URL: https://sportsonline.to/channels/pt/sporttv1.php
Submission: On October 28 via manual from FR — Scanned from NL

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sportsonline.to. The Cisco Umbrella rank of the primary domain is 151192.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2022. Valid for: a year.
This is the only time sportsonline.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.190.41.116 15169 (GOOGLE)
3 188.114.97.3 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 45.154.206.79 48357 (K4X)
1 2a00:1450:400... 15169 (GOOGLE)
31 15
Apex Domain
Subdomains
Transfer
5 cdnexpress59.net
egfebcuewshv.cdnexpress59.net
2 MB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 15062
widgets.amung.us — Cisco Umbrella Rank: 21411
3 KB
4 celeritascdn.com
celeritascdn.com — Cisco Umbrella Rank: 232538
114 KB
3 constraindefiant.net
3yl6vkqrfkd9vk.constraindefiant.net
42 KB
2 awstats.cloud
awstats.cloud — Cisco Umbrella Rank: 186919
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
140 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 negure.com
negure.com — Cisco Umbrella Rank: 223225
69 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 37062
2 KB
2 sportsonline.to
sportsonline.to — Cisco Umbrella Rank: 151192
3 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
898 B
1 swarm.video
swarm.video — Cisco Umbrella Rank: 145514
128 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
43 KB
31 14
Domain Requested by
5 egfebcuewshv.cdnexpress59.net swarm.video
4 celeritascdn.com sportsonline.to
celeritascdn.com
3yl6vkqrfkd9vk.constraindefiant.net
3 3yl6vkqrfkd9vk.constraindefiant.net sportsonline.to
3yl6vkqrfkd9vk.constraindefiant.net
2 awstats.cloud 3yl6vkqrfkd9vk.constraindefiant.net
awstats.cloud
2 cdn.jsdelivr.net 3yl6vkqrfkd9vk.constraindefiant.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 negure.com sportsonline.to
3yl6vkqrfkd9vk.constraindefiant.net
2 youradexchange.com celeritascdn.com
2 widgets.amung.us sportsonline.to
3yl6vkqrfkd9vk.constraindefiant.net
2 whos.amung.us 2 redirects
2 sportsonline.to sportsonline.to
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 3yl6vkqrfkd9vk.constraindefiant.net
1 swarm.video 3yl6vkqrfkd9vk.constraindefiant.net
1 www.googletagmanager.com sportsonline.to
31 15

This site contains links to these domains. Also see Links.

Domain
youradexchange.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-03 -
2023-04-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-20 -
2023-06-20
a year crt.sh
*.constraindefiant.net
GTS CA 1P5
2022-10-12 -
2023-01-10
3 months crt.sh
*.negure.com
E1
2022-10-23 -
2023-01-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
egfebcuewshv.cdnexpress59.net
R3
2022-10-04 -
2023-01-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sportsonline.to/channels/pt/sporttv1.php
Frame ID: 421A6D1B4654AA37CA36F7E56848108A
Requests: 10 HTTP requests in this frame

Frame: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Frame ID: 2D1922BB4DBD97666B00D9777351C64B
Requests: 21 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

90 %
HTTPS

79 %
IPv6

14
Domains

15
Subdomains

15
IPs

4
Countries

2914 kB
Transfer

4249 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://whos.amung.us/cwidget/sportsonline/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=6566&c=000000ffffff&p=left
Request Chain 13
  • https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=10000&c=000000ffffff&p=left

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sporttv1.php
sportsonline.to/channels/pt/
2 KB
2 KB
Document
General
Full URL
https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
4d7e7328fca205414e4cb75ebdf51443eb5e603cb8c75c2437878073fb3fa98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
761736c609670be6-AMS
content-encoding
br
content-type
text/html
date
Fri, 28 Oct 2022 22:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwnq2UwfSSUw6AQFDcOBkRLXIV8Fuw6uoXeO6iKFXvIR4ipw9eGMW5XmbboMxNWI5b2Sjk9OJ7AytptN43iTpWUQTAzBDedL8KErZI8uBuUG4YCjB7DQyNow%2F68oCuDr9A7YDr%2Bsj5zhOfcqtpw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
bootstrap.js
celeritascdn.com/script/
98 KB
33 KB
Script
General
Full URL
https://celeritascdn.com/script/bootstrap.js
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2835
x-guploader-uploadid
ADPycdv3WVjVKuG5ZNURdtY-wWwWn-K1wNV2jzK_MdBfllKOTucP_nyTh_PHG3qXCRbXkAGdTQNQhR-UNfv-DbQYi9AFkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
100523
cf-ray
761736c7fb3e0a6d-AMS
expires
Sat, 29 Oct 2022 02:47:34 GMT
SCCfwxq.png
sportsonline.to/channels/pt/
1 KB
2 KB
Image
General
Full URL
https://sportsonline.to/channels/pt/SCCfwxq.png
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/channels/pt/sporttv1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 14:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6940
etag
"61af7434-4c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reqTBz1LfRfJt9vibodmseOzehE%2FwwHmkl%2FhfNdO0itkMvlHxCwnN%2FpNDcpbxasZo5gw19MeQtEM6W8giI%2B8mp2xr2wiBSB6SGW7GaSEQfU37FIn3kN1682euIG1%2FStHI9jPSSFA5A3MBweGT%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761736c79aed0be6-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1220
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/sportsonline/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=6566&c=000000ffffff&p=left
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/draw/?w=colored&n=6566&c=000000ffffff&p=left
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa5c8112eb71a8d0e711c0c5949945a06a9aaef268806d53ca6976c75074ae6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Oct 2022 22:44:14 GMT
server
cloudflare
age
200
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
761736c92ac69bb8-FRA
expires
Sat, 29 Oct 2022 22:44:14 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=6566&c=000000ffffff&p=left
date
Fri, 28 Oct 2022 22:47:34 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
761736c8391e9bb8-FRA
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-202511892-1
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6aced105966b8129b447d6b7e8ca024da30e5948f3461f799f0823f0c73bf43b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43631
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Oct 2022 22:47:34 GMT
ut.js
celeritascdn.com/script/
70 KB
24 KB
Script
General
Full URL
https://celeritascdn.com/script/ut.js?cb=1666997254440
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1089
x-guploader-uploadid
ADPycdsidYsjfQ8rr7jTsvwX94ATs_cFqlXUJvEzE5B44iFtRKJz-2o3PMDagqsMUrN9hcEoUTZlnDzFNzye-GKN97Xa6Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
71356
cf-ray
761736c85be20a6d-AMS
expires
Sat, 29 Oct 2022 02:47:34 GMT
suurl4.php
youradexchange.com/script/
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=4827899&cbur=0.831838265150894&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fsportsonline.to%2Fchannels%2Fpt%2Fsporttv1.php&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0&chmob=?0
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
b4ad02f76e38e8f82e026eec516ef1ee3ac5b1bbcc6c0a7a1ac537c26ceebc69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
b5r01up6xuiica
3yl6vkqrfkd9vk.constraindefiant.net/embed/ Frame 2D19
35 KB
10 KB
Document
General
Full URL
https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937cc00f1e8349c9d5f430d14575b4f248c0c1f9c864b5e6ca9b60a01726ea1d

Request headers

Referer
https://sportsonline.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
761736c8cd7eb8f0-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Oct 2022 22:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xeqiaj9cmueow0dEQFqUclBuXMirOAknvIklCfuBRXhfEf7gsm2%2BifLLKfZIJq%2BcK1dm19LH6Fgrd61EOxo6OgclEvjRVh62Eh7X5zfeTzwxBCX%2BCSdEArM0K2WqD%2Fw%2F4JXvJE3Z4kA2B7nAVWE79BYchV1ZFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bootstrap.js
negure.com/script/
98 KB
35 KB
Script
General
Full URL
https://negure.com/script/bootstrap.js
Requested by
Host: sportsonline.to
URL: https://sportsonline.to/channels/pt/sporttv1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:399c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1434
x-guploader-uploadid
ADPycdvJG5nfvBphm8gqcwsP9xvpCTaG9SDN3CAnYS6Cj6XNgBti34NC6JXPHaLLbEKdnU5f6GwFbTYD2u_qsyrx37GhMJCMOCsU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbWmjDKAnm3HsVXMRtsSke1txzr8emi%2B%2BV5t5%2BkyzjQwtprBbnpmvNtNAl5CaVvzTdlXvGpZHNQGMkILXgZFnAMML0TYmgGPmDyxzzTvFzazwOf2RnxWUtJ9IMXSq%2BOFCBJXUF9%2FgpFe"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
761736c9c99491dd-FRA
expires
Fri, 28 Oct 2022 23:10:33 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-202511892-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sportsonline.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Oct 2022 21:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 28 Oct 2022 23:15:54 GMT
embed.min.css
3yl6vkqrfkd9vk.constraindefiant.net/css/ Frame 2D19
1 KB
1 KB
Stylesheet
General
Full URL
https://3yl6vkqrfkd9vk.constraindefiant.net/css/embed.min.css?v=0.4
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1701
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azKJVzQOeW8KbG8dnAiUvZC3eOYMcfqh1GCfjT30carNOR0kNGZgYIEBNO8raKzuID07jT%2Fx0OIQT1ek0hNQ7N2VXxhW0xEWIuQS9IbkXNopDd%2F2dKLzvj6frN9NTGGdcU%2FSmEk3wEyGHcu53Nb9PwJpCOmMUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
761736c9fa08b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
3yl6vkqrfkd9vk.constraindefiant.net/js/ Frame 2D19
85 KB
31 KB
Script
General
Full URL
https://3yl6vkqrfkd9vk.constraindefiant.net/js/jquery.min.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1636
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SAqcIJQ3U2WVcVJ%2FsOCozruNdcpZd7hfe92Fye5VWICFW05kEpgyWL6B3XDynrhLba1x5uK0jlNKRQ1L6kVraayybWEvmQVu0ufEtcV2eX%2BdHn4Ey9N9mhiLRDLUEfjPHUXgAKiaMhYOq%2BCj%2FTsBAxpAwEZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
761736c9fa09b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsns.js
swarm.video/ Frame 2D19
506 KB
128 KB
Script
General
Full URL
https://swarm.video/nsns.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1042258
cf-polished
origSize=519718
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 16 Oct 2022 16:04:04 GMT
server
cloudflare
etag
W/"7ee26-183e189bf03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6poeKtzUKR5l6Wg45G%2BjX9IDjXWQ7d3cizZ%2BY5a7oIGefkXsZWSvfTlq3l%2BDodqo%2FT6cqewJXxtkcC%2FUxx17rouhoLN1I0Wnk2Mip9cHUjafJM%2FCx%2BtIOfNcBeMfdRNTxAgnyjUrmuB20A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
761736ca2eb568f5-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 2D19
513 KB
139 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
31386
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19181-FRA, cache-itm18846-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
761736c9f951b8ee-AMS
/
widgets.amung.us/draw/ Frame 2D19
Redirect Chain
  • https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=10000&c=000000ffffff&p=left
1 KB
1 KB
Image
General
Full URL
https://widgets.amung.us/draw/?w=colored&n=10000&c=000000ffffff&p=left
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd04b23f43df68dc8c9e5e667075b39ce8040823394d82ac780ee80a56a4483

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 16:44:16 GMT
server
cloudflare
age
2008998
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
761736caacf99bb8-FRA
expires
Thu, 06 Oct 2022 16:44:16 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=10000&c=000000ffffff&p=left
date
Fri, 28 Oct 2022 22:47:34 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
761736c9ab669bb8-FRA
content-type
text/html; charset=UTF-8
console-ban.min.js
cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/ Frame 2D19
2 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a637e8d49894e4211bdf5d4f7326a3aaab7b8be4386575820159b8c67b8ffbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5803934
x-jsd-version
4.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19163-FRA, cache-iad-kiad7000120-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
761736c9f952b8ee-AMS
plausible.js
awstats.cloud/js/ Frame 2D19
1 KB
1 KB
Script
General
Full URL
https://awstats.cloud/js/plausible.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8eBIRnH9CFMStoAcjlXfveqhP3bwI59drPHctJBJtLW8vvl1Fv7Mft%2FS45Pu%2BwY6L%2FRlTgbr%2BkLTNNJi74PV%2B%2FzaN32edZOPvlY4KnmGNeerHBimy8zgGRQ34VfNWqmQzU8knCnrDUqsz%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
cf-ray
761736ca2bec90dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame 2D19
1 KB
898 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/css/embed.min.css?v=0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 21:01:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Oct 2022 22:47:34 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1250836215&t=pageview&_s=1&dl=https%3A%2F%2Fsportsonline.to%2Fchannels%2Fpt%2Fsporttv1.php&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1483600924&gjid=1115712160&cid=630866212.1666997255&tid=UA-202511892-1&_gid=346926367.1666997255&_r=1&gtm=2ouaq0&z=826763936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sportsonline.to/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 22:47:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sportsonline.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
celeritascdn.com/script/ Frame 2D19
98 KB
33 KB
Script
General
Full URL
https://celeritascdn.com/script/bootstrap.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:34 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2835
x-guploader-uploadid
ADPycdv3WVjVKuG5ZNURdtY-wWwWn-K1wNV2jzK_MdBfllKOTucP_nyTh_PHG3qXCRbXkAGdTQNQhR-UNfv-DbQYi9AFkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
100523
cf-ray
761736cba8af0a6d-AMS
expires
Sat, 29 Oct 2022 02:47:34 GMT
event
awstats.cloud/api/ Frame 2D19
2 B
536 B
XHR
General
Full URL
https://awstats.cloud/api/event
Requested by
Host: awstats.cloud
URL: https://awstats.cloud/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Oct 2022 22:47:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BurrvmZWnU4GPo20Y%2Bko9x1NbsakcQNNa0Uf2SWfgOlM8fsnGT72QYN4kyI1Jc53b3SQtG0Are2RUdkNJ9KWgeqHCYVBnB6pz6agsRu7HfKKmvOQqxwlQmAtn37rF%2BlYBdvKt8tdnp%2B3UAD"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
761736cbfab98fd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-request-id
FyJdK9zkhcRc7gQAQ5AC
b5r01up6xuiica.m3u8
egfebcuewshv.cdnexpress59.net/hls/ Frame 2D19
946 B
1 KB
XHR
General
Full URL
https://egfebcuewshv.cdnexpress59.net:8443/hls/b5r01up6xuiica.m3u8?s=yh8jgdc2bkaoiJevgS1dRA&e=1667018854
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.79 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a56c0161c82f31536102b7feb1f23d2a24d89148bbf4e1337676922103aa1bee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 22:47:35 GMT
Last-Modified
Fri, 28 Oct 2022 22:47:34 GMT
Server
nginx/1.18.0
ETag
"635c5c06-3b2"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
946
ut.js
celeritascdn.com/script/ Frame 2D19
70 KB
24 KB
Script
General
Full URL
https://celeritascdn.com/script/ut.js?cb=1666997255030
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1090
x-guploader-uploadid
ADPycdsidYsjfQ8rr7jTsvwX94ATs_cFqlXUJvEzE5B44iFtRKJz-2o3PMDagqsMUrN9hcEoUTZlnDzFNzye-GKN97Xa6Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
71356
cf-ray
761736cc094e0a6d-AMS
expires
Sat, 29 Oct 2022 02:47:35 GMT
suurl4.php
youradexchange.com/script/ Frame 2D19
1 KB
835 B
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5954546&cbur=0.6352907527460456&cbiframe=1&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fsportsonline.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0&chmob=?0
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
4c1ee30e394ff2710a34744476d474cf48641efb807e8e97f42aad180126e7c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 28 Oct 2022 22:47:35 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
b5r01up6xuiica.m3u8
egfebcuewshv.cdnexpress59.net/hls/ Frame 2D19
946 B
1 KB
XHR
General
Full URL
https://egfebcuewshv.cdnexpress59.net:8443/hls/b5r01up6xuiica.m3u8?s=yh8jgdc2bkaoiJevgS1dRA&e=1667018854
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.79 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a56c0161c82f31536102b7feb1f23d2a24d89148bbf4e1337676922103aa1bee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 22:47:35 GMT
Last-Modified
Fri, 28 Oct 2022 22:47:34 GMT
Server
nginx/1.18.0
ETag
"635c5c06-3b2"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
946
13fb1011-ca1b-49f9-8af0-e0d33f93ae23
https://3yl6vkqrfkd9vk.constraindefiant.net/ Frame 2D19
61 KB
0
Other
General
Full URL
blob:https://3yl6vkqrfkd9vk.constraindefiant.net/13fb1011-ca1b-49f9-8af0-e0d33f93ae23
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
bootstrap.js
negure.com/script/ Frame 2D19
98 KB
35 KB
Script
General
Full URL
https://negure.com/script/bootstrap.js
Requested by
Host: 3yl6vkqrfkd9vk.constraindefiant.net
URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:399c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 22:47:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2310
x-guploader-uploadid
ADPycdvJG5nfvBphm8gqcwsP9xvpCTaG9SDN3CAnYS6Cj6XNgBti34NC6JXPHaLLbEKdnU5f6GwFbTYD2u_qsyrx37GhMJCMOCsU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch833%2BPdck1YBlLguIm8V82ysysVk%2BU3vWpT97RC5XzX%2BDY4qP8IPWN2hig10EZ0x71jWxeYg4sirGJAL9xX99YCNAUDvdnIQW5K5FyKMsW7YHZUaD518ElgAleOEV2BWQOLwHtzdoQ%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
761736ccdff99bec-FRA
expires
Fri, 28 Oct 2022 22:30:06 GMT
b5r01up6xuiica-318629340.ts
egfebcuewshv.cdnexpress59.net/hls/ Frame 2D19
1 MB
1 MB
XHR
General
Full URL
https://egfebcuewshv.cdnexpress59.net:8443/hls/b5r01up6xuiica-318629340.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.79 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
536eec6aa23426ff30ab9f34ada57a5d4943f8ef072db472a8dc5fa00248d4a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 22:47:35 GMT
Last-Modified
Fri, 28 Oct 2022 22:46:39 GMT
Server
nginx/1.18.0
ETag
"635c5bcf-12b2a8"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1225384
b5r01up6xuiica-319529340.ts
egfebcuewshv.cdnexpress59.net/hls/ Frame 2D19
1 MB
1 MB
XHR
General
Full URL
https://egfebcuewshv.cdnexpress59.net:8443/hls/b5r01up6xuiica-319529340.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.79 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2cb5720afeaf8dea7d7896726cd9d24821e025c2509de35a40c242ec570a9a8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 22:47:35 GMT
Last-Modified
Fri, 28 Oct 2022 22:46:43 GMT
Server
nginx/1.18.0
ETag
"635c5bd3-1189f8"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1149432
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 2D19
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3yl6vkqrfkd9vk.constraindefiant.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 17:07:14 GMT
x-content-type-options
nosniff
age
279621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 17:07:14 GMT
b5r01up6xuiica.m3u8
egfebcuewshv.cdnexpress59.net/hls/ Frame 2D19
946 B
1 KB
XHR
General
Full URL
https://egfebcuewshv.cdnexpress59.net:8443/hls/b5r01up6xuiica.m3u8?s=yh8jgdc2bkaoiJevgS1dRA&e=1667018854
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.79 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a56c0161c82f31536102b7feb1f23d2a24d89148bbf4e1337676922103aa1bee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3yl6vkqrfkd9vk.constraindefiant.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 22:47:38 GMT
Last-Modified
Fri, 28 Oct 2022 22:47:34 GMT
Server
nginx/1.18.0
ETag
"635c5c06-3b2"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
946

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| regeneratorRuntime boolean| s2ss1028 function| s2ss1028ff object| vw24 function| gtag object| dataLayer boolean| user_engagement1028 string| utsid-send object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
3yl6vkqrfkd9vk.constraindefiant.net/ Name: hf5
Value: 1
.sportsonline.to/ Name: _ga
Value: GA1.2.630866212.1666997255
.sportsonline.to/ Name: _gid
Value: GA1.2.346926367.1666997255
.sportsonline.to/ Name: _gat_gtag_UA_202511892_1
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://3yl6vkqrfkd9vk.constraindefiant.net/embed/b5r01up6xuiica(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3yl6vkqrfkd9vk.constraindefiant.net
awstats.cloud
cdn.jsdelivr.net
celeritascdn.com
egfebcuewshv.cdnexpress59.net
fonts.googleapis.com
fonts.gstatic.com
negure.com
sportsonline.to
swarm.video
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
188.114.97.3
2606:4700:10::6816:4bab
2606:4700:3031::6815:399c
2606:4700:3034::6815:1155
2606:4700:3035::ac43:a822
2606:4700::6810:5614
2606:4700::6810:5c06
2a00:1450:4001:803::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2008
2a06:98c1:3121::3
35.190.41.116
45.154.206.79
0a637e8d49894e4211bdf5d4f7326a3aaab7b8be4386575820159b8c67b8ffbf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2cb5720afeaf8dea7d7896726cd9d24821e025c2509de35a40c242ec570a9a8e
3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2
4c1ee30e394ff2710a34744476d474cf48641efb807e8e97f42aad180126e7c1
4d7e7328fca205414e4cb75ebdf51443eb5e603cb8c75c2437878073fb3fa98c
536eec6aa23426ff30ab9f34ada57a5d4943f8ef072db472a8dc5fa00248d4a7
6aced105966b8129b447d6b7e8ca024da30e5948f3461f799f0823f0c73bf43b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8cd04b23f43df68dc8c9e5e667075b39ce8040823394d82ac780ee80a56a4483
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
937cc00f1e8349c9d5f430d14575b4f248c0c1f9c864b5e6ca9b60a01726ea1d
a56c0161c82f31536102b7feb1f23d2a24d89148bbf4e1337676922103aa1bee
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b4ad02f76e38e8f82e026eec516ef1ee3ac5b1bbcc6c0a7a1ac537c26ceebc69
caa5c8112eb71a8d0e711c0c5949945a06a9aaef268806d53ca6976c75074ae6
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc