particle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1243408
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 62f2f4bedd1c3128-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74b42000031288f3da000000001
expires: Tue, 13 Apr 2021 05:45:25 GMT

GET
H2 200 /
6.adsco.re/ Frame 61E3 0
470 B 29ms
11ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://extrafreetv.com
Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://extrafreetv.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 62f2f4bf0b71c2b8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74b630000c2b8312f9000000001

GET
H/1.1 200
OK /
4.adsco.re/ Frame 61E3 0
460 B 154ms
45ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://extrafreetv.com
Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://extrafreetv.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ Frame 61E3 0
416 B 82ms
64ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://extrafreetv.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ Frame 61E3 46 B
460 B 79ms
61ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: d0f0833303c0b76784f9154233676698e456f56a40b2b764f43d85c4eae522c2

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://extrafreetv.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ Frame 61E3 53 B
669 B 16ms
10ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://extrafreetv.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62f2f4bef90e4d8a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74b5d00004d8adca7f000000001

POST
H/1.1 200
OK /
fworx4kprbnb.l4.adsco.re/ Frame 61E3 0
464 B 135ms
39ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://fworx4kprbnb.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
fworx4kprbnb.n4.adsco.re/ Frame 61E3 0
464 B 408ms
107ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://fworx4kprbnb.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
fworx4kprbnb.s4.adsco.re/ Frame 61E3 0
464 B 1002ms
230ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://fworx4kprbnb.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame 3197 35 KB
14 KB 23ms
17ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://extrafreetv.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://extrafreetv.com/

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Tue, 13 Apr 2021 05:45:25 GMT
ETag: W/"49M/vRKXL5pROhm5uOGH7A=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1243406
cf-request-id: 08cbb74b600000c2956894c000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 62f2f4bf0cffc295-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
6.adsco.re/ Frame 3197 0
664 B 10ms
10ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://c.adsco.re
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62f2f4bfd9f04d8a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74be300004d8abfaee000000001

GET
H/1.1 200
OK /
4.adsco.re/ Frame 3197 0
455 B 45ms
44ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: extrafreetv.com
URL: http://extrafreetv.com/embed3/ncaabball23/1.php
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://c.adsco.re
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK id.html Show response
st.chatango.com/h5/gz/r0307212205/ Frame 2181 681 KB
219 KB 696ms
339ms Document
text/html 208.93.230.24
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/h5/gz/r0307212205/id.html
Requested by: Host: st.chatango.com
URL: http://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.24 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: ce8bb0fffb6f880782f7c03f356e6c1e1b72a0812167b1590ef4b97365f5da00

Request headers

Host: st.chatango.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.redditmlbstream.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.redditmlbstream.ml/

Response headers

Server: nginx
Date: Sat, 13 Mar 2021 05:45:26 GMT
Content-Type: text/html
Content-Length: 223953
Last-Modified: Mon, 08 Mar 2021 06:09:51 GMT
Connection: keep-alive
ETag: "6045bfaf-36ad1"
Expires: Sun, 13 Mar 2022 05:45:26 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes

GET
H/1.1 200
OK r.json Show response
st.chatango.com/cfg/nc/ 20 B
359 B 548ms
182ms XHR
application/octet-stream 208.93.230.24
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/cfg/nc/r.json?d257500020000256524739119
Requested by: Host: st.chatango.com
URL: http://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.24 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d15cc1d0251b72aa4eb1fc95543422ed34bac48f60f55616a14f3279a1e8f30

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Last-Modified: Mon, 08 Mar 2021 06:09:51 GMT
Server: nginx
ETag: "6045bfaf-14"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame 3197 35 KB
14 KB 12ms
11ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:25 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1243406
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74c0c0000c295ed25b000000001
Server: cloudflare
ETag: W/"49M/vRKXL5pROhm5uOGH7A=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=2678400
CF-RAY: 62f2f4c01d7dc295-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Tue, 13 Apr 2021 05:45:25 GMT

GET
H2 200 nth.png
3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/ 3 KB
4 KB 26ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/nth.png

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4b70c4cd11d64db7c587fa68ed12651b684fe2e78a9a9d46812f89beb496acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.redditmlbstream.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:36:03 GMT
x-content-type-options: nosniff
age: 4162
content-disposition: inline;filename="nth.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3362
x-xss-protection: 0
server: fife
etag: "vb88"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 12 Mar 2021 16:24:08 GMT

GET /
6.adsco.re/ Frame 3197 0
0

GET /
4.adsco.re/ Frame 3197 0
0

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 12ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614240
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb74c1f00004e6216262000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yl0cAanA%2BATyqW5XbfszK9nTMb5i7yKRctQoI6UXachLsAEzHGPah62q%2B0V6UX0YgpoGEAGfAWzyWA59nqheJReqYh9Qas7ctxAI1KGHzrsgtHsVIOoizzvb4%2BrA0SEqaQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4c03d8d4e62-FRA
expires: Thu, 03 Mar 2022 05:45:25 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 36ms
11ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 22ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42744
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 22ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26865
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 37ms
13ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5145
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74c3700004aaf9316a000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ye6%2F9fQ5S9ruYQJQBPnLdyFo9bQPNKwGL1ypQ%2BoacWdu3h4NjujT7ARqqRYZ6tyJ6oWvaaV6GIKeDOUsXfrlr%2FtP7Fk3tu0PXH05Sf8FpPi45xtLlw%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4c058d84aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

26ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:26 GMT
cf-cache-status: HIT
server: cloudflare
age: 132166
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4c2da124db8-FRA
cf-request-id: 08cbb74dc500004db8dc998000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:26 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6db34dea2002b54d1f9dc9f2fb5a6c059e869715d68edb3091af8e3b73ce8caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39775
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:25 GMT

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 390ms
131ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

4b292f8bdb59a90997d7fc0450602d2d2e4cea00a4ab984d6f4c6c6acc5e714b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: 00e130148d199ef212e979bdf7119873
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6170
date: Sat, 13 Mar 2021 04:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 06:02:35 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 271ms
144ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:28 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: EXPIRED

GET
H3-Q050 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 7D8E 54 KB
21 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4623367801006963515&blogName=Reddit+MLB+Streams&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.redditmlbstream.ml/search&blogLocale=en&v=2&homepageUrl=http://www.redditmlbstream.ml/&targetPostID=1737399779813090566&blogPostOrPageUrl=http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html&vt=-6089690439908004536&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57f3082a73b84b78b29e16d0d12c6f4de20da9b5aee1ecacd46612927e12fcf5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HLLoGrmAmGV6qAstMhBq+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "985876dfe14fb060dc1aa7f0a0614081"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-HLLoGrmAmGV6qAstMhBq+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 13 Mar 2021 05:45:26 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame 7D8E 121 KB
41 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02aebdddafdbd538758d645bf59f86c2766c1661fc07f55751bfc644721235e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 272645
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41820
x-xss-protection: 0
expires: Thu, 10 Mar 2022 02:01:21 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ Frame 61E3 360 B
855 B 63ms
63ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 4fc6e84dc6afd7eb9da5fa5ad1531a16d9d26b533be61037328689840bf7eba7

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

AS-P-G: OK
Date: Sat, 13 Mar 2021 05:45:26 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://extrafreetv.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 58ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:28 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 16 KB
0 161ms
106ms XHR
video/mp2t 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Last-Modified: Sat, 26 Sep 2020 03:35:56 GMT
Server: nginx/1.17.9
ETag: "5f6eb71c-be1c8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 778696
X-Proxy-Cache: HIT

GET
BLOB 200
OK 03ad62e5-8a5b-468f-bb1f-9b842461cf2a
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/03ad62e5-8a5b-468f-bb1f-9b842461cf2a
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H/1.1 200
OK Skil.htm Show response
betteradsystem.com/ Frame 61E3 44 B
245 B 169ms
151ms Script
text/javascript 162.252.213.208
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://betteradsystem.com/Skil.htm?_=BAoAYExRdgFgTFF2gAGBAsAAIPPOYReMw4D-Usew3KgYnIkS8Yq0OSOhp6hOUrQlWBXdwQBGMEQCIHwjZIHJRPbXwNXdPBwgP-Voc0JBx976vkaHG6ZaileVAiBXB-ZQrJ9hyuO-nv7xm5dksvt4omghV3YEfR7qnhgAXcIAIG64JjpTmHmWvxVIHiZ2s2jV2A21Opg6aLn6FoA9PGgZxAAQKgEE-AGSVBQAAAAAAAAAAsUAEBTBWhTkd6NS3TtCejWh0LbDAEYwRAIgePRDt1QNLVBk0ngJ2DTa9qPlZUxhbbG0kUmgqegVrawCIBBtbzarcCTi-pegsUAc_X3_B8fQRixyqB8NRsLGAHOC&v=4&ixWFQlEH=823144&minBid=0.001&AIvqODik=0,0&rvbLwhRD=&peUDiEfo=http%3A%2F%2Fwww.redditmlbstream.ml%2F&s=1600,1200,1,1600,1200,1
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/particle.min.js
Protocol: HTTP/1.1
Server: 162.252.213.208 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer: http://extrafreetv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Mar 2021 05:45:26 GMT
PopAds-EC: ASB
ASF: 9
Connection: Keep-Alive
Content-Length: 44
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
14 KB 35ms
14ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb74e8600002bdd8b3f3000000001
x-request-id: 80c89a69ce232b85aa0743bf8508c933
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rlJtClDCNh3FsYoCpq3LZ9%2Bn2XbP1ttaYAjBdNxKD3%2F4oAAmaQ1%2FMlZ4YVk5XaKi2tY4QwNWCqKNtftJK%2FBIhOBaDw4zedPgfd6qUhAI3PVMePWPDDgNJmO11v7YEvBZXNx4n5ge9g%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4c40b0c2bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame C7EF 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614326000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

11ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:26 GMT
cf-cache-status: HIT
server: cloudflare
age: 132166
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4c4bc254db8-FRA
cf-request-id: 08cbb74ef200004db895874000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:26 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/chatango-network/ Frame 2181 70 KB
19 KB 92ms
30ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0307212205/id.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a79bdc747e8370e986ed9aa9e79fde511b3e20fad77b6c715adb0d5630ed8c9c

Request headers

Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mLQdHenfREnyeZRmhQW4xlQNOQcWoDsq
content-encoding: gzip
etag: "ba4c1859fadaff8b894cf80f272988a6"
age: 71
x-cache: HIT
content-length: 19021
x-amz-id-2: ocfvbxgvPTzrV0WQX9gQNFSxrqPOaTM9uAystCnrFmNUDfslkxBf2r6RnON9uOpFPz8p5cpKaW8=
x-served-by: cache-hhn11538-HHN
last-modified: Tue, 09 Mar 2021 16:08:47 GMT
server: AmazonS3
x-timer: S1615614327.537525,VS0,VE0
date: Sat, 13 Mar 2021 05:45:26 GMT
vary: Accept-Encoding
x-amz-request-id: 8EMGTVGENTWTT5VJ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 3

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
537 B 98ms
33ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:26 GMT

GET
H2 200 impl.20210309-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 2181 469 KB
108 KB 35ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding: br
etag: "75c949375e72662c18ea42e8379a148a"
age: 26447
x-cache: HIT
content-length: 110346
x-amz-id-2: 4OJS8xmIvCConlMlpn510Bx8V9+lPBDtQFn5Sq3U5nXNeh3HdhWEImzdx+y0gaBTXjzePT7NPPs=
x-served-by: cache-hhn11538-HHN
last-modified: Tue, 09 Mar 2021 14:16:13 GMT
server: AmazonS3-br
x-timer: S1615614327.591388,VS0,VE0
date: Sat, 13 Mar 2021 05:45:26 GMT
vary: Accept-Encoding
x-amz-request-id: S0GWY892V98WYC03
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 25
x-cache-hits: 34619

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2181 1 KB
1 KB 103ms
40ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 14 Mar 2021 05:45:26 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 97ms
31ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payingnoodlescam.com/pxf.gif?uuid=e1ac26c3-c637-44d9-9e98-707d0aba8058&eb=0f4a19e62e420e26ed680cdef82075c2&te=2f1a36f6a62d2530dee35896a05ff64e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&dev=e&res=10.1045&b_frame=1&pk=15d6ce62d0f01528c7478f7446d71678&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=6

Requested by

Host: www.redditmlbstream.ml
URL: http://www.redditmlbstream.ml/2021/03/wisconsin-badgers-iowa-hawkeyes_12.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 49d4cb41a42d53bf504607dfd66f6b47
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 2181
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2...

0
528 B

32ms
32ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2Fwww.redditmlbstream.ml%2F&cs_ak_ss=1
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0307212205/id.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Mar 2021 05:45:26 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615614326829&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0307212205%2Fid.html&c9=http%3A%2F%2Fwww.redditmlbstream.ml%2F&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 13 Mar 2021 05:45:26 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 2181 46 KB
19 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0307212205/id.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1021
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/2/ Frame 1F13 13 KB
5 KB 269ms
269ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/2/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b909b049a9aa7663a3e5cccea141acc858d601d9967a4566966aaeb11a534fb4

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/2/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da03db379c5f1f844860bedbaa879309f1615614327; expires=Mon, 12-Apr-21 05:45:27 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb752d6000016f2e0bcc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e2YFr5cG3GKO%2F2k3w64RqMeFgpr2mR6wepb4HQegwTm9exdLE7H0O3X9nGjTr73guSOwK8inWuqkkNa5SeyLuztUqAtYozQCs61o30pVSgiYvCCyx5lQ"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4cafa6716f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 13ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614242
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb753ea00004e621c21d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OTkWpAIwutAtnhGGv7dgUDHXFDB0YmSXSL%2B3e66Trc4vB4O%2Bq5UMvP42SiQkWIOtf4m%2B68gpnILalqeu3JGt%2B3Xa5ulFcpHKEZ4W2XWv2%2BDE%2BCaJvi8aQH2Kddn6FhVGyA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4ccab054e62-FRA
expires: Thu, 03 Mar 2022 05:45:27 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 11ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 16ms
15ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42746
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 16ms
15ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26867
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5147
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb753ea00004aaf5dadb000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k8Rfl5emK8iDBhjuWDAQ0JMVIQg0yrZsXLLJ3XLpl5XBUPjAkYDTD4NavO5yTaTbOxuFz0eTFh%2BMzUDtTOy%2BCe49H5cKu1FfZEpVoVz7sDC5oOsfv0s%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4ccad0b4aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

11ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:27 GMT
cf-cache-status: HIT
server: cloudflare
age: 132167
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4cdad004db8-FRA
cf-request-id: 08cbb7548500004db8c70e2000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:27 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

750e9b9a41a0430f6b38829d2d3256a4b29e5793addd5d246c194644d24a658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39778
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:27 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 10ms
9ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 138ms
138ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

d5333fd65b7e756b005190e096ea42c7bbf3c981ecc07e0c2f5c49bd3a1dcbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:27 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: c70d7f3b28f22fd0bc24cee9e490b63b
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:27 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:29 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1022
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:27 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:29 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 0
0

GET
BLOB 200
OK a1b33919-3bae-4141-9469-d7f0193a6fb8
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/a1b33919-3bae-4141-9469-d7f0193a6fb8
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 13ms
13ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb754c700002bdd35091000000001
x-request-id: 11b42ae14531e8b23762f20edea80538
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WnoyiiBvwCdA0WuUTjdIsAjOYK7t7Xp6zfZCdhqy0RWCBkGDimBqqd9qJXWWOf%2BnaYXtoodg7yIEzWVz7oFWsuz97HiVwjMrKaxEYdZpn9aHU%2F88x6oWPJ0r%2FQl5H%2Bpm56w%2Fx8Qc1Q%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4ce0cab2bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame BA2E 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614328000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

10ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:28 GMT
cf-cache-status: HIT
server: cloudflare
age: 132168
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4cede344db8-FRA
cf-request-id: 08cbb7554600004db8a5326000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:28 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 31ms
31ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:28 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:28 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 31ms
31ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:28 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 08fbcf1578d947a1b695b2e28b3f8769
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/3/ Frame 1F13 13 KB
5 KB 262ms
262ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/3/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5219a23c044715d4d84a43f48b5779469a30b175ec336a7184039eff4af671e9

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/3/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/2/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/2/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d478c41f9089ef4ee95366e72771a8a9a1615614329; expires=Mon, 12-Apr-21 05:45:29 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb758ef000016f2f1bfe000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=neZyRR2chy4uSCVY6FCW6Bq9hEr2ayNC7OA9AegEbcRFo5EUs6e%2FDWuMTto93oTRblRPfgOYPca1VvE2vKQKQrZAXlUEx42gEcGBkDPdVMQmxgA87X6%2F"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4d4b92f16f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 12ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614244
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb759fe00004e62e03db000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ig3l8dGlJf9MdSVZYQrJYocFHouhV%2F2hi7NhvkE28pzXm2EDaOBqt4f%2Bt%2F5YVAo3NS%2FnjXe5milExHgYvU8VtSsjU6dsCR9mCWGrdGnCCDddKIo9M%2FsoaYVw%2FJ8knrI6wg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4d66d964e62-FRA
expires: Thu, 03 Mar 2022 05:45:29 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 13ms
11ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42747
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26868
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5149
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb759fe00004aaf6a334000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=28qUm81XLiT1E5vJ65VLKQcGcxgeZJ%2BmXu5etcZ8%2BwatMzVfinV8i3GTqF9iF0EAO5KtY043vckb7rlefOhWhPkexYy5ARsYvZBecOyrCn%2BO2Ky1noA%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4d66e874aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

11ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
cf-cache-status: HIT
server: cloudflare
age: 132169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4d74edd4db8-FRA
cf-request-id: 08cbb75a8c00004db899b7e000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:29 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

750e9b9a41a0430f6b38829d2d3256a4b29e5793addd5d246c194644d24a658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39778
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:29 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 12ms
11ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 126ms
126ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

32834cb71ac963642e4986466e32ab77ae9e013cb83d2e184e6274f07ead65cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:29 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: 77631b332e18b6281ccbb409670f718c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 58ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:29 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:31 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1024
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:29 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:31 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 0
0

GET
BLOB 200
OK 4fd6e61e-b669-4e80-8139-700e049eb0a6
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/4fd6e61e-b669-4e80-8139-700e049eb0a6
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 20ms
19ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb75ad200002bdd3226c000000001
x-request-id: d940a7f5bc58d2be8cae3258faed19bc
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mFrLbuUaPy6nFEwyvUAJ5E9fnuZWOfBHr6O4DS5HL%2BY59Fw8AW9h6TuleHoSLOurgRk4%2Fnyo0QZFlzg5KUvpprEDrIqU1ae4wjzgPw%2FYwPjXF%2BOls5GJZyAfHu8bm%2BKSUoCCFkWQ2Q%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4d7bccb2bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 05FA 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614329000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

10ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:29 GMT
cf-cache-status: HIT
server: cloudflare
age: 132169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4d8881f4db8-FRA
cf-request-id: 08cbb75b5000004db89104b000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:29 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 31ms
30ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:29 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:29 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 32ms
32ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/3/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:29 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 75719df3c2cfad48b36d51a1052a6ea0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/4/ Frame 1F13 13 KB
5 KB 263ms
263ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/4/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/3/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19aa63e219b763b350fe88dc4c93fa4dc5650c482d3c4fb7ef3e71cf81694625

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/4/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/3/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/3/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6d66a5cbfc77f94d05f547d877ba66771615614330; expires=Mon, 12-Apr-21 05:45:30 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: MISS
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb75efe000016f2dbb00000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yceRiRa%2BaZn8WxS4Bbf8Qp7ELk2viJWiL37vey6WvYGSKhEGW2FKXQljOhSios9GbTLaL29D5HlVEBNggtWXRL2Tf3axMepqsyeT2BPpLom%2BpC22iWLB"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4de6fcf16f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
28 KB 13ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614245
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb7600c00004e62f68e9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ItdtGCNnl6ls0tCyDcKk9XcbkDNueLLFecj3SphVLK%2Few7WPaOpXJgCJhhkJ2hs41eCyS6PGWC5wfE0R0SzTSCpNGnE5px0douV6BL7YyqqGl8z1jZau5Jp1EceO8dASUw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4e01fd54e62-FRA
expires: Thu, 03 Mar 2022 05:45:30 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 11ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42749
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26870
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5150
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7600c00004aaf4f0f4000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pBBU0ncnC86FgP6KFTsObTbeDsnQEcGlZ3PQL0y8Dre0tiJjijUiCo51z5l6GKbcklShkV%2BtTZuSL41Qd4F9fPdjeOk%2FeDwkwY6lzMFqo8la6Hc5TKU%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4e0180a4aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

10ms
9ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:31 GMT
cf-cache-status: HIT
server: cloudflare
age: 132171
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4e0f8f44db8-FRA
cf-request-id: 08cbb7609c00004db8cc8dc000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:30 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b556de37ef90394e4906c952c1465775cf077e6dc7d195055ba85fee68ece7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39775
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:30 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 10ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 123ms
122ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

ee69c8ff4640de2d875dd7bf187aafc4d2ed1c16f034a68cd6ea53dd45614dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:31 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: 333bd760de15b069a09489c422fba2bd
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:31 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:33 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1025
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:31 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:26 GMT
Server: nginx/1.17.9
ETag: "604c5176-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:33 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 0
0

GET
BLOB 200
OK 6b4c9cee-30dd-4460-8dc3-6d09eb281473
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/6b4c9cee-30dd-4460-8dc3-6d09eb281473
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 15ms
15ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb760d600002bdd922c4000000001
x-request-id: f95f097e5604118f11a1c6059d06c686
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3%2Fox134kjOSmy29EcX6cNk6o%2FOMHQfxLoNrYcJsuzJL521KzwnO1qU48CJEKoBRayFKXEI2RYB9QPtGL7NMxGrs2GRbV92%2F9ZoWzfnipSSWGad2rET8MmJ5xcvuJz2ueBBdY%2FXk4Jg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4e15d3a2bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 68C6 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614331000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

10ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:31 GMT
cf-cache-status: HIT
server: cloudflare
age: 132171
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4e22a214db8-FRA
cf-request-id: 08cbb7615600004db8eb9ef000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:31 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 32ms
32ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:31 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 31ms
31ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/4/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 4966dd4cd9cd0da1711a08f6bde143a7
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/5/ Frame 1F13 13 KB
5 KB 264ms
264ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/5/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/4/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8e08a6b807df3d73e4be067d375f9955d9e551abb8d5fe2948ecd1bfe61797

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/5/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/4/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/4/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=deb7616a3c9430b2dd685b68e154ebd691615614332; expires=Mon, 12-Apr-21 05:45:32 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: MISS
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb76510000016f2a287e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=03CNJegRv88ZUKNv5jXcf5DghOfVfcvlSD%2FSySXJfZ6CWvocNYLGd83zabQiuigmKl7pFZWQ7a7bT3n0h2pgP4f5OPvbuM%2BeF5Xsx5jSoO6NB8M0WXtu"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4e81f9916f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614247
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb7662200004e62d6952000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PBtRw4%2F7Ss3onRcbXrobh89Zfw8%2BRhUaBpuIsjOZSnmfYAumk%2Bsda5qDf2iGGVJVX6XCfCLM2T3%2BKhmEfcvIYQWuMsvbI%2FsicZIb477NXaDep74NJoLgd9wjaJdM5omnjQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4e9c9984e62-FRA
expires: Thu, 03 Mar 2022 05:45:32 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 12ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42750
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 11ms
10ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26872
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5152
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7661f00004aaf459cd000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gDyEq81PAofC39MvNyFP5t8MwmabzLlUrIV1hBLrfQTynL4uf62IjnO2ju9K36Y22NM%2FNgsZmDfyovRoXpse7hGvud5CyAKeoPVsjPyHc%2FOFf5mgqWI%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4e9cade4aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

11ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
cf-cache-status: HIT
server: cloudflare
age: 132172
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4eaaa404db8-FRA
cf-request-id: 08cbb766ab00004db88c2c3000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:32 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

750e9b9a41a0430f6b38829d2d3256a4b29e5793addd5d246c194644d24a658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39778
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:32 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 10ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 136ms
136ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

e31c86e7c3e90db021185a8ca96ed8b10a1f12781f5b347baca2fbcd4710eaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:32 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: 6adf25028c5cb903c67903a663f939b6
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 478da81927a3619cc38ab475224deca96c750b9e27ed42979a999fd1f1cc24fb

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:32 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.17.9
ETag: "604c517b-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:34 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1027
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 478da81927a3619cc38ab475224deca96c750b9e27ed42979a999fd1f1cc24fb

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:32 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.17.9
ETag: "604c517b-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:34 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 1fxbayxx.ts
e10.espncdn.xyz/ingestx/887/caca/ Frame 1F13 0
0

GET
BLOB 200
OK 4af2991a-7978-4e2e-9cdc-0fdc71a8b47f
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/4af2991a-7978-4e2e-9cdc-0fdc71a8b47f
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
14 KB 12ms
12ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb766f300002bdd96ae6000000001
x-request-id: 6b304f750e6f7141892d10bcf0491e47
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ezE7gNR6uwKIr2%2FNjiLYwkibuxiTI1hT4QT4ADClPEr80hh20i3lhGhWPDdKJoyvPacl9WsUbh3VSq2Z%2BvTNo1rBoGj0c1wxw0ZBPqKejg7NLCsr5KvgLyUHUnimvAMm7MyQ4eyfTA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4eb1ec52bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 2D13 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614332000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

13ms
12ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:32 GMT
cf-cache-status: HIT
server: cloudflare
age: 132172
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4ebebd14db8-FRA
cf-request-id: 08cbb7677700004db899812000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:32 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 32ms
32ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:32 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:32 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 34ms
34ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/5/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:32 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 5de47235a6adcb5c1c93398f281d8447
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/6/ Frame 1F13 13 KB
5 KB 260ms
260ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/6/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/5/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789b3578a1a1f8691549770d470e8d8c5d643f584c5f3ec0456d6d2e77a31e99

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/6/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/5/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/5/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de8cfb6a868de1715e0615221a0b895a21615614333; expires=Mon, 12-Apr-21 05:45:33 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: MISS
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb76b32000016f2b3a20000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xDmqAXyiKlymLp3joXHyZuCCoVK1uxnCWKsd8sACg7X12C1N8L7GjVPNnBOQXfxC5eXrI2SpA7CR58dNWPdW06kT%2BxvXtqkx9c7zLib3L3Q3%2Fitddhfh"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4f1ee5f16f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 11ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614249
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb76c3c00004e62293dc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G87rnPH9DHcMB2SQ27KTZ2lBbShS2tEPQKGh16zuoz%2FUBkha0uwRxy3pjVIzNGMwLCGLYraJT4ccdgLWzKn5fm%2Fu1bPo4El7u%2FZ7DJodyoywZKimLDe4K7gayU%2Bz1yQ%2BhA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4f39b474e62-FRA
expires: Thu, 03 Mar 2022 05:45:34 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 12ms
11ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42752
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:34 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
10 KB 10ms
10ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26873
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:34 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5154
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb76c3c00004aaf6a3fc000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s3i8B%2BmY0g%2Be1CxnpGWNUCgFnaDM1Y8znZLVdc%2BZ%2BxD%2FG2f6ph8ex1a7fycpVeigFXuIJLStcHnTFkPkvNygYKACoOzpaGk8U8POD7qGW7Pc6J6hXc4%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4f39d214aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

11ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
cf-cache-status: HIT
server: cloudflare
age: 132174
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4f46ca84db8-FRA
cf-request-id: 08cbb76cc600004db8988e3000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:34 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

750e9b9a41a0430f6b38829d2d3256a4b29e5793addd5d246c194644d24a658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39778
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:34 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 10ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 129ms
129ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

ab8408eff060b7107f809045c54c1d0a633340ad3fc6242a6636d5d3d1425596

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:34 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: a35caf2dd7baaecd3377d24de1f4f969
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 478da81927a3619cc38ab475224deca96c750b9e27ed42979a999fd1f1cc24fb

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:34 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.17.9
ETag: "604c517b-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:36 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1029
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 58ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 478da81927a3619cc38ab475224deca96c750b9e27ed42979a999fd1f1cc24fb

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:34 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:31 GMT
Server: nginx/1.17.9
ETag: "604c517b-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:36 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 1fxbayxx.ts
e10.espncdn.xyz/ingestx/887/caca/ Frame 1F13 0
0

GET
BLOB 200
OK 8f4324da-3c58-47b4-91da-aed4f53f1e56
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/8f4324da-3c58-47b4-91da-aed4f53f1e56
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 12ms
12ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb76d0d00002bdd5a9f8000000001
x-request-id: faf6a27118bf9f4ca87288a38311eef2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BLFuNV9UgnXXtiXYh4LgcuBI4oi6r2VA9kO56MuxTwyIS3z6P27pc65SMM4CGfhiy%2BaYcNj1vfABUEI04sh0LyK76jmo%2FZzvZagnHBcNQUtbxF%2FkJ2HOYFniTh0cjrQlGc2w8wXOlQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4f4ef032bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 170B 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614334000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

10ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:34 GMT
cf-cache-status: HIT
server: cloudflare
age: 132174
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4f5ae1c4db8-FRA
cf-request-id: 08cbb76d8e00004db8852fc000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:34 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 31ms
31ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:34 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 36ms
36ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/6/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 7eee89097f430ba9e59ddc1df04c1e60
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/1/ Frame 1F13 13 KB
6 KB 252ms
251ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/1/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/6/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff6e5c8dd31f813f32846654afd1b5be8e7a0ba9519388e94b6c29b92b11bb6

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/1/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/6/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/6/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7c7bed17e35852a91cfb40cafbc1fd3f1615614335; expires=Mon, 12-Apr-21 05:45:35 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: EXPIRED
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb77138000016f21bbd7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qG5NFq19HkOLtqIUII3eAkm4jCtS7N4DVh%2B8Oin5fSThqQUVo50qLu1%2BTnM9oHVyEZwfCPAQGqJIu7nIscz3JpRjwaIx1rmDSzqH3pFX1DBYpDm%2BmhPh"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f4fb8cee16f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614250
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb7723b00004e623f3d3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fD92QUm%2BvoqptOc95rg7yFiP7qW25%2FeVkudB8qOa199DNcJ3XSs7oOw0wEOm9O6lcySWBiB0xAnJA9mcoJBuhkthQ0Coabh%2BdXFUEWVZna0Y9T8CnviO9zMf1TpJfcp6aQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f4fd2cd54e62-FRA
expires: Thu, 03 Mar 2022 05:45:35 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 10ms
9ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42754
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 13ms
12ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26875
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5155
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7723b00004aaf72bd5000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qR6ov5w48ymuYniE%2BRPJLVoZggujkN%2FG6HsYx%2Blirly16VgvLZTDK8JzIDvXnjODgq%2Fz8UENya41l0nRWLGe%2BVcs37DojYfacTvXdup3pP%2BK1GLIjaw%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f4fd2eb14aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

11ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
cf-cache-status: HIT
server: cloudflare
age: 132175
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4fe0e804db8-FRA
cf-request-id: 08cbb772c800004db8cc991000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:35 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b556de37ef90394e4906c952c1465775cf077e6dc7d195055ba85fee68ece7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39775
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:35 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 11ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 134ms
134ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

d5333fd65b7e756b005190e096ea42c7bbf3c981ecc07e0c2f5c49bd3a1dcbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:35 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: a1a457b4bf51eff29436b12601d285e1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 58ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 40df245b985f89872908de0ee7961b6d590c5da3728779f6d3745f8817369221

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:35 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.17.9
ETag: "604c517e-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:37 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1030
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 40df245b985f89872908de0ee7961b6d590c5da3728779f6d3745f8817369221

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:35 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.17.9
ETag: "604c517e-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:37 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 0
0

GET
BLOB 200
OK a86a39a1-88b0-4884-8340-69a70a5aaec5
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/a86a39a1-88b0-4884-8340-69a70a5aaec5
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 13ms
12ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7730b00002bdd78973000000001
x-request-id: 6033d48c0e4bd108d4d30d56793097d2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TIyz5ctAwO6BoxwebKefe3iS0xtM3mPYRXyuQoI54TsV7hTv5u9kWHn1%2Bs%2BmoEgolq%2B7QiUi3QHDIx6HRMZKhWXF261rdzkxeB%2BOwq%2FWdKjsL4mFc3MEB3AF7I%2BF8GV%2F7pNsZ580Jg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f4fe7ebe2bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 53C6 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614335000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

14ms
13ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:35 GMT
cf-cache-status: HIT
server: cloudflare
age: 132175
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f4ff3fa04db8-FRA
cf-request-id: 08cbb7738800004db8a7a56000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:35 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 33ms
33ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:35 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:35 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 31ms
31ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/1/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:35 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 2f8db0199a1a65952f9b8baeb9c34677
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET /
google.com/ Frame 1F13 0
0

GET
H2 200 98482.html Show response
lowend.xyz/stream/2/ Frame 1F13 13 KB
5 KB 34ms
34ms Document
text/html 2606:4700:3035::6815:3fc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowend.xyz/stream/2/98482.html
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/1/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3fc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b909b049a9aa7663a3e5cccea141acc858d601d9967a4566966aaeb11a534fb4

Request headers

:method: GET
:authority: lowend.xyz
:scheme: https
:path: /stream/2/98482.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lowend.xyz/stream/1/98482.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: volume=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lowend.xyz/stream/1/98482.html

Response headers

date: Sat, 13 Mar 2021 05:45:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5136257d912141b26efe6bf7f4ba9d7c1615614336; expires=Mon, 12-Apr-21 05:45:36 GMT; path=/; domain=.lowend.xyz; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-proxy-cache: HIT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 08cbb77735000016f2f51e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B9SCqG%2FpZuTDlQZvb16t3gEpG0wYtRwRygDBgP1CR0kb2pCaIg1BXPMkcw8zEvwdAiz7K6mDvfCCf7TAywR2Qd5dY7nPl0qVZ2QMlnIdQrjpgmCUoxm4"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62f2f5052c5f16f2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 1F13 85 KB
27 KB 22ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://lowend.xyz
Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2614251
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 08cbb7775f00004e623b0f4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qcIkZWGBtNm7tVuyiZf0QLTGnpxEg3ibTD5f2bcheauvZ%2BzJwQBkdMKAftby6rkSvVJnBbm7wuASNIdP4a7XirXQpCSfvcW14LK30g9gr%2BD4QKYzuIUPGAPXUDjno7we7w%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62f2f5056e184e62-FRA
expires: Thu, 03 Mar 2022 05:45:36 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 11ms
10ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1F13 513 KB
138 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42755
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19152-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1F13 28 KB
9 KB 11ms
11ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26876
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9513
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
x-served-by: cache-fra19131-FRA, cache-hhn4073-HHN
date: Sat, 13 Mar 2021 05:45:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nwm-dbh.min3.js Show response
foxcdn.me/ Frame 1F13 11 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/nwm-dbh.min3.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5156
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7775e00004aaf5a912000000001
last-modified: Fri, 19 Jun 2020 20:18:52 GMT
server: cloudflare
etag: W/"5eed1dac-2b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5poMEfcbVG40J12fsPiMcwAU8LqOs9hl%2Fsfdxa%2Bmr9BUFU%2BgSK6CzT4BrUoknM7CkY%2FtWTjPmDRJ40JkstEkfcJFa54S1EIpc2o16Ow2rJcjxC%2Bk6A%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62f2f5056f0d4aaf-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
2 KB

10ms
10ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:37 GMT
cf-cache-status: HIT
server: cloudflare
age: 132177
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f5064ec84db8-FRA
cf-request-id: 08cbb777ef00004db882b38000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:36 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F13 99 KB
39 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b556de37ef90394e4906c952c1465775cf077e6dc7d195055ba85fee68ece7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39775
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 05:45:36 GMT

GET
H2 404 showads.js
foxcdn.me/ Frame 1F13 0
0 11ms
11ms Script
text/html 2606:4700:3032::ac43:d035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foxcdn.me/showads.js
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 15d6ce62d0f01528c7478f7446d71678.js Show response
barefootedenvy.com/15/d6/ce/ Frame 1F13 52 KB
17 KB 126ms
126ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Requested by

Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

d5333fd65b7e756b005190e096ea42c7bbf3c981ecc07e0c2f5c49bd3a1dcbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:37 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Request-ID: 587ede0cac5806fc1b739c62044ee561
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F13 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1031
date: Sat, 13 Mar 2021 05:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 07:28:25 GMT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 40df245b985f89872908de0ee7961b6d590c5da3728779f6d3745f8817369221

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:37 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.17.9
ETag: "604c517e-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:39 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET
H/1.1 200
OK master.m3u8 Show response
e10.espncdn.xyz/ingestnb4s/sportsbay/ Frame 1F13 758 B
1 KB 57ms
57ms XHR
application/vnd.apple.mpegurl 77.83.117.17
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e10.espncdn.xyz/ingestnb4s/sportsbay/master.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.83.117.17 , Russian Federation, ASN30860 (YURTEH-AS, UA),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: 40df245b985f89872908de0ee7961b6d590c5da3728779f6d3745f8817369221

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:37 GMT
Last-Modified: Sat, 13 Mar 2021 05:45:34 GMT
Server: nginx/1.17.9
ETag: "604c517e-2f6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Sat, 13 Mar 2021 05:45:39 GMT
Cache-Control: max-age=2, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 758
X-Proxy-Cache: HIT

GET 0fxbayxx.ts
e10.espncdn.xyz/ingestx/887/rata/ Frame 1F13 0
0

GET
BLOB 200
OK 562f9341-9f49-471b-854b-915fbab3e42e
https://lowend.xyz/ Frame 1F13 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lowend.xyz/562f9341-9f49-471b-854b-915fbab3e42e
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2 200 sfp.js Show response
pianistrefutationgoose.com/ Frame 1F13 49 KB
13 KB 13ms
12ms Script
application/javascript 2606:4700:e6::ac40:ce0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pianistrefutationgoose.com/sfp.js

Requested by

Host: barefootedenvy.com
URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: UPDATING
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08cbb7784c00002bdd83208000000001
x-request-id: f81f7842ec9fd77d634b80cdaa7bf092
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubdomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vl8papVveSe4HRNyanxCA%2F9t63Cj9c%2Fj0Ck4yoiQcUX4qDDZO9O36ccaNTqRGF7LivloI9AXEWvalCgeb7a0NXGdOYtK6iVYrPsWQ41lOYhqVSXo10UnVnQAiBkhBGVWnLBCqP04Lw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 62f2f506ef072bdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET espnlo.htm
foxcdn.me/ Frame 9125 0
0

GET
H2

200

/
widgets.amung.us/draw/ Frame 1F13
Redirect Chain

https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1615614337000
https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=

1 KB
1 KB

11ms
11ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
Requested by: Host: lowend.xyz
URL: https://lowend.xyz/stream/2/98482.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:45:37 GMT
cf-cache-status: HIT
server: cloudflare
age: 132177
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
content-disposition: filename=wau-widget.png
cf-ray: 62f2f507a8544db8-FRA
cf-request-id: 08cbb778ca00004db8eb22f000000001
expires: Fri, 12 Mar 2021 17:02:40 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=11600&c=000000ffffff&p=
date: Sat, 13 Mar 2021 05:45:37 GMT
cache-control: max-age=295
content-type: text/html; charset=UTF-8

GET /
google.com/ Frame 1F13 0
0

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ Frame 1F13 40 B
383 B 33ms
33ms XHR
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: pianistrefutationgoose.com
URL: https://pianistrefutationgoose.com/sfp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:37 GMT
Server: nginx/1.19.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://lowend.xyz
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Sat, 13 Mar 2021 05:45:37 GMT

GET
H/1.1 200
OK pxf.gif
payingnoodlescam.com/ Frame 1F13 1 B
425 B 40ms
40ms Image
image/gif 213.196.5.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://lowend.xyz/stream/2/98482.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Mar 2021 05:45:37 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 008587d2c3290b860aceb739d12f87ed
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: http://6.adsco.re/

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/caca/1fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/caca/1fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Domain: google.com
URL: https://google.com/

Domain: e10.espncdn.xyz
URL: https://e10.espncdn.xyz/ingestx/887/rata/0fxbayxx.ts

Domain: foxcdn.me
URL: https://foxcdn.me/espnlo.htm

Domain: google.com
URL: https://google.com/

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lowend.xyz/	1970-01-20 01:32:30	Name: volume Value: 0
www.redditmlbstream.ml/	1970-01-19 18:13:18	Name: adcashufpv3 Value: 8558370931699384980374092837
.www.redditmlbstream.ml/	1970-01-19 16:46:57	Name: __PPU_BACKCLCK_5087 Value: true

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://c.adsco.re/(Line 15) Message:
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear
console-api	log	URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://barefootedenvy.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js(Line 1) Message: console.clear
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://pianistrefutationgoose.com/sfp.js(Line 1) Message: console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.adsco.re
6.adsco.re
acscdn.com
adsco.re
ajax.googleapis.com
apis.google.com
barefootedenvy.com
betteradsystem.com
c.adsco.re
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
deloplen.com
e10.espncdn.xyz
extrafreetv.com
fonts.googleapis.com
fonts.gstatic.com
foxcdn.me
fworx4kprbnb.l4.adsco.re
fworx4kprbnb.n4.adsco.re
fworx4kprbnb.s4.adsco.re
google.com
lowend.xyz
masontotally.com
maxcdn.bootstrapcdn.com
newdmn.icu
onclickgenius.com
pagead2.googlesyndication.com
payingnoodlescam.com
pianistrefutationgoose.com
r.remarketingpixel.com
resources.blogblog.com
s10.histats.com
s4.histats.com
sb.scorecardresearch.com
st.chatango.com
ufpcdn.com
whos.amung.us
widgets.amung.us
www.betteradsystem.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.redditmlbstream.ml
4.adsco.re
6.adsco.re
e10.espncdn.xyz
foxcdn.me
google.com
104.108.64.33
162.252.213.208
162.252.214.5
185.200.116.90
185.200.118.90
192.243.59.12
192.99.13.63
199.232.137.44
208.93.230.24
213.196.2.1
213.196.5.1
2606:4700:10::ac43:88d
2606:4700:3032::ac43:d035
2606:4700:3033::6815:2798
2606:4700:3035::6815:3fc6
2606:4700:3035::ac43:a479
2606:4700:3037::ac43:8e31
2606:4700::6810:125e
2606:4700::6811:a6ba
2606:4700::6812:bcf
2606:4700:e6::ac40:ce0b
2a00:1450:4001:800::2009
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2009
2a00:1450:4001:813::2013
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a02:6ea0:c700::1
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:1b::621
35.190.71.96
37.0.123.31
38.132.109.186
46.105.201.240
67.202.114.216
77.83.117.17
81.171.10.215
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02aebdddafdbd538758d645bf59f86c2766c1661fc07f55751bfc644721235e7
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
09059e473b09dc519c7a4104d9536d61d320ca9a52d22ffb1cd5260aaf33ae27
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19aa63e219b763b350fe88dc4c93fa4dc5650c482d3c4fb7ef3e71cf81694625
2d15cc1d0251b72aa4eb1fc95543422ed34bac48f60f55616a14f3279a1e8f30
32834cb71ac963642e4986466e32ab77ae9e013cb83d2e184e6274f07ead65cf
3e358b1cda07b0d35905079c3fbc0f6757ab745d7330f3923a63481ac477ca86
40df245b985f89872908de0ee7961b6d590c5da3728779f6d3745f8817369221
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
478da81927a3619cc38ab475224deca96c750b9e27ed42979a999fd1f1cc24fb
4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082
4b292f8bdb59a90997d7fc0450602d2d2e4cea00a4ab984d6f4c6c6acc5e714b
4b63f22ab3c00ed2f0b7e1ee570ca119b2c1a0f9b29b64341c9cb6374478c648
4f8e08a6b807df3d73e4be067d375f9955d9e551abb8d5fe2948ecd1bfe61797
4fc6e84dc6afd7eb9da5fa5ad1531a16d9d26b533be61037328689840bf7eba7
5219a23c044715d4d84a43f48b5779469a30b175ec336a7184039eff4af671e9
5457ce5fedfcfdf05f8946d520460189cbdb7ba3a04e11d0a8930e5175de9796
55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d
57f3082a73b84b78b29e16d0d12c6f4de20da9b5aee1ecacd46612927e12fcf5
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5ff6e5c8dd31f813f32846654afd1b5be8e7a0ba9519388e94b6c29b92b11bb6
65b510106c0aa922459aed3ddaa8e1de97d01546c2ec14c5655f1a0e0cb4d2b7
6aac5a6ad54485584eb6c06fdac5570c702e2de3f028a752a54aba24e7fdfb67
6b453517c2e7cfa36bd4d9aec61fbee2e5dd84aedf5f10f8e60cabe211579d60
6c0973422df980f71f524bce17c58947f25ceba7fcaf4baae81c367c36b3ad6e
6db34dea2002b54d1f9dc9f2fb5a6c059e869715d68edb3091af8e3b73ce8caa
6e40adafa1cf6401bb29abb9f82d6f799466e2d9027eba2878545fff134a2721
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
750c34447d22c5eba678434c9ac047d9bf62c27cc5bef891b61907a500cbd80f
750e9b9a41a0430f6b38829d2d3256a4b29e5793addd5d246c194644d24a658d
789b3578a1a1f8691549770d470e8d8c5d643f584c5f3ec0456d6d2e77a31e99
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
87a0e0459fbdf0138f2a86315b6719df1d34bf27ceb48cc4d3894b6b9ffac715
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085
9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a6253fec9c91b5b446cff32a0594ea9f4eb5dffa7c3520bb185e2faee80f2486
a79bdc747e8370e986ed9aa9e79fde511b3e20fad77b6c715adb0d5630ed8c9c
ab8408eff060b7107f809045c54c1d0a633340ad3fc6242a6636d5d3d1425596
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b556de37ef90394e4906c952c1465775cf077e6dc7d195055ba85fee68ece7df
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b909b049a9aa7663a3e5cccea141acc858d601d9967a4566966aaeb11a534fb4
c00b71e4498e87066beea05152d189f159ce2309eae5809f67da3bc592c34584
c88348b45859649b36e45a0a2924a855a3ea1dad3d62ce4402264de2bad3d7c4
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
c9f072faa27e7dba0555c7e5ee40f96f89a1993b86a7be826912b7d457d25cae
cb5e43ddebdcc6fa9a7bcffc7f837e77f861565f813a47007ee61a68f6eed012
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce8bb0fffb6f880782f7c03f356e6c1e1b72a0812167b1590ef4b97365f5da00
d0f0833303c0b76784f9154233676698e456f56a40b2b764f43d85c4eae522c2
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d4b903b49a9bac41565131765d471c129972303302c9b40a57f53a324bfa2ae2
d5333fd65b7e756b005190e096ea42c7bbf3c981ecc07e0c2f5c49bd3a1dcbb9
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
db92f10df66ad7c6b2e5997ccfaa3e0243d49c5f2f956e5d3da94455f8f3d0d2
df6cafda121ebee9d84f6a82243fe71fc9e4024076de0d8a41032a9a7a9c5a52
e2b457964f3f3573af7144beaabd44c36656276123fb31e340dc7b8d198d4d06
e31c86e7c3e90db021185a8ca96ed8b10a1f12781f5b347baca2fbcd4710eaca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1e471a1549ac7118bdc8e9af53620444eb791185a1eddf6f38229714e7661f
ee69c8ff4640de2d875dd7bf187aafc4d2ed1c16f034a68cd6ea53dd45614dcd
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f4b70c4cd11d64db7c587fa68ed12651b684fe2e78a9a9d46812f89beb496acb
f6ebd7a9db6b3b5e0cb5c42f2ca24a20954700b03ec1ecbde10f09effc951679
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

www.redditmlbstream.ml Open in urlscan Pro 2a00:1450:4001:813::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

242 Requests

71 %HTTPS

59 %IPv6

35 Domains

47 Subdomains

43 IPs

8 Countries

3413 kBTransfer

11433 kBSize

3 Cookies

15 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.redditmlbstream.ml Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

71 %
HTTPS

59 %
IPv6

35
Domains

47
Subdomains

43
IPs

8
Countries

3413 kB
Transfer

11433 kB
Size

3
Cookies

242 HTTP transactions
0 data transactions