1stream.top Open in urlscan Pro
2606:4700:e6::ac40:c013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Submission: On January 30 via manual (January 30th 2022, 11:38:36 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 20 domains to perform 58 HTTP transactions. The main IP is 2606:4700:e6::ac40:c013, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1stream.top. The Cisco Umbrella rank of the primary domain is 576754.

This is the only time 1stream.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:e6:... 2606:4700:e6::ac40:c013	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:906f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.103.0 35.201.103.0	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:2efb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.190.50.89 35.190.50.89	15169 (GOOGLE) (GOOGLE)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1 1	18.156.16.63 18.156.16.63	16509 (AMAZON-02) (AMAZON-02)
2 2	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b6d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.21.12.16 216.21.12.16	53334 (TUT-AS) (TUT-AS)
58	25

5 2606:4700:e6::ac40:c013 (United States)

ASN13335 (CLOUDFLARENET, US)

1stream.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:906f (United States)

ASN13335 (CLOUDFLARENET, US)

uptimecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.103.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com

www.greatdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.visariomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2efb (United States)

ASN13335 (CLOUDFLARENET, US)

mcaril.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.50.89 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 89.50.190.35.bc.googleusercontent.com

www.predictivdisplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

g0v3pdclxbtt.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

g0v3pdclxbtt.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

g0v3pdclxbtt.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.16.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-16-63.eu-central-1.compute.amazonaws.com

sperans-beactor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.127.232.184 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlplatincasino.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:5::5f65:1b6d (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.platincasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.12.16 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-21-12-16.customer.totaluptime.net

visariomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	adsco.re c.adsco.re — Cisco Umbrella Rank: 15182 6.adsco.re — Cisco Umbrella Rank: 16216 4.adsco.re — Cisco Umbrella Rank: 17467 adsco.re — Cisco Umbrella Rank: 13596 g0v3pdclxbtt.l4.adsco.re g0v3pdclxbtt.n4.adsco.re g0v3pdclxbtt.s4.adsco.re	52 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	608 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	113 KB
5	1stream.top 1stream.top — Cisco Umbrella Rank: 576754	47 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	217 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	180 KB
3	predictivdisplay.com 2 redirects www.predictivdisplay.com — Cisco Umbrella Rank: 174061	3 KB
2	platincasino.com 1 redirects www.platincasino.com — Cisco Umbrella Rank: 147898	916 B
2	eacdn.com 2 redirects wlplatincasino.adsrv.eacdn.com — Cisco Umbrella Rank: 110194	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	visariomedia.com www.visariomedia.com — Cisco Umbrella Rank: 174066 visariomedia.com — Cisco Umbrella Rank: 135068	10 KB
2	greatdexchange.com www.greatdexchange.com — Cisco Umbrella Rank: 142649	5 KB
2	uptimecdn.com uptimecdn.com — Cisco Umbrella Rank: 459519	14 KB
1	sperans-beactor.com 1 redirects sperans-beactor.com — Cisco Umbrella Rank: 432494	648 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 361	1 KB
1	mcaril.com mcaril.com	8 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 32495	955 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680	16 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	31 KB
58	20

	Domain	Requested by
8	www.youtube.com	1stream.top www.youtube.com
5	1stream.top	1stream.top
4	cdn.jsdelivr.net	1stream.top
3	6.adsco.re	1stream.top c.adsco.re
3	www.predictivdisplay.com	2 redirects www.greatdexchange.com
3	c.adsco.re	www.visariomedia.com c.adsco.re
3	s7.addthis.com	1stream.top s7.addthis.com
3	fonts.gstatic.com	1stream.top www.youtube.com
2	www.platincasino.com	1 redirects www.predictivdisplay.com
2	wlplatincasino.adsrv.eacdn.com	2 redirects
2	adsco.re	c.adsco.re
2	4.adsco.re	1stream.top c.adsco.re
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.youtube.com
2	www.greatdexchange.com	1stream.top
2	uptimecdn.com	1stream.top uptimecdn.com
1	m.addthis.com	s7.addthis.com
1	visariomedia.com	www.visariomedia.com
1	sperans-beactor.com	1 redirects
1	g0v3pdclxbtt.s4.adsco.re	c.adsco.re
1	g0v3pdclxbtt.n4.adsco.re	c.adsco.re
1	g0v3pdclxbtt.l4.adsco.re	c.adsco.re
1	z.moatads.com	s7.addthis.com
1	mcaril.com	1stream.top
1	youradexchange.com	uptimecdn.com
1	www.visariomedia.com	1stream.top
1	www.googletagmanager.com	1stream.top
1	maxcdn.bootstrapcdn.com	1stream.top
1	ajax.googleapis.com	1stream.top
58	29

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.buymeacoffee.com
www.predictivdisplay.com
www.greatdexchange.com
www.addthis.com

Subject Issuer	Validity	Valid
greatdexchange.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
1178321474.rsc.cdn77.org R3	`2022-01-09` - `2022-04-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
predictivdisplay.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-02-18`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.l4.adsco.re R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.n4.adsco.re R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.s4.adsco.re R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
www.platincasino.com DigiCert SHA2 Extended Validation Server CA	`2021-07-27` - `2022-08-23`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Frame ID: 49557A0F5B0C0184159D40128EA5C7E5
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
Frame ID: 387194FEB0F421554CCFDDAE69357E18
Requests: 11 HTTP requests in this frame

Frame: https://www.platincasino.com/de/lp/ramses-book.html
Frame ID: B143BAEBF5F69835E3909D8FB3371895
Requests: 2 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: E552C654AC65A9CF093AD14EF01E29FE
Requests: 5 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0B8430715192147C75D78C42B691B51F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3134DF13DB98E29108E54CA8CE1E552F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Los Angeles Rams vs San Francisco 49ers Live StreamsFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Polymer (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

polymer\.js

AddThis (Widgets) Expand

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

58
Requests

59 %
HTTPS

54 %
IPv6

20
Domains

29
Subdomains

25
IPs

5
Countries

1361 kB
Transfer

5162 kB
Size

19
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v

Search URL Search Domain Scan URL

URL: https://www.buymeacoffee.com/1stream
Title: Pls consider donating to help us pay server costs, any amount is appreciated

Search URL Search Domain Scan URL

URL: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=5488803
Title: Go to website

Search URL Search Domain Scan URL

URL: https://www.greatdexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js HTTP 307
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js

Request Chain 8

http://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js HTTP 307
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js

Request Chain 9

http://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js HTTP 307
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js

Request Chain 10

http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP 307
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Request Chain 49

https://www.predictivdisplay.com/jump/next.php?stamat=m%257C%252C0t2OS43LqB1dQO0dEdHP3xP.b8e%252CS0kXXHXf2ck-DOZ9HRvwuLx0tBCmL2uLEOE4OYcRWIIYvUiQEA3FJ9axCGzuuW-gRHxXuo8zb_qvW_rNix91sw%252C%252C&cbur=0.2009568787457905&cbtitle=&cbiframe=1&cbWidth=1600&cbHeight=1145&cbdescription=&cbkeywords=&cbref=http%3A%2F%2F1stream.top%2F HTTP 302
https://www.predictivdisplay.com/script/i.php?stamat=m%257C%252C%252CgiJ6diESoGU3Bp-GH0dEdHP3xP.cb0%252Ct-X9MkstctzALM1PQqpA8c5pt8CxgC06wC17C9NNV0kFNkk21hkjhF2Fi6Av8u1Rbi7q3KiY6UoX9S10YfZUJRVPa6WdlGnwjbpTT19mYOCf-BahajahUEtOHrJAs4AJwLyb9SaKdlHN80us1Q3PAmRgZ4OZTUliQTKtGyNaIlwEPcfwPhjcaE8QpB3jYr6fS7taZLNT1FbmrkR7aPfLlmUpVrKX4j9zoQmAofhGBVpR066rxlmrdRSZfp0ZRuhvz4scXjm1iUQGvCmniS9bZFGGgnPaWIre756ytdXd9e4ci4S69NkYsChjT0Nhq0bBVxm5hXF6usTS1DjsHpYZnYIs4vU5e03P3-HRusEE-CIsdABLveKeJHkH8yMfbIBiBrb0nVCcIlRhNwKJnH75SPwMFWwCvW_Nk0e9u41CUXPx7pwDeR_lkdVbQAOP0MYTYUoQSY8Yku-QmBOk6tBpneM_a61bC0b-uAl2IS1FAm1m-qPfmZ6UiD4_1bSm-kG_4bz3yZzYBsxUg7kwiRuE_Q%252C%252C HTTP 302
https://sperans-beactor.com/a6788e8a-30c2-4af7-b40c-d061f5e67a2c?id=3018531-385667316-0&banner=23149528&ssp=Adcash&country=DE&cost=0.00225 HTTP 302
https://wlplatincasino.adsrv.eacdn.com/C.ashx?btag=a_6770b_166c_&affid=1027&siteid=6770&adid=166&c=20ram_AC_Windows_3018531-385667316-0_Chrome HTTP 302
https://wlplatincasino.adsrv.eacdn.com/C.ashx?btag=a_6770b_166c_&affid=1027&siteid=6770&adid=166&c=20ram_AC_Windows_3018531-385667316-0_Chrome&AutoR=1 HTTP 302
https://www.platincasino.com/de/lp/ramses-book.html?btag=a_6770b_166c_20ram_AC_Windows_3018531-385667316-0_Chrome&siteid=6770 HTTP 301
https://www.platincasino.com/de/lp/ramses-book.html

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request OTc3ODA2OTM= Show response
1stream.top/game/ 12 KB
7 KB 84ms
55ms Document
text/html 2606:4700:e6::ac40:c013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c013 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1c992076b8bbaf65c6b5f4ddaa8161e2f94d5930a48e1e253cf4e39f5106b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOWALL ALLOWALL SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 30 Jan 2022 23:38:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
pragma: no-cache public public
x-frame-options: ALLOWALL ALLOWALL SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff nosniff
x-cache: EXPIRED HIT
cache-control: public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWY0slKVmkcyVvbOrmexEuXj6aRJ6aeKv32T0uCWfdHHXYSDdeIaxttnYywNTrcKG%2F9jEWiZ4aCvhyf8G0%2Faa3uX3n5SonvWHg92sG9APKOwwf0SNlMrWX%2B4yr0NfFuBFYNW1236aXOoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d5e88c77a1a3749-MXP
Content-Encoding: gzip

GET
H/1.1 200
OK KqyVZyNqjytk7-TaCyLpJCzP748.js Show response
1stream.top/cdn-cgi/apps/head/ 5 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700:e6::ac40:c013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://1stream.top/cdn-cgi/apps/head/KqyVZyNqjytk7-TaCyLpJCzP748.js
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ad6c5993634e0d27d9825b0b7ad122a70d338ddf65b1682e260878e2b55abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1475277
CF-RAY: 6d5e88c7fadd3749-MXP
Connection: keep-alive
Content-Length: 1587
x-amz-id-2: b01MWk4HXH93PibarB+3GnMCdyrolQDGPwPpHRqOVkt4d6MW5HCYAdf62GC+rNg92svE2wKU5UA=
last-modified: Thu, 13 Jan 2022 21:49:59 GMT
Server: cloudflare
etag: "297a5e00c5bae0e5916d56c013fcc149"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyXrHCOIdrwJgIXzmDpKjY8mHhTZeTiNNO8XV76zb0Umqg1qdV%2FIIjPClD3dkgLldmiDcDxfm%2FpR2%2BxttxOmNl1kQu1MRJDltkHJqhUYZ2uMX6ymnhCUm7wEtuNZG5%2FWv4M31o7wlmfMZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JSSY2NK3N7V8P0NQ
cache-control: public, max-age=31536000
x-amz-version-id: k2dXiO76JGCjigyM5H51nBv0wSgzCGZ2
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK app.css
1stream.top/css/ 120 KB
20 KB 80ms
50ms Stylesheet
text/css 2606:4700:e6::ac40:c013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://1stream.top/css/app.css?v1.36

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c013 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f1675f22b71147129ff1187d078eb417e84ec257aee258d979d95497c0a8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL, ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 8728447
Transfer-Encoding: chunked
x-cache: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sat, 16 Oct 2021 10:35:57 GMT
Server: cloudflare
x-frame-options: ALLOWALL, ALLOWALL
etag: W/"616aab0d-1e041"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVE1vzJUvN4GDArnDLSlrSpqGBdvuQdAIpJbzyAgY1eYPjVuCfztiZEJyr4in1t1rPPIpwnhZM2o9z%2B0NYqF9b6tLDRCGTh8%2BuZsMWi4mTxirgMpNdJrtho202Y0JsMbb9TXXzGBHelw8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: public, max-age=315360000
CF-RAY: 6d5e88c83c5b83a2-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK su.js Show response
uptimecdn.com/script/ 24 KB
8 KB 58ms
31ms Script
text/javascript 2606:4700:3032::ac43:906f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uptimecdn.com/script/su.js
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:906f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a97a9799bba7cbaca2ff35b43daaef3ac0c679ba39a90df166c39aad65bea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=ZIf5+A==, md5=dlpQ4Y21vcO630MECDTCKg==
Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2789
x-guploader-uploadid: ADPycdtfMThJNq9EurGEUc7LrWAI5BZ97BWCmwarF8hfvmlYiO2Ts2k55KDiS5DHoWdmYqH9YCgheA9b2EiDOSL5JR5ow7FkhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:10 GMT
Server: cloudflare
etag: W/"765a50e18db5bdc3badf43040834c22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S1xEiJxHMVeQ8ny4eYa9ZV%2FVfSUFSJbaVFWWLTTXcTi7XNtZe5i3ubsXCwJ%2FhcJNMi3QNF%2FctURtS3s6%2BvdkYYPALcEpwLsrVXwMcyuWJvYco%2F%2BuPLu61vo5yXv1CLVZdjI5%2FaF5iNDw1ww"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417370397478
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 24244
CF-RAY: 6d5e88c82ff283b5-MXP
expires: Sun, 30 Jan 2022 23:43:36 GMT

GET
H/1.1 200
OK invisible.js Show response
1stream.top/cdn-cgi/challenge-platform/h/b/scripts/ 42 KB
15 KB 53ms
52ms Script
text/javascript 2606:4700:e6::ac40:c013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://1stream.top/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1290b5e84a4f11bc28ed76c65cab6716bd53ecbc7db4d5393aa243b4e940a402

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3szavDhtTRd2rv3iQXCHcq3fwbIiUWjxy0R1bs24hnORnMyw26871juc3lZ1u8XxwJzfShR8oJyphOg1DcxQvPyhGW2bPgPVOHCyL8bSOmiYI7%2BfvWMhTgxQH4G%2BfkBIZJ7kQ2iRz7Y4%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Cache-Control: max-age=604800, public
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 6d5e88c89cfc83a2-MXP

GET
H2 200 display.php Show response
www.greatdexchange.com/a/ 12 KB
5 KB 175ms
146ms Script
application/javascript 35.201.103.0
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatdexchange.com/a/display.php?r=5488803
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.103.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: a904a0e2ce8ff4fe808480e56bd8daf0fb477360bd4facd7423696c4c2f8ed6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <www.predictivdisplay.com>; rel=dns-prefetch,<www.predictivdisplay.com>; rel=preconnect,<www.greatdexchange.com>; rel=dns-prefetch,<www.greatdexchange.com>; rel=preconnect
via: 1.1 google

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 14:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 14:26:58 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
16 KB 83ms
39ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 24449168
cdn-cachedat: 2021-04-22 23:58:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 100715a76eb3db53f13f8c01e5fd8bf8
cf-ray: 6d5e88c83931d618-MXP
cdn-requestcountrycode: IT
cdn-requestpullsuccess: True

GET
H2

200

clappr.min.js Show response
cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/
Redirect Chain

http://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js

456 KB
124 KB

82ms
41ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8391041
x-jsd-version: 0.4.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-mxp6974-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"72005-xDPIgqHJfOeFuHY26QsUErnjK9w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d5e88c838323744-MXP

Redirect headers

Location: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.0/dist/clappr.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

hlsjs-p2p-engine.min.js Show response
cdn.jsdelivr.net/npm/cdnbye@latest/dist/
Redirect Chain

http://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js

163 KB
44 KB

73ms
32ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680590dfcada501650a7b718d6fe7eae308d622e86899a0eb0b83cd218cd086d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4986
x-jsd-version: 1.19.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19136-FRA, cache-mxp6931-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"28cea-z9USC+u5VvuYQjrJubFx5swkwNI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5e88c838363744-MXP

Redirect headers

Location: https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

clappr-plugin.min.js Show response
cdn.jsdelivr.net/npm/cdnbye@latest/dist/
Redirect Chain

http://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js

3 KB
2 KB

70ms
30ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75bd806cedfbb8345056d85741118c48d3d54b910410e9845a4f8d5073eeb558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39210
x-jsd-version: 1.18.3
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-mxp6976-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"b7a-xrHVogjSh9UgCA6avhjMzbTd9uk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5e88c838373744-MXP

Redirect headers

Location: https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/
Redirect Chain

http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

30 KB
10 KB

80ms
40ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18815
x-jsd-version: 0.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA, cache-mxp6920-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d5e88c8383a3744-MXP

Redirect headers

Location: https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Non-Authoritative-Reason: HSTS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 43ms
16ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-210385268-1

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9b747c003850a625a473d1749494f036e24cc69a4b5e0f1e55af35ea59450ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36110
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Jan 2022 23:38:31 GMT

GET
H/1.1 200
OK pl1nKzgY_sHPVMiXgweyMHxx7Jc.js Show response
1stream.top/cdn-cgi/apps/body/ 3 KB
2 KB 25ms
25ms Script
application/javascript 2606:4700:e6::ac40:c013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://1stream.top/cdn-cgi/apps/body/pl1nKzgY_sHPVMiXgweyMHxx7Jc.js
Requested by: Host: 1stream.top
URL: http://1stream.top/cdn-cgi/apps/head/KqyVZyNqjytk7-TaCyLpJCzP748.js
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0159be911a3733ddc03b8fb0ab0c218eea534e2940d31d7aad85437d26b264bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1475277
CF-RAY: 6d5e88c89c0d3749-MXP
Connection: keep-alive
Content-Length: 1053
x-amz-id-2: rVVuBtOh+2aY3iPVvZuDph5jzNsdx6rDW0T9VUJ/tlk7P88gy1F2hVKtnBcoJajAQAYUK67H7Ks=
last-modified: Thu, 13 Jan 2022 21:49:59 GMT
Server: cloudflare
etag: "ec791aa25f31e08efe00fbdbd871d673"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bykpJ1QJenv1UToGL1rI1RJQm7Px8KExvBVC9AuPiJdDofJ2jpP5FcHhN571Mj6eohkLnyHlopsnkyJAs%2B%2FP%2F9fYGg08xsP2HI5SjDvrr1GLoHWiu2sWZ%2BZhuDx6x7ltpmjoCOjecEB11w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JSSQ0DEW8FMNM6A0
cache-control: public, max-age=31536000
x-amz-version-id: u31ksenCz.CCXstfd81rvTb6Z1zjE3w1
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ut.js Show response
uptimecdn.com/script/ 15 KB
6 KB 31ms
30ms Script
text/javascript 2606:4700:3032::ac43:906f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uptimecdn.com/script/ut.js?cb=1643585911117
Requested by: Host: uptimecdn.com
URL: http://uptimecdn.com/script/su.js
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:906f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=pSNYBg==, md5=kgSAZFBHwrKCoEisuF+d8w==
Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdv_C6h6xEUjt6QCTV79PUK1bC2cYhPDVLocD_QxOtTxyu1YckCF09iVz54htze2oe2cshBMDWtBNvhBy7hNLarnSIzW3w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:11 GMT
Server: cloudflare
etag: W/"920480645047c2b282a048acb85f9df3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1dZvIcWWAAlS%2FjZHysKyHIvnm8SyatWKcNEwiNqjKON6zvLFvEwH8o2TZwiX9wooMCIonqFPfRp93Hrq%2BdMhMKOGaZtX5sAjColRfpMYlHPhGOsFt9oqUvEV7YeVAylcQqGsnVsUJl7AB3k"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417371100027
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 15242
CF-RAY: 6d5e88c898c483b5-MXP
expires: Mon, 31 Jan 2022 00:28:59 GMT

GET
H2 200 django.min.js Show response
www.visariomedia.com/ 30 KB
9 KB 69ms
13ms Script
application/x-javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visariomedia.com/django.min.js
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 27ba00ab6782867d406cc644159831a1d98b4f46d45f683c851cea62715b001a

Request headers

Referer: http://1stream.top/
Origin: http://1stream.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 442303
alt-svc: quic="195.181.174.5:443"; ma=2592000; v="44,43,39"
x-77-nzt: AcO1rgULRD3/v78GAA==
x-accel-expires: @1643748408
server: CDN77-Turbo
x-77-nzt-ray: dQzSzsxJA5A=
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://visariomedia.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Tue, 01 Feb 2022 20:46:48 GMT

GET
H2 200 live_chat Show response
www.youtube.com/ Frame 3871 33 KB
12 KB 58ms
29ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Requested by

Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93ac92a2eccc95ae3c4225bc90475c9fbc4596d4927950fb9a1720b5914b4305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 30 Jan 2022 23:38:31 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 16 KB
16 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v12/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: 1stream.top
URL: http://1stream.top/css/app.css?v1.36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1stream.top/
Origin: http://1stream.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 05:51:10 GMT
x-content-type-options: nosniff
age: 409641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:10:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 05:51:10 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v12/ 15 KB
16 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: 1stream.top
URL: http://1stream.top/css/app.css?v1.36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1stream.top/
Origin: http://1stream.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:13:00 GMT
x-content-type-options: nosniff
age: 451531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:13:00 GMT

GET
H2 200 scheduler.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/scheduler.vflset/ Frame 3871 11 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/scheduler.vflset/scheduler.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

054eca41c579eba5ab3bc6178d4233b93b3cf3c07cc255cab058c5b542f78b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4315
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 network.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/network.vflset/ Frame 3871 14 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/network.vflset/network.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b697e04adcdd308c9847e240b4b46238cccdb45abfe29df67ee047599048d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5270
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 web-animations-next-lite.min.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/web-animations-next-lite.min.vflset/ Frame 3871 50 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33969309a95931dc4ee07ece3d6746506f75b47ef8195507f27b75dd809c8976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15162
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 custom-elements-es5-adapter.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/custom-elements-es5-adapter.vflset/ Frame 3871 2 KB
857 B 12ms
11ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7d917c2b6c623303031bea937e93467fb4cd02721bb1bfa10c7ad3ab4edc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 793
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 webcomponents-sd.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/webcomponents-sd.vflset/ Frame 3871 72 KB
21 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5697019bfc0f593db1604ddf8360eca14f08c213338dda6d0c10ee0b3da62b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21614
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 intersection-observer.min.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/intersection-observer.min.vflset/ Frame 3871 5 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2090
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 15:04:12 GMT

GET
H2 200 lottie_light.js Show response
www.gstatic.com/external_hosted/lottie/ Frame 3871 145 KB
36 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/lottie/lottie_light.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6c6c88f646afcae961eeba23c721d488fa1c3cc1596f6bdcc9d216d523ad0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35947
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 30 Jan 2022 23:38:31 GMT

GET
H2 200 live_chat_polymer.js Show response
www.youtube.com/s/desktop/ca9cd554/jsbin/live_chat_polymer.vflset/ Frame 3871 3 MB
547 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/desktop/ca9cd554/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f9cf758a6b71ec169b04d078485bbfe224c7ca612e5af4c6e03abfea20c4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 20:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560145
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 02:14:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Jan 2023 20:16:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3871 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/live_chat?is_popout=1&v=gC_GoI-_kNI&embed_domain=1stream.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 476426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 70ms
9ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: 1stream.top
URL: http://1stream.top/cdn-cgi/apps/body/pl1nKzgY_sHPVMiXgweyMHxx7Jc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 30 Jan 2022 23:38:31 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK suurl4.php Show response
youradexchange.com/script/ 894 B
955 B 198ms
183ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/suurl4.php?r=5488795&cbur=0.6624774400235662&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Los%20Angeles%20Rams%20vs%20San%20Francisco%2049ers%20Live%20Streams&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0
Requested by: Host: uptimecdn.com
URL: http://uptimecdn.com/script/su.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 83fde8e0ea7bac2c3c670b4d07b9406700ff2a41e5a85de0ba6373e4fa93a986

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-210385268-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 217
date: Sun, 30 Jan 2022 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 01:34:54 GMT

GET
H/1.1 200
OK su.js Show response
mcaril.com/script/ 24 KB
8 KB 56ms
30ms Script
text/javascript 2606:4700:3036::6815:2efb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mcaril.com/script/su.js
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:2efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a97a9799bba7cbaca2ff35b43daaef3ac0c679ba39a90df166c39aad65bea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=ZIf5+A==, md5=dlpQ4Y21vcO630MECDTCKg==
Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2295
x-guploader-uploadid: ADPycdvHuEPU_65b_MXUfDu88nKWTF6QoibhexVyFbocgWXX1BpSYliGyb4LlALz1RKVbNtxmLeKYOeY9ynr5FGE-RqChgYyaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:10 GMT
Server: cloudflare
etag: W/"765a50e18db5bdc3badf43040834c22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqbzSAHGdL10WI6z89wocnhGuPW75yOrsaHxKT4dii5mlQ2R6IgcxUeqEGeBscrohgbugUfy0EzBkoM3ILSOlNTCJ%2F5%2FV5laHU9uwjb1Q5UpEFLJRWjdIp0KIXOJNa0i1sGzQWVcD3nZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417370397478
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 24244
CF-RAY: 6d5e88c9dd575a3d-MXP
expires: Sun, 30 Jan 2022 23:01:09 GMT

GET
H2 200 / Show response
c.adsco.re/ 62 KB
22 KB 77ms
29ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.visariomedia.com
URL: https://www.visariomedia.com/django.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5085579
etag: W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 6d5e88ca0e7a59a1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 02 Mar 2022 23:38:31 GMT

GET
H2 200 next.php Show response
www.predictivdisplay.com/jump/ Frame B143 7 KB
3 KB 157ms
121ms Document
text/html 35.190.50.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=5488803
Requested by: Host: www.greatdexchange.com
URL: https://www.greatdexchange.com/a/display.php?r=5488803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.50.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: a0bb899f3931ce7fcd6807190f9607c39e880acaa8bfe1684970bbdc03c89f2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/

Response headers

server: openresty
date: Sun, 30 Jan 2022 23:38:31 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 i.php
www.greatdexchange.com/script/ 0
61 B 133ms
132ms Image
text/plain 35.201.103.0
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greatdexchange.com/script/i.php?stamat=m%257C%252C%252CwidndjM2tGU3Bf9GH0dEdHP3xP.d1f%252CWHaGFW8nSLDnzsEtCdQDpZvNg2g1vTVEQg6fQwOCSrCCiNwsF3Xji9S9zspN_Tj0oLvCzaFYSISSHtDrhtcGRWqeYWAxHoFzhY2AxSQfX4lOVHEvsv_7lwrFH9xVT4zsidtPGGpMD7-dyIvf8_0zPsXozCC5IDax0J1Tds2ACFX5anC1WsN5aYKWm1IfAVo2F_IOM9ZYQ6pAMqWpvYNoGLBhd6c39VarfcSnAgaYxIhD_Ulw78IgA64ls1_6C8flIJ4dLcTjYSCUEuFFR2A3poM8tNMIfTZNs3iY6otWdO2gjF8-XWxEVFaFxpA563dnKmT6XNF5RWTPLn53U99CclXKc5KEESj94rya3DOhfIFCL1XZU4pip3NJfN__SsJB-nu02UZtpzT5dYI8ks7zuMGOMrXool1x9VjCHJDU1pC3fW3nYG3DNwCFs0RAl4nt
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 0.103.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 30 Jan 2022 23:38:31 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame 3871 85 KB
30 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/desktop/ca9cd554/jsbin/live_chat_polymer.vflset/live_chat_polymer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e021b66f33bc19ac21a4347919fc78660de755b1da38ffc458d134fb223a5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31061
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 17:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 00:10:41 GMT

GET
H2 200 /
6.adsco.re/ 0
419 B 78ms
30ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Origin: http://1stream.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://1stream.top
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 6d5e88cb592a59fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
456 B 90ms
31ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Origin: http://1stream.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://1stream.top
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=92036984&t=pageview&_s=1&dl=http%3A%2F%2F1stream.top%2Fgame%2FOTc3ODA2OTM%3D%3Fsport%3Damerican-football&ul=en-us&de=UTF-8&dt=Los%20Angeles%20Rams%20vs%20San%20Francisco%2049ers%20Live%20Streams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1293207119&gjid=1835168073&cid=1370385329.1643585912&tid=UA-210385268-1&_gid=1863616454.1643585912&_r=1&gtm=2ou1q0&z=81474887

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://1stream.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 23:38:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://1stream.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 123ms
41ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:31 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41024
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

POST
H/1.1 200
OK p Show response
adsco.re/ 0
419 B 131ms
112ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK nyc124
Access-Control-Allow-Origin: http://1stream.top
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
456 B 137ms
118ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 8b3844213f74337dabb55592ee622928b59d7357940d7cc194eb1127c7717f40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://1stream.top
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 69 B
597 B 56ms
34ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499f89de4c9ac3e71b9713e888d44c5e5ebbc2c5a6de4bdeddd7b2881612c104

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://1stream.top
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d5e88cb8d53d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
g0v3pdclxbtt.l4.adsco.re/ 0
464 B 120ms
40ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://g0v3pdclxbtt.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
g0v3pdclxbtt.n4.adsco.re/ 0
464 B 477ms
88ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://g0v3pdclxbtt.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Jan 2022 23:38:32 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
g0v3pdclxbtt.s4.adsco.re/ 0
464 B 1706ms
167ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://g0v3pdclxbtt.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1stream.top/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Jan 2022 23:38:33 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame E552 62 KB
25 KB 62ms
38ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Wed, 02 Mar 2022 23:38:31 GMT
ETag: W/"2Ma3006J78KgzL0RD+7gUg=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 5085189
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d5e88cb9cee59b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
34ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 30 Jan 2022 23:38:31 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK /
6.adsco.re/ Frame E552 0
596 B 54ms
54ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: 1stream.top
URL: http://1stream.top/game/OTc3ODA2OTM=?sport=american-football
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d5e88cc0df0d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /
4.adsco.re/ Frame E552 0
0

GET
H2

200

ramses-book.html
www.platincasino.com/de/lp/ Frame B143
Redirect Chain

https://www.predictivdisplay.com/jump/next.php?stamat=m%257C%252C0t2OS43LqB1dQO0dEdHP3xP.b8e%252CS0kXXHXf2ck-DOZ9HRvwuLx0tBCmL2uLEOE4OYcRWIIYvUiQEA3FJ9axCGzuuW-gRHxXuo8zb_qvW_rNix91sw%252C%252C&cbu...
https://www.predictivdisplay.com/script/i.php?stamat=m%257C%252C%252CgiJ6diESoGU3Bp-GH0dEdHP3xP.cb0%252Ct-X9MkstctzALM1PQqpA8c5pt8CxgC06wC17C9NNV0kFNkk21hkjhF2Fi6Av8u1Rbi7q3KiY6UoX9S10YfZUJRVPa6Wdl...
https://sperans-beactor.com/a6788e8a-30c2-4af7-b40c-d061f5e67a2c?id=3018531-385667316-0&banner=23149528&ssp=Adcash&country=DE&cost=0.00225
https://wlplatincasino.adsrv.eacdn.com/C.ashx?btag=a_6770b_166c_&affid=1027&siteid=6770&adid=166&c=20ram_AC_Windows_3018531-385667316-0_Chrome
https://wlplatincasino.adsrv.eacdn.com/C.ashx?btag=a_6770b_166c_&affid=1027&siteid=6770&adid=166&c=20ram_AC_Windows_3018531-385667316-0_Chrome&AutoR=1
https://www.platincasino.com/de/lp/ramses-book.html?btag=a_6770b_166c_20ram_AC_Windows_3018531-385667316-0_Chrome&siteid=6770
https://www.platincasino.com/de/lp/ramses-book.html

0
0

47ms
47ms

Document
text/html

2a02:26f0:1700:5::5f65:1b6d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.platincasino.com/de/lp/ramses-book.html

Requested by

Host: www.predictivdisplay.com
URL: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=5488803

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b6d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=5488803

Response headers

content-type: text/html; charset=UTF-8
cache-tag: html
x-frame-options: SAMEORIGIN
x-akamai-transformed: 9 - 0 pmb=mTOE,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, must-revalidate, max-age=0
expires: Sun, 30 Jan 2022 23:38:32 GMT
date: Sun, 30 Jan 2022 23:38:32 GMT
content-length: 20012

Redirect headers

content-type: text/html
content-length: 162
location: https://www.platincasino.com/de/lp/ramses-book.html
expires: Sun, 30 Jan 2022 23:38:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 30 Jan 2022 23:38:32 GMT

GET
H/1.1 200
OK /
c.adsco.re/ Frame E552 25 KB
0 54ms
54ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 23:38:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 5085189
ETag: W/"2Ma3006J78KgzL0RD+7gUg=="
Vary: Accept-Encoding
Content-Type: text/html
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d5e88cc1e2359b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Wed, 02 Mar 2022 23:38:31 GMT

GET /
6.adsco.re/ Frame E552 0
0

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
863 B 117ms
116ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 99e4b4c513475b2c80f72ae5eb107919c28196f160d7029654f2dda59fd3751e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

AS-P-G: OK
Date: Sun, 30 Jan 2022 23:38:32 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK nyc124
Access-Control-Allow-Origin: http://1stream.top
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK EcqTSA.htm Show response
visariomedia.com/ 44 B
277 B 161ms
126ms Script
text/javascript 216.21.12.16
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://visariomedia.com/EcqTSA.htm?_=BAoAYfcheAFh9yF4gAGBAsAAIHr-tMI3Zbd7SJIQtFrosTYCQRu9fBpD6JDHAWAysF2lwQBHMEUCIHPNIX-GcNYTM5Xh1CMIKsj6yFUlx_YHtONH3S1dddwMAiEAl7jFMHcT6aaGoq6OWKmSLO8f8dot9i7op1GRGZoIiVzCACAQTsxIOCAR8648JBQQIfxw0Z04AtKNV5urZ6_a5MiItMQAECABCsgAIDoAEBGu0v5tuG_FABAxSn8MUrNRzXfzACLtvwXVwwBHMEUCIQCywwbqAcGn3NvXBWPFFwrhvgVm7W0hDr2ZfEdqFiUNfAIgeaOwtU1aOYwHB5Goc9CRpuu-t3LZKbB7pQ5y_P-vWoc&v=4&vCIJZfEk=4689530&minBid=&UDchoMit=0,0&KjCtSNBH=&FcHwSRfK=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.visariomedia.com
URL: https://www.visariomedia.com/django.min.js
Protocol: HTTP/1.1
Server: 216.21.12.16 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: 216-21-12-16.customer.totaluptime.net
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 23:38:32 GMT
asf: 9
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
popads-ec: ASB
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 44

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 186ms
163ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f72177eabd1396&bkl=0&bl=1&pdt=332&sid=61f72177eabd1396&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=1stream.top&fp=game%2FOTc3ODA2OTM%3D%3Fsport%3Damerican-football&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1643585912596&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22CloudFlare%22%2C%22plugin_name%22%3A%22addthis-cloudflare-plugin%22%2C%22plugin_version%22%3A%221.0.0%22%2C%22plugin_mode%22%3A%22CloudFlare%22%7D&jsl=1&uvs=61f72177dac4d273000&skipb=1&callback=addthis.cbs.jsonp__55787397823396430
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e6c7fb63166c34ed90f895aa03cfd9084432e4da06b236eaf426422804bb081

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 23:38:32 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0B84 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 3134 71 KB
26 KB 11ms
10ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 30 Jan 2022 23:38:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1stream.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: 6.adsco.re
URL: http://6.adsco.re/

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1stream.top/	1970-01-20 00:33:13	Name: XSRF-TOKEN Value: eyJpdiI6IklJeXgrOVRjMERCbkd3UXZ4ODJpK0E9PSIsInZhbHVlIjoickV2NVBkS0lXdnlRRDF3elRyVVBSWitWZHpwOU92VGtQb0hTTEFEbVptNTdFeFwvWmowYjkyd1VnR3NMU253M3AiLCJtYWMiOiJmM2I4YjhjZDQ3NWNmMzk2NzY2ZDk3YzE4NTlhMTg3NjQ2OWFjMDk0MzY3NWI2YjEwNmY3MGMyZGJlMWMwYTdhIn0%3D
1stream.top/	1970-01-20 00:33:13	Name: _session Value: eyJpdiI6InduMXQxdGsxRmx4RTNJMnZKbStiNFE9PSIsInZhbHVlIjoiYkc1ajMwQVVSdUc2ckt1VWZndE5hSFh1K3VaSFZpVThQZHJ1b1Jtam5qZjlQYzRPR3p2WVg1S05tbndqbENRMyIsIm1hYyI6IjkwZGE5NTM5OTg1MmQ0ZmNhMWYwM2JiZTczZGY3ZmE2OGIyYjZjMGJmYWFlMTdmNTZiM2NmNmNmMTI3OGMwMzgifQ%3D%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KUWc_CPHfM0
.1stream.top/	1970-01-20 18:04:17	Name: _ga Value: GA1.2.1370385329.1643585912
.1stream.top/	1970-01-20 00:34:32	Name: _gid Value: GA1.2.1863616454.1643585912
.1stream.top/	1970-01-20 00:33:05	Name: _gat_gtag_UA_210385268_1 Value: 1
1stream.top/	1970-01-20 00:33:31	Name: a Value: 5FG9XhLNxH6qsFXGURJnHOnLlpB95JWa
1stream.top/	1970-01-20 00:33:27	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYfcheAFh9yF4gAGBAsAAIHr-tMI3Zbd7SJIQtFrosTYCQRu9fBpD6JDHAWAysF2lwQBHMEUCIHPNIX-GcNYTM5Xh1CMIKsj6yFUlx_YHtONH3S1dddwMAiEAl7jFMHcT6aaGoq6OWKmSLO8f8dot9i7op1GRGZoIiVzCACAQTsxIOCAR8648JBQQIfxw0Z04AtKNV5urZ6_a5MiItMQAECABCsgAIDoAEBGu0v5tuG_FABAxSn8MUrNRzXfzACLtvwXVwwBHMEUCIQCywwbqAcGn3NvXBWPFFwrhvgVm7W0hDr2ZfEdqFiUNfAIgeaOwtU1aOYwHB5Goc9CRpuu-t3LZKbB7pQ5y_P-vWoc
.sperans-beactor.com/	1970-01-20 00:34:32	Name: a6788e8a-30c2-4af7-b40c-d061f5e67a2c-v4 Value: dzWjj1qONpjfbd1yY08Tt2lX4MuOIZuOqRJ3WNiv3Aw
.sperans-beactor.com/	1970-01-20 09:18:41	Name: cc-v4 Value: 9IYzVJP4FUbj1%2FP1InYB9PflsAkwAYxNvMJ1K39f1CrFHpyaBeuvnThVMbzCrxSQ36uvh7cHAZi4NEuSj06KapYeI0jgFJOPc3RmYohs6IbwKDjo7fGjIQDbhT%2BoOdQfGeCPlE68KA0s1cGmX4U1nA%3D%3D
wlplatincasino.adsrv.eacdn.com/	1978-01-11 21:31:40	Name: CEK Value: a
1stream.top/	1970-01-20 00:33:27	Name: _popprepop Value: 1
wlplatincasino.adsrv.eacdn.com/	1970-01-20 02:42:41	Name: XYZ Value: 120&4&148&&&&0&1&&bada1582-b4af-4286-9ede-4bc2a4af268e&&a_6770b_166&
wlplatincasino.adsrv.eacdn.com/	1970-01-20 02:42:41	Name: A_166 Value: a=166&r=0&fv=0&lv=0&vc=0&fc=20220130&lc=20220130113832&cc=1
wlplatincasino.adsrv.eacdn.com/	1970-01-20 02:42:41	Name: PM_2 Value: c=20ram_AC_Windows_3018531-385667316-0_Chrome&s=6770&ad=166&md=0&pm=2&d=20220130233832&ip=3644888862&r=0&ref=
1stream.top/	1970-01-20 10:03:20	Name: __atuvc Value: 1%7C5
1stream.top/	1970-01-20 00:33:07	Name: __atuvs Value: 61f72177dac4d273000
.addthis.com/	1970-01-20 10:03:20	Name: uvc Value: 1%7C5
.addthis.com/	1970-01-20 10:03:20	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.platincasino.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOWALL ALLOWALL SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1stream.top
4.adsco.re
6.adsco.re
adsco.re
ajax.googleapis.com
c.adsco.re
cdn.jsdelivr.net
fonts.gstatic.com
g0v3pdclxbtt.l4.adsco.re
g0v3pdclxbtt.n4.adsco.re
g0v3pdclxbtt.s4.adsco.re
m.addthis.com
maxcdn.bootstrapcdn.com
mcaril.com
s7.addthis.com
sperans-beactor.com
uptimecdn.com
visariomedia.com
wlplatincasino.adsrv.eacdn.com
www.google-analytics.com
www.googletagmanager.com
www.greatdexchange.com
www.gstatic.com
www.platincasino.com
www.predictivdisplay.com
www.visariomedia.com
www.youtube.com
youradexchange.com
z.moatads.com
4.adsco.re
6.adsco.re
s7.addthis.com
162.252.214.5
18.156.16.63
184.30.24.121
185.200.116.90
185.200.118.90
2.18.235.40
216.21.12.16
2606:4700:3032::ac43:906f
2606:4700:3036::6815:2efb
2606:4700::6810:5914
2606:4700::6811:a7ba
2606:4700::6812:acf
2606:4700:e6::ac40:c013
2a00:1450:4001:803::2003
2a00:1450:4001:809::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a02:26f0:1700:5::5f65:1b6d
2a02:6ea0:c700::11
35.190.41.116
35.190.50.89
35.201.103.0
38.132.109.186
40.127.232.184
0159be911a3733ddc03b8fb0ab0c218eea534e2940d31d7aad85437d26b264bf
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
054eca41c579eba5ab3bc6178d4233b93b3cf3c07cc255cab058c5b542f78b88
0a7d917c2b6c623303031bea937e93467fb4cd02721bb1bfa10c7ad3ab4edc4f
1290b5e84a4f11bc28ed76c65cab6716bd53ecbc7db4d5393aa243b4e940a402
1e021b66f33bc19ac21a4347919fc78660de755b1da38ffc458d134fb223a5bc
24ad6c5993634e0d27d9825b0b7ad122a70d338ddf65b1682e260878e2b55abd
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
26f1675f22b71147129ff1187d078eb417e84ec257aee258d979d95497c0a8ac
27ba00ab6782867d406cc644159831a1d98b4f46d45f683c851cea62715b001a
33969309a95931dc4ee07ece3d6746506f75b47ef8195507f27b75dd809c8976
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6c7fb63166c34ed90f895aa03cfd9084432e4da06b236eaf426422804bb081
3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9
499f89de4c9ac3e71b9713e888d44c5e5ebbc2c5a6de4bdeddd7b2881612c104
4b697e04adcdd308c9847e240b4b46238cccdb45abfe29df67ee047599048d08
4c67127a469f309f1797390b95f7c0aa9626151d34d410d082e2391a55715e90
5697019bfc0f593db1604ddf8360eca14f08c213338dda6d0c10ee0b3da62b5c
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25
5f6c6c88f646afcae961eeba23c721d488fa1c3cc1596f6bdcc9d216d523ad0c
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
680590dfcada501650a7b718d6fe7eae308d622e86899a0eb0b83cd218cd086d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75bd806cedfbb8345056d85741118c48d3d54b910410e9845a4f8d5073eeb558
76f9cf758a6b71ec169b04d078485bbfe224c7ca612e5af4c6e03abfea20c4e7
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
83fde8e0ea7bac2c3c670b4d07b9406700ff2a41e5a85de0ba6373e4fa93a986
8b3844213f74337dabb55592ee622928b59d7357940d7cc194eb1127c7717f40
93ac92a2eccc95ae3c4225bc90475c9fbc4596d4927950fb9a1720b5914b4305
99e4b4c513475b2c80f72ae5eb107919c28196f160d7029654f2dda59fd3751e
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a0bb899f3931ce7fcd6807190f9607c39e880acaa8bfe1684970bbdc03c89f2f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a904a0e2ce8ff4fe808480e56bd8daf0fb477360bd4facd7423696c4c2f8ed6b
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1c992076b8bbaf65c6b5f4ddaa8161e2f94d5930a48e1e253cf4e39f5106b7a
c0a97a9799bba7cbaca2ff35b43daaef3ac0c679ba39a90df166c39aad65bea3
c9b747c003850a625a473d1749494f036e24cc69a4b5e0f1e55af35ea59450ac
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

1stream.top Open in urlscan Pro 2606:4700:e6::ac40:c013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

59 %HTTPS

54 %IPv6

20 Domains

29 Subdomains

25 IPs

5 Countries

1361 kBTransfer

5162 kBSize

19 Cookies

5 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1stream.top Open in urlscan Pro
2606:4700:e6::ac40:c013 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

59 %
HTTPS

54 %
IPv6

20
Domains

29
Subdomains

25
IPs

5
Countries

1361 kB
Transfer

5162 kB
Size

19
Cookies

58 HTTP transactions
1 data transactions