www.nflbite.to Open in urlscan Pro
2606:4700:3033::ac43:dc1b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nflbite.to/news/morocco-vs-spain-1/
Submission: On December 06 via manual (December 6th 2022, 3:20:37 pm UTC) from CA — Scanned from CA

Summary HTTP 188 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 72 IPs in 5 countries across 55 domains to perform 188 HTTP transactions. The main IP is 2606:4700:3033::ac43:dc1b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nflbite.to. The Cisco Umbrella rank of the primary domain is 321955.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2022. Valid for: a year.

This is the only time www.nflbite.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::ac43:dc1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
9	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:130... 2606:4700:130:436c:6f75:6466:6c61:7265	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:ea64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:5f3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:13:... 2600:141b:13::1724:130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2606:4700:e2:... 2606:4700:e2::ac40:840a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:f00... 2600:141b:f000:26::684d:a2ac	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:500... 2600:141b:5000::17db:5213	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.223.0.111 3.223.0.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	199.232.36.193 199.232.36.193	54113 (FASTLY) (FASTLY)
1	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2a06:8640:454::2 2a06:8640:454::2	55081 (24SHELLS) (24SHELLS)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.4.196 141.95.4.196	16276 (OVH) (OVH)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2600:141b:500... 2600:141b:5000:3a0::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3038::6815:ea65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1	34.226.18.170 34.226.18.170	14618 (AMAZON-AES) (AMAZON-AES)
8	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2	96.6.22.215 96.6.22.215	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.44.128.195 52.44.128.195	14618 (AMAZON-AES) (AMAZON-AES)
7	54.147.174.123 54.147.174.123	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	129.158.42.199 129.158.42.199	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	63.251.114.137 63.251.114.137	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	51.222.39.186 51.222.39.186	16276 (OVH) (OVH)
1	2a02:6ea0:c40... 2a02:6ea0:c400::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	18.209.244.249 18.209.244.249	14618 (AMAZON-AES) (AMAZON-AES)
2	52.4.33.45 52.4.33.45	14618 (AMAZON-AES) (AMAZON-AES)
3 4	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	34.233.211.172 34.233.211.172	14618 (AMAZON-AES) (AMAZON-AES)
2 3	63.251.28.233 63.251.28.233	26558 (FREEWHEEL) (FREEWHEEL)
4 5	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.80.35 142.250.80.35	15169 (GOOGLE) (GOOGLE)
1	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.167.164.42 185.167.164.42	198622 (ADFORM) (ADFORM)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2600:1f18:4e9... 2600:1f18:4e9:5a01:b333:1a3:d097:8434	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	100.20.115.147 100.20.115.147	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
188	72

2 2606:4700:3033::ac43:dc1b (United States)

ASN13335 (CLOUDFLARENET, US)

www.nflbite.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:821::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:130:436c:6f75:6466:6c61:7265 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:824::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea64 (United States)

ASN13335 (CLOUDFLARENET, US)

bongstreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5f3f (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::1724:130 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:806::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840a (United States)

ASN13335 (CLOUDFLARENET, US)

velocitycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:f000:26::684d:a2ac (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:5000::17db:5213 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.0.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-0-111.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.193 (New York, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:5000:3a0::2c79 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:816::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3038::6815:ea65 (United States)

ASN13335 (CLOUDFLARENET, US)

luinr.bongstreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.18.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-18-170.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.6.22.215 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-22-215.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.128.195 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-128-195.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.147.174.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-174-123.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.158.42.199 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.114.137 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::19 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.244.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-244-249.compute-1.amazonaws.com

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com

web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.211.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-211-172.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.28.233 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.194 (Glen Cove, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2004 (Hudson Falls, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.35 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net

p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.42 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:b333:1a3:d097:8434 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.115.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-115-147.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	309 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	413 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 675 pix.us.criteo.net — Cisco Umbrella Rank: 2548 csm.us.criteo.net — Cisco Umbrella Rank: 2547	239 KB
13	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 533 image6.pubmatic.com — Cisco Umbrella Rank: 734 simage2.pubmatic.com — Cisco Umbrella Rank: 723 image4.pubmatic.com — Cisco Umbrella Rank: 982 image2.pubmatic.com — Cisco Umbrella Rank: 1051 simage4.pubmatic.com — Cisco Umbrella Rank: 1288	27 KB
12	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 55847 servt.modoro360.com — Cisco Umbrella Rank: 55326 serv.modoro360.com — Cisco Umbrella Rank: 61850 servs.modoro360.com — Cisco Umbrella Rank: 97254	12 KB
11	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com	128 KB
9	bongstreams.com bongstreams.com — Cisco Umbrella Rank: 225721 luinr.bongstreams.com — Cisco Umbrella Rank: 264057	8 MB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	829 B
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 378	109 KB
5	yahoo.com 1 redirects web.ssp.yahoo.com — Cisco Umbrella Rank: 2807 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 970 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 ups.analytics.yahoo.com — Cisco Umbrella Rank: 317	2 KB
5	aniview.com player.aniview.com — Cisco Umbrella Rank: 2111 sync.aniview.com — Cisco Umbrella Rank: 2526 Failed s2s.aniview.com — Cisco Umbrella Rank: 3043	191 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 392 api.rlcdn.com — Cisco Umbrella Rank: 929	821 B
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 322	3 KB
4	adipolo.com adipolo.com — Cisco Umbrella Rank: 63930 player.aplhb.adipolo.com — Cisco Umbrella Rank: 74409 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 73138	40 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	167 KB
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 302	2 KB
3	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 682	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 364	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 550	3 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5448 ads.us.criteo.com — Cisco Umbrella Rank: 2492 cat.va.us.criteo.com — Cisco Umbrella Rank: 2910	48 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 13098	1 KB
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 13668 player.avplayer.com — Cisco Umbrella Rank: 10051 content1.avplayer.com — Cisco Umbrella Rank: 14215	79 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	44 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 435	164 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 71642	17 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 476	2 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 788	716 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 509	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 638	743 B
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 718	965 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 635	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 719	772 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	2 KB
2	velocitycdn.com velocitycdn.com — Cisco Umbrella Rank: 135120	60 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 31514	108 KB
2	nflbite.to www.nflbite.to — Cisco Umbrella Rank: 321955	5 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209	401 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4446	273 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 936	518 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 985	656 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4508	390 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 3301	17 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 847	815 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1866	411 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 572	905 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1397	820 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1124	673 B
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 108246	15 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6425	5 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5766	21 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 17762	933 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	467 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	75 KB
0	loopme.me Failed csync.loopme.me Failed
188	55

	Domain	Requested by
16	securepubads.g.doubleclick.net	jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net www.nflbite.to
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.nflbite.to
9	pagead2.googlesyndication.com	www.nflbite.to pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	static.criteo.net	ads.us.criteo.com
8	luinr.bongstreams.com	cdn.jsdelivr.net
7	servs.modoro360.com	player.aniview.com ads.pubmatic.com vid.vidoomy.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cm.g.doubleclick.net	4 redirects www.nflbite.to
5	pix.us.criteo.net	ads.us.criteo.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	x.bidswitch.net	3 redirects www.nflbite.to
4	www.googletagservices.com	jscdn.greeter.me googleads.g.doubleclick.net
3	image2.pubmatic.com	ads.pubmatic.com
3	idsync.rlcdn.com	2 redirects ads.pubmatic.com
3	www.google.com	2 redirects www.nflbite.to
3	s.amazon-adsystem.com	1 redirects www.nflbite.to ads.pubmatic.com
3	ads.stickyadstv.com	2 redirects www.nflbite.to
3	match.adsrvr.org	3 redirects
3	sync.1rx.io	3 redirects
3	player.aniview.com	player.avplayer.com player.aniview.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.ca	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	servt.modoro360.com	www.nflbite.to player.aniview.com
3	cdnjs.cloudflare.com	www.nflbite.to ads.us.criteo.com
3	cdn.jsdelivr.net	www.nflbite.to bongstreams.com
3	jscdn.greeter.me	www.nflbite.to
2	id5-sync.com	player.aniview.com
2	image4.pubmatic.com	ads.pubmatic.com
2	pippio.com	2 redirects
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	c2shb.pubgw.yahoo.com	player.aniview.com
2	p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com
2	ap.lijit.com	2 redirects
2	ad.360yield.com	2 redirects
2	ads.pubmatic.com	player.aniview.com ads.pubmatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	csm.us.criteo.net	ads.us.criteo.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
2	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
2	velocitycdn.com	bongstreams.com velocitycdn.com
2	player.adtcdn.com	jscdn.greeter.me
2	www.nflbite.to	www.nflbite.to
1	simage4.pubmatic.com	ads.pubmatic.com
1	lb.eu-1-id5-sync.com	player.aniview.com
1	api.rlcdn.com	player.aniview.com
1	id.hadron.ad.gt	player.aniview.com
1	ups.analytics.yahoo.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	web.ssp.yahoo.com	player.aniview.com
1	s2s.aniview.com	player.aniview.com
1	vid.vidoomy.com	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	t.adx.opera.com	player.aniview.com
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.aniview.com	player.aniview.com www.nflbite.to
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	cat.va.us.criteo.com	ads.us.criteo.com
1	serv.modoro360.com	player.aniview.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	content1.avplayer.com	www.nflbite.to
1	storage.de.cloud.ovh.net	www.nflbite.to
1	b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	player.adtelligent.com	player.adtcdn.com
1	i.imgur.com	bongstreams.com
1	youradexchange.com	velocitycdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	player.aplhb.adipolo.com	player.adtcdn.com
1	www.google-analytics.com	www.googletagmanager.com
1	tg1.modoro360.com	jscdn.greeter.me
1	adipolo.com	www.nflbite.to
1	bongstreams.com	www.nflbite.to
1	www.googletagmanager.com	www.nflbite.to
0	csync.loopme.me Failed	player.aniview.com
188	89

This site contains links to these domains. Also see Links.

Domain
nflbite.to

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
greeter.me E1	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.bongstreams.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
wl1.aniview.com R3	`2022-11-27` - `2023-02-25`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.velocitycdn.com E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.modoro360.com Amazon	`2022-11-20` - `2023-12-19`	a year	crt.sh
*.google.ca GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
player.adtelligent.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2022-10-08` - `2023-01-06`	3 months	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-08` - `2023-01-09`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-30` - `2023-01-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-07` - `2023-02-07`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-18`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
id.hadron.ad.gt Amazon RSA 2048 M02	`2022-10-31` - `2023-11-29`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://www.nflbite.to/news/morocco-vs-spain-1/
Frame ID: 941EB9B62330B75E6F4839294C1E8A7E
Requests: 70 HTTP requests in this frame

Frame: https://bongstreams.com/rntv.php
Frame ID: BAB00304F3D4EAE2E2400A7C868ABAEF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: 8F15E840ED17AD8C2A1798061724FFED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&adk=1812271804&adf=3025194257&lmt=1670340029&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028775&bpp=4&bdt=215&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 756500EE767E0EDEA1FA8DA98F1BB474
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&h=280&slotname=5443441593&adk=4092563568&adf=2205611667&pi=t.ma~as.5443441593&w=1183&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1183x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028779&bpp=3&bdt=219&idt=257&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3890497870323&frm=20&pv=1&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wOy6Q0l2AN&p=https%3A//www.nflbite.to&dtd=268
Frame ID: 410B4A8A747D955CF0182DACE77D9357
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8051978673542046&output=html&h=280&slotname=1504196585&adk=1695276420&adf=1947930080&pi=t.ma~as.1504196585&w=1200&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028782&bpp=1&bdt=222&idt=272&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1183x280&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HwUvX8yiXI&p=https%3A//www.nflbite.to&dtd=277
Frame ID: 7823404CDAF0E26441CC069AF2BFA3E9
Requests: 8 HTTP requests in this frame

Frame: https://b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 217DC8E2A95A6D2D1C98314E5839281F
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Frame ID: 7FC663CB98E44C07A1993C7C2061338F
Requests: 4 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y49dvQABcxUE0bw4AApQvEqFOlHKd141W5yH-w&u=%7CwZKDr7CoNUWWnAi7VU5nmC4uwJRs4v3JdU53Bo2vbhA%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8OsrWzpRIsaibaekrOeO3BsscnmSBbvJfSpri6Zdo821K3xgsYEXI3mTVF_73hsTPQTs7VAO8otVcgxh8tyVuXADYmqsXFZV4buN1KNkrygzBNFoTkjzFu6SuVlZsy1n8hQNGAHBekSRJyVZGSXqG-xEjSk5tYUubf5SAaGW_ZuMQsq5vnR2wIsuWZBCYDGqV-2g4EfJUeK2Hi5SRH99-dDW729Mwj7QQZLaJpFlARsnJlK4-5tUlsIK36ZtZJ8Wp_-A75uquDN_dLO8bjqHqw_6y_A-A6kLYRvGOn5c6WCI8GWDXDNdN_S6UzizdhK6cz1BtRE7yiMT8_YQKJEmsm7jI0sS93NGpjTv1OWPs3rfR7kJ2sKa1FeH9Yfwv_7u5vIawGMLRR43qqnkGBkgsvTI94C9-7xranPnTl_IooUB_3u2JGTnMn2JP7MYVIr5nxO1EKT7TSf3uM4Wb6x9g16zKITWJug4U0LvxnynPy54dApw_ls4rXAqsHJTKIEKyfIc9mJ_nsMv2yYEZJuLaS6GhorokYI9oEfkMZFNjszBQEcP5st9Dd7aq4tswGXoUz61E_T_Z-q75Uv9vg9WKkYlZCmVjUrqeTW-sVqep3gIjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpC2YvV2PY5XmBbj4xtYPvKGpyAecge-wXNqkqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTgwNTE5Nzg2NzM1NDIwNDbIAQmoAwGqBOIBT9CCmyOi_gbD4tKdiXUfTBU9mwIpLdKo4C7W_nWHMuqzh3CIS4RPH_9HP44V78LROn6V3oh9DQ9FDt-V5XjLCw3rienZqB-ewcihZCJKV4XxJgLsWtn4kbHGjc4wN9LF4rv3Vua6f9RCz83dMVfrAHQLQEOfndEDYsbeTHz8XFtIw6_lnsRTwC3rOEclGOZjpTuPEaFeP-yRJhNQXs59lbKOVi3LIJDg-p9mXNln2ieKjNytagq9rJxYU29q9AHh5pGWLlDDXOWdRw4XVV3HAn-u14AIyRi0_hh7xDomkXk80YAGquazuZ-dw5XnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tuDXn3XY65deCzn_9Tku9tvYwBw%26client%3Dca-pub-8051978673542046%26adurl%3D
Frame ID: C139380B92CF6EF59915302657DD401B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: C846DB808C1D88BBB41449BD5FF6AADF
Requests: 10 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7Bdevice_id%7D
Frame ID: 47A41BD0C86FF49FB051195F4EBAA53F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Frame ID: 1A0C2E25B6947457C65D05A18BC910E5
Requests: 13 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-n3sPz6VE2uFpFGV1dibyL0iL6FGNufXN4aPvLEg-~A&gdpr=0&gdpr_consent=
Frame ID: F8D002541B349949C72C9838B225BFB3
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1670340029996-994946883307-005912-002-001503&key=b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16
Frame ID: F4575E4897634423ECF33E6A021CE304
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670340029996-994946883307-005912-002-001503&key=RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005
Frame ID: 3784B3AA5F570DE7E963534C70A60E61
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1670340029996-994946883307-005912-002-001503&key=C7970F54021A41998C76638CDE44E688
Frame ID: 49A2D9A5B657D0A51AA02B495D1DF591
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=18&auid=1670340029996-994946883307-005912-002-001503&key=FxXYeLZHxfS7dJ8WStuMtkvg
Frame ID: 409998BD043FD0838A404747D3818DCB
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670340029996-994946883307-005912-002-001503&key=dVClxkSd1494&ev=1&us_privacy=1---&pid=562704
Frame ID: FCDF5262C6F9420BA073C10961001082
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: 2882F631247347D82E697E42563B1B4C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: B4CD145A627D0F7AE8A434C0942C8B3D
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1670340029996-994946883307-005912-002-001503&key=a6f37f0123013099a595be2217fc435a
Frame ID: BEA91E0D48B7C4E86A29F0EF304F8F4A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 55D31C9FF4FAA0032E116863F7C64F34
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Frame ID: 89999F1073ED86513AB5814A1BC42002
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 03CA7738A87A941C9B2C2B1022C2B9C4
Requests: 2 HTTP requests in this frame

Frame: https://p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 4679898888445A99602EFB09A066DD6B
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=
Frame ID: 6109B88ECFEB16B1B22C5F3D0F31E82D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y49dvgAB-PaQAQAp&gdpr=0&gdpr_consent=&_test=Y49dvgAB-PaQAQAp
Frame ID: 7205067E98C22E112F6DB032D4969D10
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: F88013827AB0D7CB00803CAFCA6D070D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&gdpr=0&gdpr_consent=
Frame ID: 69553715CE5596F1084551DBE8E1D3A9
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=1&auid=1670340029996-994946883307-005912-002-001503&key=285702D0-EF31-4E41-A20F-40ED5B964212
Frame ID: 5372DC4BE486B2463ABD982FCCB51131
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Frame ID: E90DC9B08AD3BE1652A17FE5386EAB07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New England Patriots vs Buffalo Bills live Streams | NFLBITE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

188
Requests

91 %
HTTPS

46 %
IPv6

55
Domains

89
Subdomains

72
IPs

5
Countries

10872 kB
Transfer

14886 kB
Size

71
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://nflbite.to/teams/new-york-giants-stream/
Title: New York Giants

Search URL Search Domain Scan URL

URL: https://nflbite.to/teams/dallas-cowboys-streams/
Title: Dallas Cowboys

Search URL Search Domain Scan URL

URL: https://nflbite.to/teams/philadelphia-eagles-live-stream/
Title: Philadelphia-Eagles

Search URL Search Domain Scan URL

URL: https://nflbite.to/teams/green-bay-packers-streams/
Title: Green Bay Packers

Search URL Search Domain Scan URL

URL: https://nflbite.to/teams/new-england-patriots-streams/
Title: New England Patriots

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-n3sPz6VE2uFpFGV1dibyL0iL6FGNufXN4aPvLEg-~A&gdpr=0&gdpr_consent=

Request Chain 122

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1670340029996-994946883307-005912-002-001503&key=b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16

Request Chain 123

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%5BRX_UUID%5D&cb=1670340030229 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8647028924 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8647028924 HTTP 302
https://sync.1rx.io/usersync/tradedesk/782c7b18-e52c-469e-a9a2-f1f933c6e54c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005?redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3DRX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670340029996-994946883307-005912-002-001503&key=RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005

Request Chain 124

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670340029996-994946883307-005912-002-001503&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%5BUSER_ID%5D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1670340029996-994946883307-005912-002-001503&key=C7970F54021A41998C76638CDE44E688

Request Chain 125

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%24UID HTTP 307
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%24UID&sovrn_retry=true HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=18&auid=1670340029996-994946883307-005912-002-001503&key=FxXYeLZHxfS7dJ8WStuMtkvg

Request Chain 126

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670340029996-994946883307-005912-002-001503&key=dVClxkSd1494&ev=1&us_privacy=1---&pid=562704

Request Chain 134

https://x.bidswitch.net/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 135

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1670340029996-994946883307-005912-002-001503&biddername=24&pid=59c9148628a0612da3689288&key=c49ea7b0-cf70-4351-bde5-aaaf5ca925af

Request Chain 136

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmY2ODgyNTMzNTVkOTc1NWNhOTNiZTk3ZWI0YTNkMA==&gdpr=0&gdpr_consent=

Request Chain 138

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=87e9428c6c47c556454318a6b3714cf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 159

https://c1.adform.net/serving/cookie/match?party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y49dvgAB-PaQAQAp HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y49dvgAB-PaQAQAp&gdpr=0&gdpr_consent=&_test=Y49dvgAB-PaQAQAp

Request Chain 161

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&gdpr=0&gdpr_consent=

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KFcC0O8xTkGiD0DtW5ZCEg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 165

https://idsync.rlcdn.com/420486.gif?partner_uid=285702D0-EF31-4E41-A20F-40ED5B964212 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI4NTcwMkQwLUVGMzEtNEU0MS1BMjBGLTQwRUQ1Qjk2NDIxMhAAGg0Iv7u9nAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=98ab2e7fa4769ec1dab56f926606475e6a1b27d5db3a3a6bc990b026c2705bda791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5OGFiMmU3ZmE0NzY5ZWMxZGFiNTZmOTI2NjA2NDc1ZTZhMWIyN2Q1ZGIzYTNhNmJjOTkwYjAyNmMyNzA1YmRhNzkxNDI2YjU0MTdkY2UyMRAAGgwIv7u9nAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5OGFiMmU3ZmE0NzY5ZWMxZGFiNTZmOTI2NjA2NDc1ZTZhMWIyN2Q1ZGIzYTNhNmJjOTkwYjAyNmMyNzA1YmRhNzkxNDI2YjU0MTdkY2UyMRAAGgwIv7u9nAYSBAgCEABCAEoA&google_gid=CAESEJGkChwxBlzhdKjDpc2xB7M&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=48e0b598-f2ee-4905-bd3f-c70e1de3c619

Request Chain 166

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567a638f-5dbe-4100-8525-e076db1a6edf

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjg1NzAyRDAtRUYzMS00RTQxLUEyMEYtNDBFRDVCOTY0MjEy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENfo7lefyQSJrYgOoG-EczQ&google_cver=1

Request Chain 169

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BD2B676F567340688F4D380AE82DC151

Request Chain 170

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2338547713758656481&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=782c7b18-e52c-469e-a9a2-f1f933c6e54c&gdpr=0&gdpr_consent=

Request Chain 173

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mEtBAnVE2uXrLYji2DvWjJfdpiwTHFU-~A&gdpr=0&gdpr_consent=

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

188 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nflbite.to/news/morocco-vs-spain-1/ 11 KB
4 KB 181ms
130ms Document
text/html 2606:4700:3033::ac43:dc1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96265b0fe36ed5db56f82c72c68244c7c55b965c103b3a85ee96d7d89307c9df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 77560179bc4978d6-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 15:20:28 GMT
expires: Thu, 08 Dec 2022 15:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCPnO8ICDbOA8vkBni3gt%2BnaTcQ0Jo5q2Zh1mIxx0kAr8UToo1y3No1fbtfUQteYrIuKpICyYEE%2FArt1pMlJL%2BpmAyMRR0MQf8zPwKNcRhNnc64N5c1%2Frv%2BgeP1SWhSG%2BpcEIy%2FeSG%2BIhIddow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 footybitehead.js Show response
jscdn.greeter.me/ 7 KB
8 KB 114ms
25ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/footybitehead.js

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f2abed2466a50de711ebd5794e29d8db4f3b8f5715675c8179491874655f94a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 07 Dec 2021 15:06:09 GMT
x-amz-request-id: tx0000000000001b802d713-00638f5ce9-5c85f102-fra1b
etag: "6785588deb4ade2968b0419e1022b123"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670340028.dop073.dc2.t,1670340028.cds213.dc2.hn,1670340028.cds193.dc2.c
content-type: text/javascript
cache-control: max-age=3389
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7626

GET
H2 200 footybitedynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 117ms
28ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/footybitedynamic.js

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

6734f74c599c91bc2c87d925f5ae39b95ec85a648d86ace015b75197bff7cf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 07 Dec 2021 15:06:09 GMT
x-amz-request-id: tx0000000000001b7f29ee2-00638f5ce9-5c924841-fra1b
etag: "409e92834608116a4d083961365bb5a1"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670340028.dop073.dc2.t,1670340028.cds213.dc2.hn,1670340028.cds208.dc2.c
content-type: text/javascript
cache-control: max-age=3389
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7954

GET
H2 200 footybitevideo.js Show response
jscdn.greeter.me/ 1 KB
2 KB 107ms
43ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/footybitevideo.js

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d8e6a8ed06b7ea32bdf5a494232c1e155bc8813ab982c923844e91a81c10f0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 21 Nov 2021 10:22:46 GMT
x-amz-request-id: tx0000000000001b7f7eba1-00638f5ce9-5c8c654c-fra1b
etag: "dd4e16c6241cf2e354f5fc3ca693a8b0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670340028.dop073.dc2.t,1670340028.cds213.dc2.hn,1670340028.cds201.dc2.c
content-type: text/javascript
cache-control: max-age=3389
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1394

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 124ms
74ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2614126763130416

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55a8897810e15e39ca238d8b51af0d7c1e61965a5c646c68b6710192ee9db622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Origin: https://www.nflbite.to
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49471
x-xss-protection: 0
server: cafe
etag: 14468570046708844752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 104ms
54ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8051978673542046

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbdf1fe198db06e0497d81d770d7befc5d31bfd73d8bf1b9f793b14b1f0b62a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Origin: https://www.nflbite.to
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49468
x-xss-protection: 0
server: cafe
etag: 2954334042329756767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 112ms
59ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nflbite.to/
Origin: https://www.nflbite.to
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6796800
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-scl2220034-SCL
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME8iUhVGt5rYy229fn4ZnwUzsof7M3eIRScp8%2Fg9YL75krjF3Ol1AB2mTdNkd5eHYGDeGuMc%2F9y6WvphhwWDsv90Hn8tRbdy0hqkObcoGCBuv4X4ZVhwdUCAgcdEbzR854eY6n%2FI4XC%2FM6p7Fsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7756017aeb68c431-EWR

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 50ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.nflbite.to
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1189364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10480
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxHV4mwYZrJBLnzYY16OLP31E%2FSKA8c3sMHK6woDtUvp5Q0m6d84tgj2YSePvSGy9M6pDH3m%2FBf54457q9aPy9IioIyp0eOw9x6Jf4%2F5E19IJCts5z2j8nWe3w7%2F9SojZrp4X67mIssFDRWRmYSzKJGZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7756017abd244bb8-YUL
expires: Sun, 26 Nov 2023 15:20:28 GMT

GET
H2 200 nflstyle.css
www.nflbite.to/css/ 5 KB
2 KB 30ms
28ms Stylesheet
text/css 2606:4700:3033::ac43:dc1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nflbite.to/css/nflstyle.css
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3397a72f384e3308e4495b8319b094de73867708e5e46b0e6bfd756eeca16423

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/news/morocco-vs-spain-1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2022 11:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2249717
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiKOkouQnrX9sJRo5S1r7hyhsWLkq%2B3XTcD2koJ2ebfWWniHqboIKdGxrU7NlH%2B7X7b75GsZBqf4rSUiYaTJGDLfLeoWS6cVAF4Xi2iq2w%2F7KhItz6ycRgUPO36FaucpHGvvm732Nufs3OMRHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 7756017a9e2b78d6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Dec 2022 14:25:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 83ms
34ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GBBTM4ZWQD

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46d960d8c20cf6bf93febf47f57b283225246d0d868fefdf28e435291fa82531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 52ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.nflbite.to
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 582269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t0yDUJyrAwyEbsKunrtN6tQWPSCspejmNWK4xAVQxzxBXiWGm8dJ8azoZBGNIM60uELTkCyJuORzEJZC8n6%2BwFvc3LZ%2BM4r5cArwKX6FHbBe4JZ1d1mE6EOckR8jkDhx8shXHGwzPZTwN90YDxRSi%2FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7756017abd284bb8-YUL
expires: Sun, 26 Nov 2023 15:20:28 GMT

GET
H2 200 hb_511103_13154.js Show response
player.adtcdn.com/prebidlink/463983/ 371 KB
107 KB 128ms
53ms Script
application/javascript 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/463983/hb_511103_13154.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footybitehead.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e48dc2e907ba153b5dd153c2db991d097ca3922a394898ba31c4fff3708bdf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 19:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 146
etag: W/"6389063a-5cb79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0ZS05C%2Bc6VKaThIssUArLIrsqvuX9MVoBIV6ntGp5frPvyMVIImuXjr4BTIJQlI7tg87abRwVSCm05ySUvh0t5uMUXbjXyIvoMfgW0l5PH8QOPU7VjcLZ0iVX6S5pQ3sfE6HLrkKv0Py7lz4%2FcrLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7756017bdb8d1729-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 15:33:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 99ms
38ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footybitehead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2737e0f8e60929e28f1439db1076417bf161010f162084b0eb117da7cc254354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27547
x-xss-protection: 0
server: sffe
etag: "1413 / 993 of 1000 / last-modified: 1670328320"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 wrapper_hb_511103_13154.js Show response
player.adtcdn.com/prebidlink/463983/ 2 KB
1 KB 153ms
79ms Script
application/javascript 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/463983/wrapper_hb_511103_13154.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footybitehead.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b44ab9a1c13069e0270f6bda9df4b53b2971744c08018e3ad02f13d10896e6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 20:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 146
etag: W/"638e53ec-6c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA4IPvzo3N4v%2BytHb%2FPsxc%2BiXbsZZC6mSFI8iBj9Kmw8lF1tv1flOV%2BBm9aV4lfM37gCdJPuNB1Vm0ZWd%2Brs1%2Fg97995WqbklyyNehU6lPvaM6BYM%2FBZpbFeFbipzmmI8fOGJJNbgOv7OyhupzCdag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7756017bdb901729-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 15:33:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 90ms
34ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footybitehead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2737e0f8e60929e28f1439db1076417bf161010f162084b0eb117da7cc254354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27547
x-xss-protection: 0
server: sffe
etag: "1413 / 241 of 1000 / last-modified: 1670328320"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 rntv.php Show response
bongstreams.com/ Frame BAB0 2 KB
1 KB 226ms
159ms Document
text/html 2606:4700:3038::6815:ea64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bongstreams.com/rntv.php

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb291d06275a2811fe26fe5dd57f5662a70242a85daf9508f042a1122118b7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7756017c0ec0185d-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 15:20:28 GMT
greydedi: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQqxFpur%2FiykRfxGoq3Mf7GE%2BPUcsm7EJm6CU%2BvIuPM8GifturlOMoTRtMrGWZlXjsZYT6fqPIZg1DzNxB0oWo98J7yJhjESJFpOzzXu3yA%2BaZfmS1XwwsRfT9rMPrzUCXGEKhXLXL%2B6JLs3qv0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 97ms
39ms Image
image/png 2606:4700:3035::6815:5f3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5f3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16203716
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np%2FRWj%2B5lyk2o1Py0pP2oWYEvcJKQftPDzCfD4w%2FJ3j8yTp91ay%2B8koLzXKUrlE4aTMFc3YBaM%2BBs2e0sP4NXs1S6DdQjpod7w2WCJLwXJFUD6k2xrNfsEKYPTwt3ac7qyc%2FthEvR5UGHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7756017c0d1c8c51-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7068

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 25 KB
7 KB 180ms
25ms Script
text/javascript 2600:141b:13::1724:130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=619a1d8f04726848404562e4&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/footybitevideo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::1724:130 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 79e997bb7245f68cf6398665f6eecd402f48c76d67283446dfc4486262685cc9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6483
Expires: Tue, 06 Dec 2022 15:25:28 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 135ms
94ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8051978673542046

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be3a86e492bdf59c5bc78a492f763521998b236f4d1e5294937da36b56374570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119791
x-xss-protection: 0
server: cafe
etag: 18033823315633483732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame 8F15 10 KB
5 KB 69ms
19ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8051978673542046

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 28814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 07:20:14 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 07:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
346 B 82ms
33ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GBBTM4ZWQD&gtm=2oebu0&_p=887110448&cid=1401570478.1670340029&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670340028&sct=1&seg=0&dl=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&dt=New%20England%20Patriots%20vs%20Buffalo%20Bills%20live%20Streams%20%7C%20NFLBITE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBBTM4ZWQD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022120101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Dec 2023 20:28:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 338 B
173 B 80ms
39ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nflbite.to

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dd70341a31e328efcd03f90b83c3e228019ba7c4acda1ae6fd645f20a2b569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Tue, 06 Dec 2022 15:20:28 GMT

GET
H2 200 hbw_master_511103_13154.js Show response
player.aplhb.adipolo.com/prebidlink/19332/ 100 KB
32 KB 120ms
26ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/19332/hbw_master_511103_13154.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/463983/wrapper_hb_511103_13154.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: b657dd3682208edfb815a32becaff61f5dae9f12537daf146d61a02aedb88f31

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 20:26:20 GMT
server: nginx
etag: W/"638e53ec-18f5c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 16:20:29 GMT

GET
H3 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame BAB0 470 KB
128 KB 67ms
51ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js

Requested by

Host: bongstreams.com
URL: https://bongstreams.com/rntv.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12762318
x-jsd-version: 0.4.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19147-FRA, cache-itm18842-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bj4jfoCoeN34vMv9SO2tsmVgkmuMwka6N21tnBhnlPzvzmLpAVMC%2Bc0PYWNWgRLo1pgT2vC3vd0R0gN1NmLowHX3G6HZhATaq5PIhElkTdmCez5tbFeSjY183wVvXTo5vJ3dN4lzTVe%2F2wqfjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7756017d3c257150-YUL

GET
H3 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame BAB0 30 KB
11 KB 46ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: bongstreams.com
URL: https://bongstreams.com/rntv.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20026
x-jsd-version: 0.3.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7dVxBXbVE15x7gv%2BL%2B%2FKYTL3YlMi4kuzylCEHObyLcHro7hTckTFmZz8CUBYKObZN%2FfEH3tsQHvZt98YGgmfEP1VmqoD0%2BLQyuJxiHhOLEird%2BI%2Bfhi64tHC1jhRSttflPkzJuQdM1kfXosecc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7756017d3c237150-YUL

GET
H2 200 bootstrap.js Show response
velocitycdn.com/script/ Frame BAB0 98 KB
34 KB 80ms
30ms Script
application/javascript 2606:4700:e2::ac40:840a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocitycdn.com/script/bootstrap.js
Requested by: Host: bongstreams.com
URL: https://bongstreams.com/rntv.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2877
x-guploader-uploadid: ADPycduyvUwU5qxhSdWt66-oNJitLCGrjCDDuuBay-rvi3U1xNZVQGxNisL6Sc1E1cihR5JIslheHakwH291ReCTCLN2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
server: cloudflare
etag: W/"58a3706369493493b3ca003a227b6fa6"
vary: Accept-Encoding
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-generation: 1669191375948071
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB87lKjQxYgL8nXZuGpNzMp2wEtbzqrSfBBHzndsuSXg81tD%2BQoMWrSDiospCg%2F8xMAoQGEaQho1gyVSOgF0Va3qZqSWTdYzHfmCSy8tTytsIXKpPxBgcVQJD%2FIVTCASiTYcooBowQJHujm2KFk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100584
cf-ray: 7756017d7f791829-EWR
expires: Tue, 06 Dec 2022 15:29:39 GMT

GET
H2 200 get Show response
feed.avplayer.com/backend/ 5 KB
926 B 137ms
32ms XHR
application/json 2600:141b:f000:26::684d:a2ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=619a1d8f04726848404562e4&pid=6194ddd9c26fee3fb21675b7&cid=619a1d418697a435d432cf37&AV_TEMPID=60bceb5ae580aa6950275314&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7

Requested by

Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=619a1d8f04726848404562e4&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:26::684d:a2ac Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy / PHP/8.1.12

Resource Hash

e8a512ec9f7b507b30d081c6b6c31385ce8baf2a88c7b6c016d5e0f0773c402b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
x-powered-by: PHP/8.1.12
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-envoy-upstream-service-time: 24
content-length: 667
expires: Tue, 06 Dec 2022 16:20:29 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
61 KB 143ms
19ms Script
application/javascript 2600:141b:5000::17db:5213
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=619a1d8f04726848404562e4&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::17db:5213 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvdNcMzkQIZ8RhfesOnBuuAF50cAJEQkBm0ipbHwO_4OhKTgvaY4mhkdpbHDtqe0M5i2gu4P_gHHet0on1VTf0hAaF_Blsg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-generation: 1646327924579580
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=DITkQg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
content-language: en
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:25:29 GMT

GET
H2 200 track
servt.modoro360.com/ 0
71 B 194ms
25ms Image
text/plain 3.223.0.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=6194ddd9c26fee3fb21675b7&cid=619a1d418697a435d432cf37&cb=1670340028980&r=www.nflbite.to&stagid=619a1d8f04726848404562e4&stplid=60bceb5ae580aa6950275314&d35=&d65=Floor&d66=7&e=playerLoaded
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.0.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-0-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
467 B 35ms
34ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.nflbite.to&callback=_gfp_s_&client=ca-pub-2614126763130416&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9533be26cd4926c60bf8ed2a8ec8517b1832a981599fc74e54b55f48ac52b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 109ms
38ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
38ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7565 90 KB
32 KB 605ms
564ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&adk=1812271804&adf=3025194257&lmt=1670340029&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028775&bpp=4&bdt=215&idt=219&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbc8be77bb800cc9de9b9891187f165bf2e3bdeecac0720b794020d82b0cfc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:29 GMT
expires: Tue, 06 Dec 2022 15:20:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 410B 111 KB
34 KB 708ms
696ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&h=280&slotname=5443441593&adk=4092563568&adf=2205611667&pi=t.ma~as.5443441593&w=1183&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1183x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028779&bpp=3&bdt=219&idt=257&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3890497870323&frm=20&pv=1&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wOy6Q0l2AN&p=https%3A//www.nflbite.to&dtd=268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8ebc982b5005f0f19b40f5d580a8624dd8e78c65f568875ab4bb6be66cae56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34920
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:29 GMT
expires: Tue, 06 Dec 2022 15:20:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7823 23 KB
10 KB 197ms
193ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8051978673542046&output=html&h=280&slotname=1504196585&adk=1695276420&adf=1947930080&pi=t.ma~as.1504196585&w=1200&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028782&bpp=1&bdt=222&idt=272&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1183x280&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HwUvX8yiXI&p=https%3A//www.nflbite.to&dtd=277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8b9f4b19cff174f9ff26ba95114fbeeb1506f4c74c35bc317b7e5a4c1daf81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9874
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:29 GMT
expires: Tue, 06 Dec 2022 15:20:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ut.js Show response
velocitycdn.com/script/ Frame BAB0 70 KB
25 KB 67ms
45ms Script
application/javascript 2606:4700:e2::ac40:840a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocitycdn.com/script/ut.js?cb=1670340029109
Requested by: Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdu0cjTfVYFVkq3f-SW6KIIbAsFfrLGv0FPzu2aBJ0UmfMjOP-0BBxAKnJXD2trIeap_d-iNAh7qCWcDHIMy3rO8jX7nI2cl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPnvEjNOr2bNH1j9HyY%2BCszhlAoDSHZXHYu69lXIqqzq9g0grnNpkAmN32vWCayGJet6H9ilYOf8UVU%2FBdqRCLBGOLh%2FMoaP9MmPhuUopzsvpD8cHGckYD7Uq4G3eZuEo0n0JYD39wCYxrYZuFg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71356
cf-ray: 7756017e2e6dc3ff-EWR
expires: Tue, 06 Dec 2022 16:07:40 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame BAB0 994 B
933 B 153ms
108ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6165306&chmob=?0&cbur=0.4847414657701312&cbiframe=1&cbWidth=1183&cbHeight=520&cbtitle=&cbpage=https%3A%2F%2Fwww.nflbite.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
Requested by: Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 72950656d07f837c1ed3d2b7739cd90dd04c314c3e451565f40ca86dcbd17ad1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 x3xqJYu.png
i.imgur.com/ Frame BAB0 21 KB
21 KB 70ms
18ms Image
image/png 199.232.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/x3xqJYu.png

Requested by

Host: bongstreams.com
URL: https://bongstreams.com/rntv.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.36.193 New York, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2eb9eb3070b6c5360f62a0d9898332475e56d428a496adcd69c65a1197fec70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 261144
x-cache: HIT, HIT
content-length: 21095
x-served-by: cache-iad-kcgs7200165-IAD, cache-lga21947-LGA
last-modified: Sat, 03 Dec 2022 14:48:05 GMT
server: cat factory 1.0
x-timer: S1670340029.261248,VS0,VE0
etag: "2c81ff47b80174435ef77d9cc013a216"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2143, 5

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 112ms
26ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/463983/hb_511103_13154.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 8922922509b7fca081eb9bfe68ef175ee34ef8750a8c61e4db9a7533bb0c75e2

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

expires: Thu, 08 Dec 2022 15:20:29 GMT
date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 12:01:19 GMT
server: nginx
etag: W/"638ddd8f-2ac7"
content-type: application/json
access-control-allow-origin: https://www.nflbite.to
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 147 B
417 B 183ms
19ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19332/hbw_master_511103_13154.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 77a676c395b379e5976e674da61a4243f769fc76a87e5ac1ef0cd52a619a1e77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:29 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.nflbite.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 147

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
433 B 181ms
20ms XHR
image/gif 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=511103&site_id=13154&pbjsv=v6.25.3&full_page_url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&adid=cdbr4g.zl&features=81952&vpbv=N104&lifecycle_tte=891
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19332/hbw_master_511103_13154.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:29 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.nflbite.to
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 407 B
247 B 385ms
384ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=1006326865800094&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C320x50%7C320x100&ifi=4&adks=2694997414&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029346&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0fd294c1f472528541101861967d73739f54478d71bf5dda11c29ce62b80b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 314ms
313ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=488483007368017&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=5&adks=2767553532&didk=2675907389&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029353&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22c0926066950eb32303b88821d2423eeeda63fa06bcd3150f514837573d9246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9364
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374438803
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 368ms
367ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=2014513776728045&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=6&adks=1458813703&didk=2675907388&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029359&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db0701f25bf6cffa99cfc7d71521bfdd3179266e2b5feb62907d125f8f11b51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10753
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 299ms
297ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=701154112800880&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=7&adks=1680368127&didk=2675907387&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029361&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8589fa3a34d25fea23d3365e454588c2dcdbf6ed856f068a64ed1f2a5d46a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11071
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
244 B 278ms
276ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=1145690621804502&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=8&adks=3622398209&didk=2675907386&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029364&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8fb64a0bc498e29c874fad0a686b5c4365532678213187216778647c6426d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 406 B
247 B 309ms
306ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=268803970723426&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=9&adks=3440156386&didk=2675907385&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029366&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc49bbaddc3ef1c99cbbb427fcf33700440e3478c52f78385521deff6749038e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 263ms
261ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=915021027303780&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=10&adks=2491488014&didk=2675907384&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029368&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0845704757cc7cecdc3ec5a73bf97bb9a7b48d5b45ba2c439a8ba87db69bc221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9370
x-xss-protection: 0
google-lineitem-id: 5850403633
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374029776
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
253 B 362ms
360ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=294565055518331&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=11&adks=1252801048&didk=2675907335&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029371&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79550718143aa0a6b043d196643782c53074e7f9dca81fc744eb23ff9d8b6852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
253 B 461ms
459ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=3894000410722593&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=12&adks=1931580930&didk=2675907334&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029373&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ecfb052ee8a13b2ea0442ab65192e13b0a06bb141f367370f25cfbe45761e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
253 B 389ms
387ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=2647088394658042&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=13&adks=3966483914&didk=2675907333&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029376&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85c6d6f811b9342e74c8587cc8ca3acb08c76095d5c04ca7baee8c17b48e818a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
253 B 298ms
296ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=718654538718854&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Caplmcm%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=14&adks=3143928696&didk=1220294050&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029379&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1dd07bd8e0edf0cd785ea97a6a7c47bad23601d2356388c7eb008dda842b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 217D 6 KB
3 KB 112ms
34ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:29 GMT
expires: Wed, 06 Dec 2023 15:20:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 509ms
126ms Image
image/x-icon 141.95.4.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ip196.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:29 GMT
X-Openstack-Request-Id: txda6bc3a55f1c49659332e-00638f5dbd
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086
X-Trans-Id: txda6bc3a55f1c49659332e-00638f5dbd

GET
H/1.1 200
OK large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 122ms
27ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:29 GMT
X-GUploader-UploadID: ADPycdv9EONnUGDms4N8Wb_vozFcIQi1kVS0Swt3gFFbZ2BCuVaOoY_PHuvQuAypg8x8yX5lWOBYQ6hgauP9JYmWVQyVOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 16959
Last-Modified: Thu, 08 Sep 2022 15:38:37 GMT
Server: UploadServer
ETag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
Access-Control-Expose-Headers: Content-Type, range
Cache-Control: public, max-age=2592000
X-HW: 1670340029.dop173.dc2.t,1670340029.cds090.dc2.shn,1670340029.dop173.dc2.t,1670340029.cds057.dc2.c
x-goog-stored-content-length: 16959
Accept-Ranges: bytes

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7FC6 425 KB
114 KB 102ms
19ms Script
application/javascript 2600:141b:5000:3a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:5000:3a0::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8a7babb87daae57db009ee805060960339a04391c0ae55491041e8360a5c348f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtjFRbDI1fuTzcUcKLUmJm9HvT9xj35DulQk0XMSrLoEc8JsC3Zdfy1OJbvNAmK7X7ybo5Tdfucj8uCtS5P6e5cfJzfi0iS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 116427
last-modified: Sun, 04 Dec 2022 11:44:22 GMT
server: UploadServer
etag: "5648139f7b5a48bcb4cea1d2ffeeead0"
vary: Accept-Encoding
x-goog-generation: 1670154262270598
x-goog-hash: crc32c=iXwvkA==, md5=VkgTn3taSLy0zqHS/+7q0A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 116427
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 06 Dec 2022 15:30:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 7823 3 KB
1 KB 75ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8051978673542046&output=html&h=280&slotname=1504196585&adk=1695276420&adf=1947930080&pi=t.ma~as.1504196585&w=1200&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028782&bpp=1&bdt=222&idt=272&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1183x280&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HwUvX8yiXI&p=https%3A//www.nflbite.to&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 7823 18 KB
8 KB 73ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7823 153 KB
47 KB 77ms
35ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 88ms
38ms Script
application/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 80ms
38ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 592ms
592ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025247991353482&correlator=2680027189521688&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=7047%3A22658558586%2Capl%2Cinter%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4&prev_iu_szs=1x1%2C1x1&ifi=15&adks=193055262%2C2273378164&didk=1836342259~282511890&sfv=1-0-40&ists=3&fas=8%2C2&prev_scp=hb_rfBid%3D0%7Chb_rfBid%3D0&eri=1&sc=1&cookie=ID%3De9a35d64530b1acd-22153df0dcd8009b%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MZpKE06YlW5ScPhF5gi0_jLkmWjPg&gpic=UID%3D000008c698697097%3AT%3D1670340029%3ART%3D1670340029%3AS%3DALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA&abxe=1&dt=1670340029524&lmt=1670340029&dlt=1670340028560&idt=513&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=c%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc55f941cf4fd9fb787283d48f80e2f7726f79ba879314f9462db3c3ee014421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10877
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022120101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0ac285751402828b442be15888677c1702c6fcede07809cc233d11c95d750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13828
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Dec 2023 16:24:15 GMT

GET
H2 200 playlist.m3u8 Show response
luinr.bongstreams.com/live/adaptive_bong-1/ Frame BAB0 597 B
716 B 256ms
195ms XHR
application/vnd.apple.mpegurl 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/playlist.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36499aab6c5640a06139a99ed71b13ae93207a19d6795bd23f0dead3f860ce5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I48ceDIOZk0eksSQzZmdH4xhzU9FWCgR9DgwVTRPfbw%2BDZZO8klYEN39ei4FJnbQV87lvtedY8IzzVvdvbyg%2BtTAb7eM26NGG2Vp%2FF1RtJ47%2FMSU2OQjxAe3HWkPP%2FUSUas%2B3sEj2N9TeCtBdA1YcOJrosg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
cf-ray: 775601810a4cc347-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7823 0
0 90ms
89ms Fetch
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRHRDvV2PY5XmBbj4xtYPvKGpyAecge-wXNqkqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTgwNTE5Nzg2NzM1NDIwNDbIAQmoAwGqBN8BT9CCmyOi_gbD4tKdiXUfTBU9mwIpLdKo4C7W_nWHMuqzh3CIS4RPH_9HP44V78LROn6V3oh9DQ9FDt-V5XjLCw3rienZqB-ewcihZCJKV4XxJgLsWtn4kbHGjc4wN9LF4rv3Vua6f9RCz83dMVfrAHQLQEOfndEDYsbeTHz8XFtIw6_lnsRTwC3rOEclGOZjpTuPEaFeP-yRJhNQXs59lbKOVi3LIJDg-p9mXNln2ieKjNytagq9rJxYEW1KZqoTb5FVpz1Pt58UhLkrfVTpGrs1JPqBAKaq0gDSEqsmUoAGquazuZ-dw5XnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwNTE5Nzg2NzM1NDIwNDYYAA&sigh=dWyu6mdQ_c4&uach_m=[UACH]&cid=CAQSGwDq26N989pzYIHMBWU86UBnyDe95rq10CQNIRgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8051978673542046&output=html&h=280&slotname=1504196585&adk=1695276420&adf=1947930080&pi=t.ma~as.1504196585&w=1200&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028782&bpp=1&bdt=222&idt=272&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1183x280&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HwUvX8yiXI&p=https%3A//www.nflbite.to&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 15:20:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 7823 0
0 81ms
23ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOv-D8T6RLAJmALiIp0XAgAAAKoJhUo9zmhgELxdj2MCipwc0q8mJ0FrigASAAA&wp=Y49dvQABcxUE0bw4AApQvEqFOlHKd141W5yH-w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 250965
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame C139 141 KB
48 KB 193ms
79ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y49dvQABcxUE0bw4AApQvEqFOlHKd141W5yH-w&u=%7CwZKDr7CoNUWWnAi7VU5nmC4uwJRs4v3JdU53Bo2vbhA%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8OsrWzpRIsaibaekrOeO3BsscnmSBbvJfSpri6Zdo821K3xgsYEXI3mTVF_73hsTPQTs7VAO8otVcgxh8tyVuXADYmqsXFZV4buN1KNkrygzBNFoTkjzFu6SuVlZsy1n8hQNGAHBekSRJyVZGSXqG-xEjSk5tYUubf5SAaGW_ZuMQsq5vnR2wIsuWZBCYDGqV-2g4EfJUeK2Hi5SRH99-dDW729Mwj7QQZLaJpFlARsnJlK4-5tUlsIK36ZtZJ8Wp_-A75uquDN_dLO8bjqHqw_6y_A-A6kLYRvGOn5c6WCI8GWDXDNdN_S6UzizdhK6cz1BtRE7yiMT8_YQKJEmsm7jI0sS93NGpjTv1OWPs3rfR7kJ2sKa1FeH9Yfwv_7u5vIawGMLRR43qqnkGBkgsvTI94C9-7xranPnTl_IooUB_3u2JGTnMn2JP7MYVIr5nxO1EKT7TSf3uM4Wb6x9g16zKITWJug4U0LvxnynPy54dApw_ls4rXAqsHJTKIEKyfIc9mJ_nsMv2yYEZJuLaS6GhorokYI9oEfkMZFNjszBQEcP5st9Dd7aq4tswGXoUz61E_T_Z-q75Uv9vg9WKkYlZCmVjUrqeTW-sVqep3gIjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpC2YvV2PY5XmBbj4xtYPvKGpyAecge-wXNqkqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTgwNTE5Nzg2NzM1NDIwNDbIAQmoAwGqBOIBT9CCmyOi_gbD4tKdiXUfTBU9mwIpLdKo4C7W_nWHMuqzh3CIS4RPH_9HP44V78LROn6V3oh9DQ9FDt-V5XjLCw3rienZqB-ewcihZCJKV4XxJgLsWtn4kbHGjc4wN9LF4rv3Vua6f9RCz83dMVfrAHQLQEOfndEDYsbeTHz8XFtIw6_lnsRTwC3rOEclGOZjpTuPEaFeP-yRJhNQXs59lbKOVi3LIJDg-p9mXNln2ieKjNytagq9rJxYU29q9AHh5pGWLlDDXOWdRw4XVV3HAn-u14AIyRi0_hh7xDomkXk80YAGquazuZ-dw5XnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tuDXn3XY65deCzn_9Tku9tvYwBw%26client%3Dca-pub-8051978673542046%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3cfd06feed9d532b513e19403ac00b62b8de0d28527fbbfb31c8b6bae2e408d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=pa753wk8gK6-3NohHl_zmdfz258SUurG-XRK8rLIOUBqWdXvt9mfJXm-L_--ZTag_pRKEWk_51KkIOGq_BT3TmyCBd52-K9HV8F0vt4VA5UTdFkk5Xeq4sMz1csgBzvSgawNGZSBIs05triUsGlQg6JLKoIHDTrPmisisMjeA_fuGHXMPOIIirsj9nyVwr0YLVeWY1Y8H5Uzyd3wI8ILCyUE0ERJ8h75j7-MTAgVmN_LiWVXV3EctDxxWnUxz7H-6A-qKiBaOsuB_WA0"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53499423
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7823 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87062fcb076412bd5f632583ff3466dc69cda7dd138784dd2395040d9cf425a0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 26 KB
5 KB 316ms
80ms XHR
application/json 34.226.18.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=619a1d8f04726848404562e4&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&AV_CHANNELID=619a1d418697a435d432cf37&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.nflbite.to&AV_DADPOS=1&AV_TAG=619a1d8f04726848404562e4&AV_TEMPLATE=60bceb5ae580aa6950275314&d36=6.2.66&responsive=1&sver=3&avtoken=29730&omv=1.0.1&AV_D65=Floor&clsid=145556ef-e8de-4669-a3cd-8b64708fc7af&rando=8&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1670340029734&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.18.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-18-170.compute-1.amazonaws.com
Software: /
Resource Hash: 556bb9a3806bf99f37d0ba5074d12f2d51dff5e63d14521e3ab8f837a5d06d19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 25 Nov 2022 01:33:50 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 25ms
24ms Image
text/plain 3.223.0.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=www.nflbite.to&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.66&apppkg=&fv=1&proto=https&d65=Floor&clsid=145556ef-e8de-4669-a3cd-8b64708fc7af&rando=8&pid=6194ddd9c26fee3fb21675b7&cid=619a1d418697a435d432cf37&stagid=619a1d8f04726848404562e4&stplid=60bceb5ae580aa6950275314&e=inventory&vi=100&cb=1670340029732
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.0.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-0-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C139 2 KB
1 KB 85ms
27ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y49dvQABcxUE0bw4AApQvEqFOlHKd141W5yH-w&u=%7CwZKDr7CoNUWWnAi7VU5nmC4uwJRs4v3JdU53Bo2vbhA%3D%7C&c1=SMhbYeryLxlrMxzU2Hi05WDndzPbI8OsrWzpRIsaibaekrOeO3BsscnmSBbvJfSpri6Zdo821K3xgsYEXI3mTVF_73hsTPQTs7VAO8otVcgxh8tyVuXADYmqsXFZV4buN1KNkrygzBNFoTkjzFu6SuVlZsy1n8hQNGAHBekSRJyVZGSXqG-xEjSk5tYUubf5SAaGW_ZuMQsq5vnR2wIsuWZBCYDGqV-2g4EfJUeK2Hi5SRH99-dDW729Mwj7QQZLaJpFlARsnJlK4-5tUlsIK36ZtZJ8Wp_-A75uquDN_dLO8bjqHqw_6y_A-A6kLYRvGOn5c6WCI8GWDXDNdN_S6UzizdhK6cz1BtRE7yiMT8_YQKJEmsm7jI0sS93NGpjTv1OWPs3rfR7kJ2sKa1FeH9Yfwv_7u5vIawGMLRR43qqnkGBkgsvTI94C9-7xranPnTl_IooUB_3u2JGTnMn2JP7MYVIr5nxO1EKT7TSf3uM4Wb6x9g16zKITWJug4U0LvxnynPy54dApw_ls4rXAqsHJTKIEKyfIc9mJ_nsMv2yYEZJuLaS6GhorokYI9oEfkMZFNjszBQEcP5st9Dd7aq4tswGXoUz61E_T_Z-q75Uv9vg9WKkYlZCmVjUrqeTW-sVqep3gIjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpC2YvV2PY5XmBbj4xtYPvKGpyAecge-wXNqkqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTgwNTE5Nzg2NzM1NDIwNDbIAQmoAwGqBOIBT9CCmyOi_gbD4tKdiXUfTBU9mwIpLdKo4C7W_nWHMuqzh3CIS4RPH_9HP44V78LROn6V3oh9DQ9FDt-V5XjLCw3rienZqB-ewcihZCJKV4XxJgLsWtn4kbHGjc4wN9LF4rv3Vua6f9RCz83dMVfrAHQLQEOfndEDYsbeTHz8XFtIw6_lnsRTwC3rOEclGOZjpTuPEaFeP-yRJhNQXs59lbKOVi3LIJDg-p9mXNln2ieKjNytagq9rJxYU29q9AHh5pGWLlDDXOWdRw4XVV3HAn-u14AIyRi0_hh7xDomkXk80YAGquazuZ-dw5XnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tuDXn3XY65deCzn_9Tku9tvYwBw%26client%3Dca-pub-8051978673542046%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C139 2 KB
1 KB 83ms
25ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C139 308 B
636 B 55ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C139 293 B
622 B 48ms
23ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame C139 43 B
348 B 116ms
32ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=vEioExzu32iQOgX4ikW9ibLYgj5by_rugXl3IkCOVOn4kFpaad9SUdTkVF7Sq8buuXEU76VjBdiyWFzzLYQJ8F4nlCQQVpuEtS3u0YoRdVhOi-5VbdGnJTWOzpXA0Azpxyusfc3ZD3Fs-7eF_at5DV24cROa1phzApvZNQ5N7kVTJ2y7qVYBUSxotoRiDIk3wFg40DMxR4ipRcZRCgH075mDXTRWxd1qM1eaS06oebG8SP_FXh161qlMp34UdaoAyoJnYhpIFDjAz2BaIlWdNWdjZhJfnqryqnAyULFgUa0UnFi9I4zghLsKB1uBw6VxwsYFzBag5_-y4SKimpr_LwUmjcTkUWQT0nGMzSTu4vSVke8767k3PjBWcoeWPFS_ilBpYS-Cvx9tesmxwhcw1VtBR2tQTL0y4wGRzjhMxkEfGJ9L_iePT83RamMg_kWqF97Vgg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3745257
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 410B 2 KB
1 KB 87ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&h=280&slotname=5443441593&adk=4092563568&adf=2205611667&pi=t.ma~as.5443441593&w=1183&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1183x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028779&bpp=3&bdt=219&idt=257&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3890497870323&frm=20&pv=1&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wOy6Q0l2AN&p=https%3A//www.nflbite.to&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:10:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 410B 2 KB
765 B 85ms
39ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 410B 23 KB
9 KB 70ms
24ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 410B 3 KB
1 KB 67ms
42ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 410B 18 KB
7 KB 81ms
36ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 410B 153 KB
47 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 410B 34 KB
14 KB 94ms
18ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 18:54:02 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 74ms
73ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d9b6a654d7fff80fe27e30f05f4533872c775da3d964690e0ee04d457b0fe87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52344
x-xss-protection: 0
server: cafe
etag: 17470775429288122123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 410B 0
0 106ms
105ms Fetch
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJkvfvV2PY-jbBYrNo9kP_Zmg8AuHq9KMbZ2fi83UEPSanPO6MBABIIHAmZQBYP3oooHwA6ABvPPVvAPIAQmoAwHIA8sEqgTmAU_QTzIGA-DAnPhRyss-7oIEvSvX_NFfTW3oOVAgBMQB9GZKsqJj6hvcBIINGLXDgwiJ76jOyALs1rKpzTwf_-xh2srmiopI74npW0O8rMVVoHWa1Zb9UceJCRFrXIoXm7KyikC4CZR4seTFTIg3F00xX17bxSUC8TuSo4iLIZBED_cRmhaYlC3hye8A5L4FfZkz-D6HEG9CTYD7xLsGG_uFzZboxhaSsG-ez-nGSZPsgDPPevOPJJG3AJbHdKYryOeJCxA3q5EEJVBpUraDrP5RMUY-PFhP5fNKfoi8z05-oF40gt9mwAT30PuH_QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHrIyqQ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDbqijSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMjYxNDEyNjc2MzEzMDQxNhgA&sigh=mcc_mVJ3JiQ&uach_m=[UACH]&cid=CAQSGwDq26N9TiHb-NODq4FKsq_aka3LuusBTu126hgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&h=280&slotname=5443441593&adk=4092563568&adf=2205611667&pi=t.ma~as.5443441593&w=1183&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1183x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028779&bpp=3&bdt=219&idt=257&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3890497870323&frm=20&pv=1&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wOy6Q0l2AN&p=https%3A//www.nflbite.to&dtd=268
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 15:20:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 410B 8 KB
8 KB 90ms
19ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTK_fFfJOm0edHB1t9K3UYfqaOAcg5WpdMYqY9icfQ321dP3Wc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3f4286636e20d6e07c61059deb48ad16142cfa7524facda0bf0ef4cadbb92b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:00:49 GMT
x-content-type-options: nosniff
age: 263980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7784
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:19:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 03 Dec 2023 14:00:49 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 410B 9 KB
9 KB 94ms
24ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSpjUVFMxD8f0l_IKoxP0r-FOUm_5rHgYgK7KJQOtSsrUmY1x6C&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df4dc1914c364135063e65007fa7afcad88749a895b2fd33889909044490436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 22:56:42 GMT
x-content-type-options: nosniff
age: 491027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8932
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 05:37:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 22:56:42 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 410B 8 KB
9 KB 100ms
21ms Image
image/jpeg 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTsisdKGF1ZryRhOf0xYeEpNSD7YLX92TLWvi9HiTNeGt4BQec&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af749b0b31dd7c38df57d169a66f8a286de506a5b631d5b41b3e4e982a63e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 08:04:56 GMT
x-content-type-options: nosniff
age: 544533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8693
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 06:46:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 08:04:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 410B 9 KB
10 KB 87ms
20ms Image
image/jpeg 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT26b1K1zcrYuFxH8qkyD6N5MhNCNCePpnpJNyirHuzts1t-GY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a51b6f3baa1d97735036a84c80197666e6af9ec8eb55c250c0ff8c94083058ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:47:50 GMT
x-content-type-options: nosniff
age: 531159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9397
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 04:08:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 11:47:50 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 410B 10 KB
10 KB 100ms
22ms Image
image/jpeg 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSS1BHHLWxDdGvgpJUvsEgM00OFl68DGeE1TkIiT62WVZ8a7gLN&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8ec37d4a589f54573e8066e7518e65c0f674722ca6df3b40e6e9a9acdc4bc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 08:04:56 GMT
x-content-type-options: nosniff
age: 544533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10535
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 12:27:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 08:04:56 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 410B 28 KB
29 KB 89ms
23ms Image
image/png 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTW2wjCGl7a2nc25nAM8YK590SfOkFnlnn8NZeVGjIXIQgfxTU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0496f390c3ca43e1e2b274c32d1c0c513244d3805f0d6effe3dacbc5993e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:42:33 GMT
x-content-type-options: nosniff
age: 351476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28578
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:01:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 02 Dec 2023 13:42:33 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C139 12 KB
5 KB 57ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1187152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk%2FQyXldmEaOzpQXlRPPrTskWk8RFpMzrw2q%2BP2dLbRLvuQ7nEPMijqiKGyPm0EcCQuT%2BPq7KC9evGzK3erzjahE5ZPlhIX8M%2B2vtymAV5ucEt9sWJU%2F4%2FFFDTn7SMOMJWpEob9Q6Ki%2F5evHq5Huxk1%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77560182d8f9c47a-EWR
expires: Sun, 26 Nov 2023 15:20:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C139 12 KB
6 KB 29ms
29ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 71e3b7bf84e74194858937ab494cecb9_dinpro-medium.woff
static.criteo.net/design/dt/ Frame C139 51 KB
51 KB 93ms
44ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/71e3b7bf84e74194858937ab494cecb9_dinpro-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf858e8d21bf36bfcd56134c93ad55c0e8e22a975dd7ebb6fdbb648e3ebbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Apr 2018 20:57:20 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5acd2530-cab4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame C139 3 KB
3 KB 104ms
23ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=84887&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F8852%2F220810%2Fae0d120d79bf48fbbfe8fa6814cf34e5_22aw_ecomm_sp_bts_criteo-logo-refresh_300x215.jpg&v=3&w=528&s=bTZ2wjSSz1usirDDCyl-ndCc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

9c42b86d65d66851c803af9a78eab8183313770ad39a9976a1b0541cc5232da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28889101
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3316
expires: Mon, 06 Nov 2023 00:05:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame C139 155 KB
155 KB 168ms
87ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1200&m=0&partner=84887&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F84887%2F221115%2Fd8b26eb75ca04702a9bd9e748d86438a_img_horizontal_1.jpg&v=3&w=1200&s=zw8C36G70_FKIjHlMeH0xQXJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

6e4b80b724fa48bd5e24285ba8d71f825ec7b0cea3500ee865e8e3df67ea2118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29315098
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 158430
expires: Fri, 10 Nov 2023 22:25:29 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame C139 6 KB
7 KB 133ms
54ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=84887&q=80&r=0&u=https%3A%2F%2Fimages.puma.net%2Fimages%2F765202%2F05%2Fmod01%2Ffnd%2FPNA%2Fw%2F600%2Fh%2F600%2F&v=3&w=800&s=BusuDn00nK0cffv-Idn_0WWd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

9cd5590e9f4338c2e32c012fbc22c8d22501bcee8e7813f75cc7e25d5ecd492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27509725
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6576
expires: Sat, 21 Oct 2023 00:55:55 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame C139 5 KB
6 KB 103ms
24ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=84887&q=80&r=0&u=https%3A%2F%2Fimages.puma.net%2Fimages%2F532118%2F02%2Ffnd%2FPNA%2Fw%2F600%2Fh%2F600%2F&v=3&w=800&s=IR0FFtKfmmsbiPV7g7nPIncD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1e6e60c9aea03893dfc55cca3e3e7e5cd768df7feb5199d490343f44ac02901d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27517548
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5630
expires: Sat, 21 Oct 2023 03:06:18 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame C139 5 KB
5 KB 130ms
51ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=84887&q=80&r=0&u=https%3A%2F%2Fimages.puma.net%2Fimages%2F386468%2F02%2Fsv01%2Ffnd%2FPNA%2Fw%2F600%2Fh%2F600%2F&v=3&w=800&s=hkvHcR0206qTJfTqoBIst8eE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

6b84e364daf4e1dd9ce5797282e7488e0980dd5338eca9e9141098ebc3ac8996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27711373
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4748
expires: Mon, 23 Oct 2023 08:56:43 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame C139 0
128 B 100ms
22ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=pa753wk8gK6-3NohHl_zmdfz258SUurG-XRK8rLIOUBqWdXvt9mfJXm-L_--ZTag_pRKEWk_51KkIOGq_BT3TmyCBd52-K9HV8F0vt4VA5UTdFkk5Xeq4sMz1csgBzvSgawNGZSBIs05triUsGlQg6JLKoIHDTrPmisisMjeA_fuGHXMPOIIirsj9nyVwr0YLVeWY1Y8H5Uzyd3wI8ILCyUE0ERJ8h75j7-MTAgVmN_LiWVXV3EctDxxWnUxz7H-6A-qKiBaOsuB_WA0&sds=2&rev=83862&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 15:20:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C139 2 KB
1 KB 47ms
27ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C139 2 KB
1 KB 48ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:20:29 GMT

GET
H3 200 chunks.m3u8 Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 219 B
626 B 238ms
195ms XHR
application/vnd.apple.mpegurl 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/chunks.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3073c55d67e2a48e96496ee808a8a335820790a645c039740d3e5a4f65809ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1vR2x7NOnyT2jSo9qI63a6Arejd9Xg8anqChws8%2BJ99%2BHoWwz%2BiRouMLooQ5MAZ4lcU2DvE4Liab6JRFUmcjazsk3zzypgV1Lu6yURusRPN3BQsY3G%2BiT7itkOCsOg7KBJEydbkplfBk7tb2SeMSBKcxNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
cf-ray: 775601835c50558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 56ms
56ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nflbite.to

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame C846 10 KB
4 KB 39ms
38ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 66634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:49:55 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 20:49:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 410B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61701c1f3601634f197cfcb145edb6d33c8b12fe020cf1b0507d8ad665b7829d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame C139 2 KB
562 B 85ms
38ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 14:41:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 15:20:30 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 410B 20 KB
21 KB 74ms
19ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 22:12:02 GMT
x-content-type-options: nosniff
age: 580108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 22:12:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C846 0
0 95ms
94ms Fetch
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1hBUvV2PY__WBbzJo9kPqPOfoAWYjejhbfmE_vr0ENnZHhABIIHAmZQBYP3oooHwA6AB9L_98ijIAQKoAwHIA8kEqgTjAU_QHQ1UxdDkjCioay7k4-B9Hl530sXCuYTMMu2ka5o72lP-a3TNTwSYUki7sBGnXl77h_kDxDjp1hlq11QP2LGDDA50xECLNoZ8XXnSyrOFaDhjHX8TExvTW8_Sem6dXZoTCp4QTjIJVASOflKzuG08uKnHEiNMS7Dw5IxbCUX5zd7nhsBJ-nCcsKZcP6YlanWfLefaTIJjphudI_MchPuQ89OSc8BDQnnT23EtGnQyFr2YD9RREQKJzGWRRbGjbKUEXLN4fpUj5ZBGGTmalyi12R_LDvNu8hDnEkQPbuIYRJ2NwASWiOycmwSSBQQIBBgBkgUECAUYBKAGAoAH9PfN0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD9khLSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMjYxNDEyNjc2MzEzMDQxNhgA&sigh=Ovv1PyE5K38&uach_m=[UACH]&cid=CAQSGwDq26N9IeSeBVUKPSMLwxQIvrWfrU3lxa0FVRgBIBM

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 15:20:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame C846 23 KB
9 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 12309484784738166285
tpc.googlesyndication.com/simgad/ Frame C846 26 KB
26 KB 24ms
24ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12309484784738166285?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDfGLpNQH9lOqz8faQ_6LnhP4rkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddfd342e3078b60c19ec22047b0534a3787af672171009d15089d8742087a6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:24:30 GMT
x-content-type-options: nosniff
age: 75360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26138
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 20:29:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 18:24:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C846 3 KB
1 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 00:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C846 18 KB
7 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:05:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C846 153 KB
47 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:20:30 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C846 34 KB
13 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

880dad83ad1a7d8493d56f97f099d187f5d82c82ab93eb31a73c0f1f00660950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 01:06:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13704
x-xss-protection: 0
server: cafe
etag: 14973625061485235227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 01:06:03 GMT

GET /
csync.loopme.me/ Frame 47A4 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1A0C 15 KB
6 KB 78ms
22ms Document
text/html 96.6.22.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.6.22.215 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-22-215.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=117545
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 15:20:30 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 07 Dec 2022 23:59:35 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET

cookiesyncendpoint
sync.aniview.com/ Frame F8D0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=&verify=true
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-n3sPz6VE2uFpFGV1dibyL0iL6FGNufXN4aPvLEg-~A&gdpr=0&gdpr_consent=

0
0

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame F457
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670340029996-994946883307-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670340029996-9949468...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1670340029996-994946883307-005912-002-001503&key=b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16

0
37 B

25ms
25ms

Document
text/plain

54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1670340029996-994946883307-005912-002-001503&key=b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Tue, 06 Dec 2022 15:20:30 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1670340029996-994946883307-005912-002-001503&key=b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 3784
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670340029996-994946...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8647028924
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8647028924
https://sync.1rx.io/usersync/tradedesk/782c7b18-e52c-469e-a9a2-f1f933c6e54c
https://sync.targeting.unrulymedia.com/csync/RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005?redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670340029996-994946883307-005912-002-001503&key=RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005

0
37 B

25ms
25ms

Document
text/plain

54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670340029996-994946883307-005912-002-001503&key=RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Tue, 06 Dec 2022 15:20:30 GMT
ETag: RX42e769f828724a2c8df75fb176e6fa0d005
Location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670340029996-994946883307-005912-002-001503&key=RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding: chunked

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 49A2
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670340029996-994946883307-005912-002-001503&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%2...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1670340029996-994946883307-005912-002-001503&key=C7970F54021A41998C76638CDE44E688

0
37 B

282ms
27ms

Document
text/plain

54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1670340029996-994946883307-005912-002-001503&key=C7970F54021A41998C76638CDE44E688
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.nflbite.to/
age: 0
content-length: 0
content-type: text/plain
date: Tue, 06 Dec 2022 15:20:30 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1670340029996-994946883307-005912-002-001503&key=C7970F54021A41998C76638CDE44E688
server: nginx
via: 1.1 varnish
x-varnish: 89130066

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 4099
Redirect Chain

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D167034002999...
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D167034002999...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=18&auid=1670340029996-994946883307-005912-002-001503&key=FxXYeLZHxfS7dJ8WStuMtkvg

0
38 B

244ms
26ms

Document
text/plain

54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=18&auid=1670340029996-994946883307-005912-002-001503&key=FxXYeLZHxfS7dJ8WStuMtkvg
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 06 Dec 2022 15:20:30 GMT
Location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=18&auid=1670340029996-994946883307-005912-002-001503&key=FxXYeLZHxfS7dJ8WStuMtkvg
X-Sovrn-Pod: ad_ap6ewr1

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame FCDF
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1670340029...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670340029996-994946883307-005912-002-001503&key=dVClxkSd1494&ev=1&us_privacy=1---&pid=562704

0
37 B

292ms
26ms

Document
text/plain

54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670340029996-994946883307-005912-002-001503&key=dVClxkSd1494&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
content-language: en-CA
cw-server: bh-deployment-85b974b49-qmfrf
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670340029996-994946883307-005912-002-001503&key=dVClxkSd1494&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 400 sync Show response
t.adx.opera.com/pub/ Frame 2882 0
411 B 319ms
93ms Document
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B4CD 2 KB
815 B 46ms
9ms Document
text/html 51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip186.ip-51-222-39.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame BEA9 49 KB
17 KB 341ms
186ms Document
text/html 2a02:6ea0:c400::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer: https://www.nflbite.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Tue, 06 Dec 2022 15:20:30 GMT
etag: W/"61c991db-c5bc"
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: AZySO/d1hH2h
x-77-nzt-ray: f483842d8644a2febe5d8f639c30ed0f
x-77-pop: newyorkUSNY
x-accel-expires: @1671376830
x-cache: MISS

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 7FC6 174 KB
55 KB 25ms
25ms Script
application/javascript 2600:141b:5000:3a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:5000:3a0::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduepVRYuliO6Qw-lFMKT1Y_Hkb0Q2KrzIKaVkXQTf9sQCZLePIcEO25AOOOcF6ae_Am3GJ3rg98UEcxZYC7w0wOcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55951
last-modified: Sun, 04 Dec 2022 11:44:22 GMT
server: UploadServer
etag: "311c348753cb3987619bfca54c2e12b3"
vary: Accept-Encoding
x-goog-generation: 1670154262795348
x-goog-hash: crc32c=u0N1Sg==, md5=MRw0h1PLOYdhm/ylTC4Ssw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 55951
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 06 Dec 2022 15:30:30 GMT

GET
H2 200 avpb7.12.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 7FC6 62 KB
21 KB 31ms
31ms Script
application/javascript 2600:141b:5000:3a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:5000:3a0::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt96QgO-Ovox8AhnpmJV12lmN-HEGMbVjiD44V9e20xYNRr5B6kA-qbuuh8HdEHma4MZ5FqVPkyoYj9-jxOz8w2SQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20450
last-modified: Sun, 04 Dec 2022 11:44:23 GMT
server: UploadServer
etag: "c1def935fe9253e6cf253c75976965de"
vary: Accept-Encoding
x-goog-generation: 1670154262962127
x-goog-hash: crc32c=NilQUg==, md5=wd75Nf6SU+bPJTx1l2ll3g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 20450
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 06 Dec 2022 15:30:30 GMT

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
363 B 381ms
298ms Fetch
text/plain 18.209.244.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=97543f2277d294cdd3db7705fa9628bf&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1670340029996-994946883307-005912-002-001503&AV_TAGID=619a1d8f04726848404562e4&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&AV_CHANNELID=619a1d418697a435d432cf37&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.nflbite.to&AV_DADPOS=1&AV_TAG=619a1d8f04726848404562e4&AV_TEMPLATE=60bceb5ae580aa6950275314&d36=6.2.66&responsive=1&sver=3&avtoken=29730&omv=1.0.1&AV_D65=Floor&clsid=145556ef-e8de-4669-a3cd-8b64708fc7af&rando=8&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=340030103&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.244.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-244-249.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.nflbite.to
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 25 Nov 2022 01:33:50 GMT

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ 240 B
710 B 213ms
115ms Fetch
text/xml 52.4.33.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a9699160184849b23859e2326eb0019&pos=8a9695b10184849b2d639e247e2a0012&secure=1&euconsent=&gdpr=0&us_privacy=1---&d(id24)=&ht=236&wd=420&reserve=3.5&req(url)=www.nflbite.to&schain=1.0,1!adipolo.com,22658558586,1,,,!aniview.com,60095c900c0799791c46d8d4,1,,,&cbb=340030106
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-33-45.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
server: ATS/9.1.10.25
age: 0
access-control-allow-methods: GET,POST
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://www.nflbite.to
access-control-expose-headers: X-Nexage-AdTid
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 240
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1---

43 B
510 B

37ms
37ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 15:20:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?ssp=&user_id=1670340029996-994946883307-005912-002-001503&gdpr=0&gdpr_consent=&us_privacy=1---
Date: Tue, 06 Dec 2022 15:20:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiesyncendpoint
sync.aniview.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D24%26pid%3D59c9148628a0612da3689288...
https://sync.aniview.com/cookiesyncendpoint?auid=1670340029996-994946883307-005912-002-001503&biddername=24&pid=59c9148628a0612da3689288&key=c49ea7b0-cf70-4351-bde5-aaaf5ca925af

0
238 B

24ms
23ms

Image
text/plain

34.233.211.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1670340029996-994946883307-005912-002-001503&biddername=24&pid=59c9148628a0612da3689288&key=c49ea7b0-cf70-4351-bde5-aaaf5ca925af
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Server: 34.233.211.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-211-172.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
content-length: 0

Redirect headers

Location: https://sync.aniview.com/cookiesyncendpoint?auid=1670340029996-994946883307-005912-002-001503&biddername=24&pid=59c9148628a0612da3689288&key=c49ea7b0-cf70-4351-bde5-aaaf5ca925af
Date: Tue, 06 Dec 2022 15:20:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmY2ODgyNTMzNTVkOTc1NWNhOTNiZTk3ZWI0YTNkMA==&gdpr=0&gdpr_consent=

170 B
502 B

119ms
43ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmY2ODgyNTMzNTVkOTc1NWNhOTNiZTk3ZWI0YTNkMA==&gdpr=0&gdpr_consent=

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Server

142.250.65.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 15:20:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmY2ODgyNTMzNTVkOTc1NWNhOTNiZTk3ZWI0YTNkMA==&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1670340030234092-133

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 154ms
18ms Image
image/gif 63.251.28.233
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 15:20:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1670340030253043-158

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=87e9428c6c47c556454318a6b3714cf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

116ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=87e9428c6c47c556454318a6b3714cf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 15:20:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZZ7WZMYCEBR2ZAWPVBC5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 15:20:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=87e9428c6c47c556454318a6b3714cf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1670340030233085-277

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 55D3 221 KB
61 KB 100ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 20:39:09 GMT
age: 412881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 20:39:09 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 55D3 14 KB
5 KB 131ms
52ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 20:39:09 GMT
age: 412881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 20:39:09 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 55D3 94 KB
28 KB 134ms
55ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 20:39:09 GMT
age: 412881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 20:39:09 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 55D3 5 KB
2 KB 140ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 20:39:09 GMT
age: 412881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 20:39:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 55D3 40 KB
13 KB 142ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 20:39:09 GMT
age: 412881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 20:39:09 GMT

GET
H3 200 12309484784738166285
tpc.googlesyndication.com/simgad/ Frame 55D3 26 KB
26 KB 23ms
22ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12309484784738166285?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDfGLpNQH9lOqz8faQ_6LnhP4rkQ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddfd342e3078b60c19ec22047b0534a3787af672171009d15089d8742087a6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:24:30 GMT
x-content-type-options: nosniff
age: 75360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26138
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 20:29:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 18:24:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 55D3 2 KB
2 KB 32ms
31ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options: nosniff
server: cafe
age: 67281
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 06 Dec 2022 20:39:09 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 55D3 295 B
319 B 33ms
32ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options: nosniff
server: cafe
age: 67281
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 06 Dec 2022 20:39:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 55D3 0
0 106ms
36ms Image
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmtIsIB_pHg25PGv2X6Pmvh05iMoMnKwPLGzSWEuwRJylxqiEwyF5QB-hr0J2Q-zWJtSUy_t2Ly1evEkChnI2tTe30uQ
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.nflbite.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8999 36 KB
16 KB 26ms
23ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 03:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 03:34:12 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame C139 15 KB
15 KB 65ms
23ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 22:18:31 GMT
x-content-type-options: nosniff
age: 579719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 22:18:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03CA 143 B
166 B 24ms
19ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:17:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4679 247 B
959 B 103ms
36ms Document
text/html 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

3b69963dab16592f1a34d8d7ffb47c1341ddcec5cf7002dc9b99a8aa9d5bd397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-Lbs9aus9e9ei8HCMmkyUFw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1A0C 2 KB
3 KB 69ms
19ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83934234&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b8c74f56be6d5cf12cce043028961dceadb74b8c0076bff1ed1bc05a352bf83f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 15:20:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 l_29_29496499_787.ts Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 2 MB
2 MB 114ms
113ms XHR
video/m2ts 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/l_29_29496499_787.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea33fac222febad7b77756211cd17fcdd6a11c41cd9293623854df2a4124f00

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5RWwh0H46mMAI5%2FMm%2FNr6tMXWVQHMTIfbzfd28laQWtLUb5CP7NSLhaGvav5QY7xmUW9Aqzsu3NIrxC1XJpmKONuecFe3vAZEaSc%2FMqlbH8hBZ68jHrfY7Idw%2F7u71bvl1qAaoebt2I8JsRJybrrGA7UEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/m2ts
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
accept-ranges: bytes
cf-ray: 775601855f61558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1888460

GET
DATA 200
OK truncated
/ Frame C846 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfdfdaca9d9115c4614e7179e4156e26ba2fcfd365df88fe889a5f39c0b57f93

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK ef831ac3-f249-47be-a936-3665965d7c1e
https://bongstreams.com/ Frame BAB0 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bongstreams.com/ef831ac3-f249-47be-a936-3665965d7c1e
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 63763
Content-Type: text/javascript

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
111 B 114ms
114ms XHR
text/plain 52.4.33.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-33-45.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
x-openrtb-version: 2.5
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.nflbite.to
date: Tue, 06 Dec 2022 15:20:30 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 134ms
26ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.nflbite.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.nflbite.to
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT
server: ATS/9.1.10.25

GET
H3 200 iframe.html Show response
p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4679 4 KB
2 KB 78ms
34ms Document
text/html 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

da7061ccce93947408d2cad5324f71f5fe59ae87b39d7c74072ff0f805386c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1862
content-security-policy-report-only: script-src 'nonce-7ZsI3IiOMX6rq6AqwqWJwg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6109
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=

35 B
468 B

21ms
18ms

Document
image/gif

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=285702D0-EF31-4E41-A20F-40ED5B964212&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7205
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y49dvgAB-PaQAQAp&gdpr=0&gdpr_consent=&_test=Y49dvgAB-PaQAQAp

1 B
239 B

90ms
20ms

Document
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y49dvgAB-PaQAQAp&gdpr=0&gdpr_consent=&_test=Y49dvgAB-PaQAQAp
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Tue, 06 Dec 2022 15:20:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y49dvgAB-PaQAQAp&gdpr=0&gdpr_consent=&_test=Y49dvgAB-PaQAQAp
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yul12830-YUL
x-timer: S1670340031.708670,VS0,VE0

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame F880
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

43ms
42ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 15:20:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 22MG7DQR7V7C5CJNFX48

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 06 Dec 2022 15:20:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 59TF8FFDRT4QAK5THQ5V

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6955
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&gdpr=0&gdpr_consent=

42 B
555 B

37ms
19ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 06 Dec 2022 15:20:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 06 Dec 2022 15:20:30 GMT
Expires: Tue, 06 Dec 2022 15:20:29 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master ord-pixel-x20 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&gdpr=0&gdpr_consent=

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame 5372 0
37 B 29ms
25ms Document
text/plain 54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=1&auid=1670340029996-994946883307-005912-002-001503&key=285702D0-EF31-4E41-A20F-40ED5B964212
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:30 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KFcC0O8xTkGiD0DtW5ZCEg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

34ms
34ms

Image
text/html

96.6.22.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 96.6.22.215 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-6-22-215.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 06 Dec 2022 15:20:30 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=UTF-8
cache-control: max-age=117545
accept-ranges: bytes
content-length: 5549
expires: Wed, 07 Dec 2022 23:59:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 1A0C
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=285702D0-EF31-4E41-A20F-40ED5B964212
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI4NTcwMkQwLUVGMzEtNEU0MS1BMjBGLTQwRUQ1Qjk2NDIxMhAAGg0Iv7u9nAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=98ab2e7fa4769ec1dab56f926606475e6a1b27d5db3a3a6bc990b026c2705bda791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5OGFiMmU3ZmE0NzY5ZWMxZGFiNTZmOTI2NjA2NDc1ZTZhMWIyN2Q1ZGIzYTNhNmJjOTkwYjAyNmMyNzA1YmRhNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5OGFiMmU3ZmE0NzY5ZWMxZGFiNTZmOTI2NjA2NDc1ZTZhMWIyN2Q1ZGIzYTNhNmJjOTkwYjAyNmMyNzA1YmRhNzkxNDI2YjU0MTdkY2UyMRAAGgwIv7u9nAYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=48e0b598-f2ee-4905-bd3f-c70e1de3c619

42 B
60 B

44ms
44ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=48e0b598-f2ee-4905-bd3f-c70e1de3c619
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=48e0b598-f2ee-4905-bd3f-c70e1de3c619
date: Tue, 06 Dec 2022 15:20:31 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567a638f-5dbe-4100-8525-e076db1a6edf

0
128 B

21ms
20ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567a638f-5dbe-4100-8525-e076db1a6edf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 06 Dec 2022 15:20:30 GMT
Server: MT3 180 1fd3e2d master ord-pixel-x2 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567a638f-5dbe-4100-8525-e076db1a6edf
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Dec 2022 15:20:29 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjg1NzAyRDAtRUYzMS00RTQxLUEyMEYtNDBFRDVCOTY0MjEy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

79ms
23ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 06 Dec 2022 15:20:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENfo7lefyQSJrYgOoG-EczQ&google_cver=1

42 B
378 B

80ms
27ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENfo7lefyQSJrYgOoG-EczQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 06 Dec 2022 15:20:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENfo7lefyQSJrYgOoG-EczQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BD2B676F567340688F4D380AE82DC151

42 B
288 B

76ms
24ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BD2B676F567340688F4D380AE82DC151
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Tue, 06 Dec 2022 15:20:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BD2B676F567340688F4D380AE82DC151
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Dec 2022 15:20:30 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2338547713758656481&gdpr=0&gdpr_consent=&us_privacy=

1 B
255 B

20ms
19ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2338547713758656481&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2338547713758656481&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 06 Dec 2022 15:20:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=782c7b18-e52c-469e-a9a2-f1f933c6e54c&gdpr=0&gdpr_consent=

42 B
277 B

95ms
21ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=782c7b18-e52c-469e-a9a2-f1f933c6e54c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 06 Dec 2022 15:20:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=782c7b18-e52c-469e-a9a2-f1f933c6e54c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2 200 285702D0-EF31-4E41-A20F-40ED5B964212
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1A0C 43 B
602 B 138ms
30ms Image
image/gif 2600:1f18:4e9:5a01:b333:1a3:d097:8434
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/285702D0-EF31-4E41-A20F-40ED5B964212?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:b333:1a3:d097:8434 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1A0C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=285702D0-EF31-4E41-A20F-40ED5B964212&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mEtBAnVE2uXrLYji2DvWjJfdpiwTHFU-~A&gdpr=0&gdpr_consent=

0
260 B

65ms
21ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mEtBAnVE2uXrLYji2DvWjJfdpiwTHFU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mEtBAnVE2uXrLYji2DvWjJfdpiwTHFU-~A&gdpr=0&gdpr_consent=
date: Tue, 06 Dec 2022 15:20:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
35ms

Document
text/html

2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:30 GMT
expires: Tue, 06 Dec 2022 15:20:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 15:20:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 55D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

44ms
43ms

Image
text/html

2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.nflbite.to
URL: https://www.nflbite.to/news/morocco-vs-spain-1/
Protocol: H3
Server: 2607:f8b0:4006:806::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Dec 2022 15:20:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7823 42 B
64 B 126ms
80ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCE9nqZR1Yjdm9d2NP4I10IiQ4kPGaJXD-36tNjw2FlN3arDhDavAXhnyPwVqMxl_3z0g_Ey4Gtka7fUvMowFazEk&sig=Cg0ArKJSzGl50puVlbliEAE&id=lidar2&mcvt=1053&p=0,0,280,1200&mtos=0,0,1053,1053,1053&tos=0,0,1053,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=20&adk=1695276420&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670340029061&rpt=578&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js Show response
pagead2.googlesyndication.com/bg/ Frame E90D 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 03:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16040
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 03:34:12 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame C139 0
127 B 24ms
22ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 15:20:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 410B 42 B
64 B 83ms
82ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8CC9LYFTlNXLnRsLEfw1k4e2J0czYAPovDmmMA2CnAjA0RPMCb3JmGc7REhOlk3KUFwMwLcQFtRVnVUO2bAc_WQuLQeWG4YO8tN0c4ze4smh9I5zS9wt90uAbcXAOR_V0UFU&sai=AMfl-YQlPiqoXGF-n-jM82hRWs2tyyptvn_9oKhj-rS0r7RLa_i3Fsk7__j7EOmOO8AY4Sz-iMjzPaCd4HYJJUg&sig=Cg0ArKJSzGQBFOywmu-5EAE&cid=CAQSGwDq26N9TiHb-NODq4FKsq_aka3LuusBTu126hgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1183&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4092563568&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670340029049&rpt=1103&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l_29_29502505_788.ts Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 2 MB
2 MB 114ms
114ms XHR
video/m2ts 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/l_29_29502505_788.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6df043a4457dfce86d22e9d47ab46b272a660fae0aafef6a4c4f8c15616e0140

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j8r1GTZyx6fZt6ZLWg2Ziakeuqo5qN6EBKefKvLHPHFadlsd3o933IBy5hRIgA1WMw6s33SarQ9y2Q8MEpUuUW3VEdwhop4iXfoSJ550MAeXJtKD03tIh0XCY8uCvUfJKJ7wjussRcFoOCCUeaURgeo4KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/m2ts
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7756018b2f10558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1681660

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
543 B 315ms
102ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nflbite.to
date: Tue, 06 Dec 2022 15:20:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 132 B
273 B 327ms
154ms XHR
application/json 100.20.115.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 96eeab5f23635790c0f785cf7be287a333fc8a9961ed8e592e948f7f005de8ee

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nflbite.to
date: Tue, 06 Dec 2022 15:20:31 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin
content-type: application/json

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
252 B 83ms
47ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.nflbite.to
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C846 42 B
64 B 85ms
84ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsg4BOf7VlXKr56I45WtbRifFQphP9Vy01xcXAQ-WKfvDBljqOW3-Cbd0KmqDF64NA8NRUL0-ofFWQA_rOVTLZI3_g2-fA_f1mC6S5bl_M09ONZixeFesoyI0wV686HdP5taI&sai=AMfl-YSANQ2xlTmPZcko0Xd0K4lgTXXcdkUoEQGoXKIJG32Jc1wCLUYFQrDHrykJQYshp2S2gMeMOzxvJkdHx5E&sig=Cg0ArKJSzN3tWejRgN5vEAE&cid=CAQSGwDq26N9IeSeBVUKPSMLwxQIvrWfrU3lxa0FVRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=177,736,1000,1067,1067&tos=177,559,264,67,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670340029984&rpt=342&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 15:20:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l_29_29508511_789.ts Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 2 MB
2 MB 115ms
114ms XHR
video/m2ts 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/l_29_29508511_789.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0d0815be1b97e85b3a7bc1d36c6203dfbdc367dbb27a57c5a5a34d6716a25b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ2Rh9sZlk4WiQnHE%2BOXRESL1UcEwB%2FcAviBCRnyGtdhdnqI%2Fwxf65uf8hFTAIh7Uj6Gx0786QYFGbay%2Bz9%2B0EnT2d%2BOCKoFmX2z17edcK8gJqZPEbT5%2Bn1iL%2Ff1adtGQ5tFrcrh1S4SzAVtIFZ9yhx6oVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/m2ts
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7756018d1a00558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1781488

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 314ms
99ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

3382cf58730944a0c80b03c3fde09902a19c5d42e64b693b4a9e5c0a604ec9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nflbite.to
date: Tue, 06 Dec 2022 15:20:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 l_29_29514517_790.ts Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 2 MB
2 MB 111ms
110ms XHR
video/m2ts 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/l_29_29514517_790.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb22698e312cce539ed5cd151ca4fb09a828da278751f85dac442884618b093

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJQKFcOKaQnqG9dXCuEmnKHQIznTh3QTi83fFUprRO5nRgpDxeD0hK5BniQ%2FSvm3h8kqpcsxiNdKNdSpfq2WCt2uNLO7sSOIUXsSpQAxeJ7%2Bf5kXzE5bUTEq%2B7nTbCnmcag4ReDZNphrIsRRkabKtFcXy1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/m2ts
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7756018f0ce5558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1684668

POST
H/1.1 200 371.json Show response
id5-sync.com/g/v2/ 461 B
1 KB 299ms
99ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/371.json

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

d8b7da39d434c99ca71e08e573fec15ab267e5d536214a12fbc1fdd5341a8c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nflbite.to
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame BEA9 0
234 B 28ms
27ms Document
text/plain 54.147.174.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1670340029996-994946883307-005912-002-001503&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.174.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-174-123.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Tue, 06 Dec 2022 15:20:32 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1A0C 0
128 B 22ms
19ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160993&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 track
servt.modoro360.com/ Frame 7FC6 0
93 B 29ms
28ms Ping
text/plain 3.223.0.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=CA&cos=Windows&r=www.nflbite.to&rs=www.nflbite.to&sid=53766&t=1670340029&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=6194ddd9c26fee3fb21675b7&test=&d64=97543f2277d294cdd3db7705fa9628bf&d63=97543f2277d294cdd3db7705fa9628bf&aafaid=&proto=https&uid=1670340029996-994946883307-005912-002-001503&cha=0.7&stagid=619a1d8f04726848404562e4&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.66&cb=82940317291&d39=&d65=Floor&d66=&apppkg=&d9=0000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6194ddd9c26fee3fb21675b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.0.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-0-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nflbite.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 15:20:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 chunks.m3u8 Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 219 B
591 B 110ms
109ms XHR
application/vnd.apple.mpegurl 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/chunks.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf7e843608712a4628f600a8b275f73f38192211d58c6b8543280c08efbdef7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eApMeCb6wBtewelWGIWmSRQquDAUcYYxdFxFm7d9%2BXTd%2Fiu8SoYJWtlaB69Z%2B%2BM73FmfQ1sNQ4LsiY4XXub3aGwNuQV4%2BihaBdJjZ0mLDfOkXqlF0wQYdqFCb8hVkx3K%2B0gRycBJr4DO7QWi6%2Ba5v9uOn2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
cf-ray: 775601a89e13558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 l_29_29520523_791.ts Show response
luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/ Frame BAB0 2 MB
2 MB 115ms
114ms XHR
video/m2ts 2606:4700:3038::6815:ea65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luinr.bongstreams.com/live/adaptive_bong-1/live/bong-1_720p/l_29_29520523_791.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67c3081ad88a6cbe4160908f538c7266cf711484b084894826e12d068f664cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bongstreams.com/rntv.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRc%2FQlDyFjCJJkQXZRWRVEh6%2BIBfB8ezBqBcLpo3U6HqmgSOPkRg3Lfvopk%2FjgHfLuv8ztpvRK%2BkjxX%2BqywVcoWs%2BEEhOQM1xUDobrcWi303y5spXhgstwEnB0GamkDIH52NnVu4nq2D1anMPM9883PkBgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/m2ts
access-control-allow-origin: https://bongstreams.com
cache-control: no-cache
accept-ranges: bytes
cf-ray: 775601a9dfb9558f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1725088

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1670340029996-994946883307-005912-002-001503%26key%3D%7Bdevice_id%7D

Domain: sync.aniview.com
URL: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-n3sPz6VE2uFpFGV1dibyL0iL6FGNufXN4aPvLEg-~A&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nflbite.to/	1970-01-20 17:35:00	Name: _ga_GBBTM4ZWQD Value: GS1.1.1670340028.1.0.1670340028.0.0.0
.nflbite.to/	1970-01-20 17:35:00	Name: _ga Value: GA1.1.1401570478.1670340029
.nflbite.to/	1970-01-20 17:20:36	Name: __gpi Value: UID=000008c698697097:T=1670340029:RT=1670340029:S=ALNI_MY8YE3Wdgi6y90FBXRmgH16qZXcsA
www.nflbite.to/	1970-01-20 08:42:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nflbite.to/	1970-01-20 16:44:36	Name: _pubcid Value: f131550c-b8ac-4e9e-9927-787dc112c586
.nflbite.to/	1970-01-20 17:20:36	Name: __gads Value: ID=e9a35d64530b1acd:T=1670340029:S=ALNI_MbiDprAWoAvqUPH2dvLdyPQkKW6cA
.modoro360.com/	1970-01-20 08:27:48	Name: aniC Value:
.doubleclick.net/	1970-01-20 17:35:00	Name: IDE Value: AHWqTUl-VeBpFWzQWLDMrarNZYL9w0UOR_weHHqgek48nr7ilIULRTvErzaKqnPmNCM
.contextweb.com/	1970-01-20 08:42:12	Name: ccpa Value: 1---
.contextweb.com/	1970-01-20 16:37:24	Name: V Value: dVClxkSd1494
.contextweb.com/	1970-01-20 16:44:36	Name: pb_rtb_ev Value: 3-1hmy\|8jz.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 10fa00db07bd6d1f
.technoratimedia.com/	1970-01-20 17:35:00	Name: tads_uid Value: C7970F54021A41998C76638CDE44E688
.technoratimedia.com/	1970-01-20 17:35:00	Name: tads_uid_cd Value: 20221206152030+0000
.technoratimedia.com/	1970-01-20 17:35:00	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 17:35:00	Name: tads_uidp_70 Value: 1670340029996-994946883307-005912-002-001503
.lijit.com/	1970-01-20 16:44:36	Name: ljt_reader Value: FxXYeLZHxfS7dJ8WStuMtkvg
.bidswitch.net/	1970-01-20 16:44:36	Name: c Value: 1670340030
.bidswitch.net/	1970-01-20 16:44:36	Name: tuuid_lu Value: 1670340030
.bidswitch.net/	1970-01-20 16:44:36	Name: tuuid Value: c49ea7b0-cf70-4351-bde5-aaaf5ca925af
.ads.stickyadstv.com/	1970-01-20 09:25:24	Name: uid-bp-159 Value: 1
.ads.stickyadstv.com/	1970-01-20 08:42:12	Name: UID Value: 87e9428c6c47c556454318a6b3714cf
.ads.stickyadstv.com/	1970-01-20 08:19:09	Name: uid-bp-30833 Value: 1
.360yield.com/	1970-01-20 10:08:36	Name: tuuid Value: b890b7f2-6e71-4b4d-8f82-e8c53fd3cb16
.360yield.com/	1970-01-20 10:08:36	Name: tuuid_lu Value: 1670340030
.pubmatic.com/	1970-01-20 10:08:36	Name: KADUSERCOOKIE Value: 285702D0-EF31-4E41-A20F-40ED5B964212
.pubmatic.com/	1970-01-20 10:08:36	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 08:00:26	Name: pi Value: 160993:2
.pubmatic.com/	1970-01-20 10:08:36	Name: DPSync3 Value: 1671494400%3A197_201%7C1670889600%3A164%7C1670371200%3A174
.pubmatic.com/	1970-01-20 10:08:36	Name: SyncRTB3 Value: 1671494400%3A13_22_54_7_220_21_250_71%7C1670889600%3A223_2
.yahoo.com/	1970-01-20 16:44:57	Name: A3 Value: d=AQABBL5dj2MCEB-FmYwogas1_7GvjLALFrQFEgEBAQGvkGOZYwAAAAAA_eMAAA&S=AQAAAmXzR5gqgGDhRm011U6dXTg
.adsrvr.org/	1970-01-20 16:44:36	Name: TDID Value: 782c7b18-e52c-469e-a9a2-f1f933c6e54c
.adx.opera.com/	1970-01-20 16:44:36	Name: UID Value: OPUbccf60a2fad54c1ab918dc82caaead23
.1rx.io/	1970-01-20 16:44:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005%22%7D
.aniview.com/	1970-01-20 08:27:48	Name: aniC Value: 1670340029996-994946883307-005912-002-001503
.aniview.com/	1970-01-20 08:00:26	Name: 2_C_24 Value: c49ea7b0-cf70-4351-bde5-aaaf5ca925af
sync.aniview.com/	1970-01-20 08:00:26	Name: 2_C_24 Value: c49ea7b0-cf70-4351-bde5-aaaf5ca925af
.targeting.unrulymedia.com/	1970-01-20 16:44:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-42e769f8-2872-4a2c-8df7-5fb176e6fa0d-005%22%7D
.adsrvr.org/	1970-01-20 16:44:36	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiqufic7umrOxAFGAEgASgCMgsIqrH7yYTqqzsQBTgBWghwdWJtYXRpY2AC
.analytics.yahoo.com/	1970-01-20 16:44:36	Name: IDSYNC Value: "1967~28p3:18z8~28p3"
.everesttech.net/	1970-01-20 16:44:36	Name: everest_g_v2 Value: g_surferid~Y49dvgAB-PaQAQAp
.amazon-adsystem.com/	1970-01-20 12:57:04	Name: ad-id Value: A_UUyBzs9E3mppDYwO5O15k
.amazon-adsystem.com/	1970-01-20 17:35:00	Name: ad-privacy Value: 0
.adform.net/	1970-01-20 08:43:38	Name: C Value: 1
.simpli.fi/	1970-01-20 16:46:02	Name: suid Value: BD2B676F567340688F4D380AE82DC151
.adform.net/	1970-01-20 09:25:24	Name: uid Value: 5347782903982917956
.mathtag.com/	1970-01-20 17:24:55	Name: uuid Value: b118638f-5dbe-4f00-8b62-0b7072df38ce
.turn.com/	1970-01-20 12:18:12	Name: uid Value: 2338547713758656481
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_27 Value: 16735-uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&KRTB&16736-uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&KRTB&23019-uid:b118638f-5dbe-4f00-8b62-0b7072df38ce&KRTB&23208-uid:b118638f-5dbe-4f00-8b62-0b7072df38ce
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_218 Value: 4056-Y49dvgAB-PaQAQAp&KRTB&22978-Y49dvgAB-PaQAQAp&KRTB&23194-Y49dvgAB-PaQAQAp&KRTB&23209-Y49dvgAB-PaQAQAp
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_377 Value: 6810-782c7b18-e52c-469e-a9a2-f1f933c6e54c&KRTB&22918-782c7b18-e52c-469e-a9a2-f1f933c6e54c&KRTB&23031-782c7b18-e52c-469e-a9a2-f1f933c6e54c
.doubleclick.net/	1970-01-20 07:59:03	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_22 Value: 14911-2338547713758656481&KRTB&23150-2338547713758656481
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_148 Value: 19421-uid:BD2B676F567340688F4D380AE82DC151
.pubmatic.com/	1970-01-20 08:42:12	Name: KRTBCOOKIE_80 Value: 22987-CAESENfo7lefyQSJrYgOoG-EczQ&KRTB&16514-CAESENfo7lefyQSJrYgOoG-EczQ&KRTB&23025-CAESENfo7lefyQSJrYgOoG-EczQ&KRTB&23386-CAESENfo7lefyQSJrYgOoG-EczQ
.pubmatic.com/	1970-01-20 08:42:12	Name: PugT Value: 1670340030
.rlcdn.com/	1970-01-20 16:44:36	Name: rlas3 Value: l3q0RCewGtGhIll689NFuOZ3zcFT9opfs0jdyUP2rNY=
.rlcdn.com/	1970-01-20 09:25:24	Name: pxrc Value: CL+7vZwGEgUI6AcQABIFCOhHEAA=
www.nflbite.to/	1970-01-20 07:59:03	Name: _lr_retry_request Value: true
www.nflbite.to/	1970-01-20 08:42:12	Name: _lr_env_src_ats Value: false
.pippio.com/	1970-01-20 16:44:36	Name: did Value: O_UxjbibDQua2cUH
.pippio.com/	1970-01-20 16:44:36	Name: didts Value: 1670340031
.pippio.com/	1970-01-20 09:25:24	Name: nnls Value:
.pippio.com/	1970-01-20 09:25:24	Name: pxrc Value: CL+7vZwGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-20 16:44:36	Name: rmuid Value: 48e0b598-f2ee-4905-bd3f-c70e1de3c619
.linksynergy.com/	1970-01-20 16:44:36	Name: icts Value: 2022-12-06T15:20:31Z
.id5-sync.com/	1970-01-20 10:08:36	Name: 3pi Value:
.id5-sync.com/	1970-01-20 10:08:36	Name: id5 Value: ce651d6a-ecaa-77ad-a8de-f11aa65d6bed#1670340032107#1
.pubmatic.com/	1970-01-20 08:42:12	Name: SPugT Value: 1670340031
.modoro360.com/	1970-01-20 08:00:26	Name: 2_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 08:00:26	Name: 2_C_133 Value: a6f37f0123013099a595be2217fc435a

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8051978673542046&output=html&h=280&slotname=1504196585&adk=1695276420&adf=1947930080&pi=t.ma~as.1504196585&w=1200&fwrn=4&fwrnh=100&lmt=1670340029&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.nflbite.to%2Fnews%2Fmorocco-vs-spain-1%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670340028782&bpp=1&bdt=222&idt=272&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1183x280&nras=1&correlator=3890497870323&frm=20&pv=2&ga_vid=1401570478.1670340029&ga_sid=1670340029&ga_hid=887110448&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880&oid=2&pvsid=3025247991353482&tmod=1586581771&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HwUvX8yiXI&p=https%3A//www.nflbite.to&dtd=277 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670340029996-994946883307-005912-002-001503%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=105 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.turn.com
adipolo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
adservice.google.ca
adservice.google.com
ap.lijit.com
api.rlcdn.com
b4e7696ffbf8acf32b39ade814ee915f.safeframe.googlesyndication.com
bh.contextweb.com
bongstreams.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.va.us.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
content1.avplayer.com
csm.us.criteo.net
csync.loopme.me
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
i.imgur.com
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
luinr.bongstreams.com
match.adsrvr.org
onetag-sys.com
p4-amgq45yqfvmc2-ldha7rhbc4wdbgdg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.us.criteo.net
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pr-bh.ybp.yahoo.com
rtb.va.us.criteo.com
s.amazon-adsystem.com
s2s.aniview.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
storage.de.cloud.ovh.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tags.rd.linksynergy.com
tg1.modoro360.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
velocitycdn.com
vid.vidoomy.com
web.ssp.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nflbite.to
x.bidswitch.net
youradexchange.com
csync.loopme.me
sync.aniview.com
100.20.115.147
104.36.115.113
107.178.254.65
129.158.42.199
141.95.4.196
142.250.65.194
142.250.80.35
15.197.193.217
151.101.66.49
162.19.138.116
162.19.138.118
162.248.18.34
162.248.18.37
18.209.244.249
185.167.164.42
198.148.27.140
199.127.204.142
199.232.36.193
205.185.216.42
216.200.232.249
2600:141b:13::1724:130
2600:141b:5000:3a0::2c79
2600:141b:5000::17db:5213
2600:141b:f000:26::684d:a2ac
2600:1f18:4e9:5a01:b333:1a3:d097:8434
2606:4700:130:436c:6f75:6466:6c61:7265
2606:4700:3033::ac43:dc1b
2606:4700:3035::6815:5f3f
2606:4700:3038::6815:ea64
2606:4700:3038::6815:ea65
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700:e2::ac40:840a
2607:f8b0:4006:806::2002
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:112:f002:bbbb::21
2a02:6ea0:c400::19
2a06:8640:454::2
3.223.0.111
3.230.217.116
34.120.155.137
34.150.170.96
34.226.18.170
34.233.211.172
34.98.67.3
35.190.41.116
35.190.60.146
35.211.178.172
45.133.44.3
45.133.44.4
51.222.39.186
52.4.33.45
52.44.128.195
52.46.130.91
54.147.174.123
54.175.87.114
63.251.114.137
63.251.28.233
69.16.175.10
74.119.119.147
8.28.7.83
82.145.213.8
96.6.22.215
00e48dc2e907ba153b5dd153c2db991d097ca3922a394898ba31c4fff3708bdf
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06c0ac285751402828b442be15888677c1702c6fcede07809cc233d11c95d750
0845704757cc7cecdc3ec5a73bf97bb9a7b48d5b45ba2c439a8ba87db69bc221
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1af749b0b31dd7c38df57d169a66f8a286de506a5b631d5b41b3e4e982a63e36
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1e6e60c9aea03893dfc55cca3e3e7e5cd768df7feb5199d490343f44ac02901d
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1ebf858e8d21bf36bfcd56134c93ad55c0e8e22a975dd7ebb6fdbb648e3ebbe4
1ecfb052ee8a13b2ea0442ab65192e13b0a06bb141f367370f25cfbe45761e16
22c0926066950eb32303b88821d2423eeeda63fa06bcd3150f514837573d9246
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
2737e0f8e60929e28f1439db1076417bf161010f162084b0eb117da7cc254354
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb9eb3070b6c5360f62a0d9898332475e56d428a496adcd69c65a1197fec70e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3382cf58730944a0c80b03c3fde09902a19c5d42e64b693b4a9e5c0a604ec9ad
3397a72f384e3308e4495b8319b094de73867708e5e46b0e6bfd756eeca16423
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36499aab6c5640a06139a99ed71b13ae93207a19d6795bd23f0dead3f860ce5c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b69963dab16592f1a34d8d7ffb47c1341ddcec5cf7002dc9b99a8aa9d5bd397
3cfd06feed9d532b513e19403ac00b62b8de0d28527fbbfb31c8b6bae2e408d6
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d960d8c20cf6bf93febf47f57b283225246d0d868fefdf28e435291fa82531
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c0496f390c3ca43e1e2b274c32d1c0c513244d3805f0d6effe3dacbc5993e2e
4d9b6a654d7fff80fe27e30f05f4533872c775da3d964690e0ee04d457b0fe87
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb22698e312cce539ed5cd151ca4fb09a828da278751f85dac442884618b093
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556bb9a3806bf99f37d0ba5074d12f2d51dff5e63d14521e3ab8f837a5d06d19
55a8897810e15e39ca238d8b51af0d7c1e61965a5c646c68b6710192ee9db622
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5d1dd07bd8e0edf0cd785ea97a6a7c47bad23601d2356388c7eb008dda842b60
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61701c1f3601634f197cfcb145edb6d33c8b12fe020cf1b0507d8ad665b7829d
6734f74c599c91bc2c87d925f5ae39b95ec85a648d86ace015b75197bff7cf1c
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b84e364daf4e1dd9ce5797282e7488e0980dd5338eca9e9141098ebc3ac8996
6df043a4457dfce86d22e9d47ab46b272a660fae0aafef6a4c4f8c15616e0140
6e4b80b724fa48bd5e24285ba8d71f825ec7b0cea3500ee865e8e3df67ea2118
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72950656d07f837c1ed3d2b7739cd90dd04c314c3e451565f40ca86dcbd17ad1
77a676c395b379e5976e674da61a4243f769fc76a87e5ac1ef0cd52a619a1e77
79550718143aa0a6b043d196643782c53074e7f9dca81fc744eb23ff9d8b6852
79e997bb7245f68cf6398665f6eecd402f48c76d67283446dfc4486262685cc9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c6d6f811b9342e74c8587cc8ca3acb08c76095d5c04ca7baee8c17b48e818a
87062fcb076412bd5f632583ff3466dc69cda7dd138784dd2395040d9cf425a0
880dad83ad1a7d8493d56f97f099d187f5d82c82ab93eb31a73c0f1f00660950
8922922509b7fca081eb9bfe68ef175ee34ef8750a8c61e4db9a7533bb0c75e2
8a7babb87daae57db009ee805060960339a04391c0ae55491041e8360a5c348f
8df4dc1914c364135063e65007fa7afcad88749a895b2fd33889909044490436
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
96265b0fe36ed5db56f82c72c68244c7c55b965c103b3a85ee96d7d89307c9df
96eeab5f23635790c0f785cf7be287a333fc8a9961ed8e592e948f7f005de8ee
9c42b86d65d66851c803af9a78eab8183313770ad39a9976a1b0541cc5232da8
9cd5590e9f4338c2e32c012fbc22c8d22501bcee8e7813f75cc7e25d5ecd492e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b44ab9a1c13069e0270f6bda9df4b53b2971744c08018e3ad02f13d10896e6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51b6f3baa1d97735036a84c80197666e6af9ec8eb55c250c0ff8c94083058ca
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8ebc982b5005f0f19b40f5d580a8624dd8e78c65f568875ab4bb6be66cae56f
ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
aea33fac222febad7b77756211cd17fcdd6a11c41cd9293623854df2a4124f00
b3073c55d67e2a48e96496ee808a8a335820790a645c039740d3e5a4f65809ae
b657dd3682208edfb815a32becaff61f5dae9f12537daf146d61a02aedb88f31
b8c74f56be6d5cf12cce043028961dceadb74b8c0076bff1ed1bc05a352bf83f
bbdf1fe198db06e0497d81d770d7befc5d31bfd73d8bf1b9f793b14b1f0b62a9
bc49bbaddc3ef1c99cbbb427fcf33700440e3478c52f78385521deff6749038e
be3a86e492bdf59c5bc78a492f763521998b236f4d1e5294937da36b56374570
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c67c3081ad88a6cbe4160908f538c7266cf711484b084894826e12d068f664cf
c8589fa3a34d25fea23d3365e454588c2dcdbf6ed856f068a64ed1f2a5d46a4b
c9533be26cd4926c60bf8ed2a8ec8517b1832a981599fc74e54b55f48ac52b15
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
ce8fb64a0bc498e29c874fad0a686b5c4365532678213187216778647c6426d1
d3f4286636e20d6e07c61059deb48ad16142cfa7524facda0bf0ef4cadbb92b2
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8b7da39d434c99ca71e08e573fec15ab267e5d536214a12fbc1fdd5341a8c9c
d8e6a8ed06b7ea32bdf5a494232c1e155bc8813ab982c923844e91a81c10f0a7
da7061ccce93947408d2cad5324f71f5fe59ae87b39d7c74072ff0f805386c24
db0701f25bf6cffa99cfc7d71521bfdd3179266e2b5feb62907d125f8f11b51a
ddfd342e3078b60c19ec22047b0534a3787af672171009d15089d8742087a6e7
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
dfdfdaca9d9115c4614e7179e4156e26ba2fcfd365df88fe889a5f39c0b57f93
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a512ec9f7b507b30d081c6b6c31385ce8baf2a88c7b6c016d5e0f0773c402b
e8ec37d4a589f54573e8066e7518e65c0f674722ca6df3b40e6e9a9acdc4bc6d
ea0d0815be1b97e85b3a7bc1d36c6203dfbdc367dbb27a57c5a5a34d6716a25b
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eaf7e843608712a4628f600a8b275f73f38192211d58c6b8543280c08efbdef7
eb8b9f4b19cff174f9ff26ba95114fbeeb1506f4c74c35bc317b7e5a4c1daf81
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f0fd294c1f472528541101861967d73739f54478d71bf5dda11c29ce62b80b52
f2abed2466a50de711ebd5794e29d8db4f3b8f5715675c8179491874655f94a4
f2dd70341a31e328efcd03f90b83c3e228019ba7c4acda1ae6fd645f20a2b569
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb291d06275a2811fe26fe5dd57f5662a70242a85daf9508f042a1122118b7e3
fbc8be77bb800cc9de9b9891187f165bf2e3bdeecac0720b794020d82b0cfc7f
fc55f941cf4fd9fb787283d48f80e2f7726f79ba879314f9462db3c3ee014421
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.nflbite.to Open in urlscan Pro 2606:4700:3033::ac43:dc1b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

91 %HTTPS

46 %IPv6

55 Domains

89 Subdomains

72 IPs

5 Countries

10872 kBTransfer

14886 kBSize

71 Cookies

5 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nflbite.to Open in urlscan Pro
2606:4700:3033::ac43:dc1b Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

91 %
HTTPS

46 %
IPv6

55
Domains

89
Subdomains

72
IPs

5
Countries

10872 kB
Transfer

14886 kB
Size

71
Cookies

188 HTTP transactions
7 data transactions