frdl.to Open in urlscan Pro
185.178.208.141  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Match.Of.The.Day.mkv.html Show response frdl.to/lv0rwen27u9n/	15 KB 5 KB	346ms 293ms	Document text/html	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b4cde5b65ea7cf04906b364fa9338894e111117ff98151333e034a4e9753ac80 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=0;includeSubDomains; X-Content-Type-Options nosniff nosniff nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true true access-control-allow-headers X-Requested-With X-Requested-With access-control-allow-methods GET,POST,OPTIONS GET,POST,OPTIONS access-control-allow-origin * * content-encoding gzip content-security-policy upgrade-insecure-requests; content-type text/html; charset=UTF-8 date Sun, 14 Apr 2024 14:01:21 GMT expires Sat, 13 Apr 2024 14:01:21 GMT server ddos-guard strict-transport-security max-age=0;includeSubDomains; vary Accept-Encoding x-content-type-options nosniff nosniff nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	13 KB 985 B	99ms 33ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Karla:wght@200;300;400;500&family=Source+Sans+Pro:wght@200;300;400;600&display=swap Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 43a52c7b1448ea0192fe12c6b2b2c5fd14c079f7254e71ea49e0db5a5dbbf832 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 14 Apr 2024 14:01:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Apr 2024 13:55:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Apr 2024 14:01:21 GMT
GET H2	200	css2 fonts.googleapis.com/	16 KB 1 KB	82ms 16ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 14 Apr 2024 14:01:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Apr 2024 13:03:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Apr 2024 14:01:21 GMT
GET H2	200	jquery-1.9.1.min.js Show response frdl.to/xfst_theme2/js/	90 KB 32 KB	44ms 43ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/jquery-1.9.1.min.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sat, 13 Apr 2024 15:56:57 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 79464 content-length 32819 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:15 GMT server ddos-guard etag W/"6349336b-169d5" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Mon, 13 May 2024 15:56:57 GMT
GET H2	200	jquery.cookie.js Show response frdl.to/xfst_theme2/js/	3 KB 1 KB	38ms 37ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/jquery.cookie.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Mon, 08 Apr 2024 20:31:50 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 494971 content-length 1365 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:15 GMT server ddos-guard etag W/"6349336b-c31" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Wed, 08 May 2024 20:31:50 GMT
GET H2	200	style.min.css frdl.to/xfst_theme2/css/	185 KB 36 KB	25ms 24ms	Stylesheet text/css	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/css/style.min.css?t=5 Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 1c78e7aba432bfb05b65f1c37fcf2a4f3438c20b3c2a727af462834e9567ccb0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 14 Apr 2024 06:28:17 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 27184 content-length 36455 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:01 GMT server ddos-guard etag W/"6349335d-2e24f" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type text/css access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Tue, 14 May 2024 06:28:17 GMT
GET H3	200	logo.png freedl.ink/xfst_theme2/img/	4 KB 4 KB	98ms 24ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freedl.ink/xfst_theme2/img/logo.png Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 552b9587003fbf5fd875cc5f070b43639751b15e624782059cb3168d4c36b6b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4578 alt-svc h3=":443"; ma=86400 content-length 3800 x-xss-protection 1; mode=block last-modified Thu, 08 Feb 2024 12:41:50 GMT server cloudflare etag "ed8-610de22a09f80" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usvFAu3QLHO2fywHX0dlGRW9V5pf84SO2fOJd3YRe5wAglcIGi8vG%2BGKXS4bK%2Fe%2FqCzTUIp4aNL2cD57cNpBR%2Fp5qBKzf9CazLFQ%2BqbnBatR2E9RgDZwJX81L3Bo"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 87443a357db59e79-CDG access-control-allow-headers X-Requested-With
GET H2	200	share.js Show response frdl.to/xfst_theme2/js/	354 B 315 B	17ms 16ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/share.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 09:51:05 GMT x-content-type-options nosniff, nosniff content-encoding br age 447016 content-length 112 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:18 GMT server ddos-guard etag W/"6349336e-162" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true accept-ranges bytes access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 09:51:05 GMT
GET H2	200	countdown.js Show response frdl.to/xfst_theme2/js/	640 B 430 B	32ms 32ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/countdown.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 12:19:30 GMT x-content-type-options nosniff, nosniff content-encoding br age 438111 content-length 289 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:14 GMT server ddos-guard etag W/"6349336a-280" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true accept-ranges bytes access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 12:19:30 GMT
GET H2	200	pop.js Show response frdl.to/js/	56 B 137 B	20ms 20ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/js/pop.js?=1 Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b8570b25846d0a739b755af846fa5c94bfd1fe16237a6676bcba7bd60c5f81ef Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 09:51:05 GMT x-content-type-options nosniff, nosniff content-encoding br age 447016 content-length 44 x-xss-protection 1; mode=block, 1; mode=block last-modified Tue, 27 Dec 2022 01:53:54 GMT server ddos-guard etag W/"63aa5032-38" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true accept-ranges bytes access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 09:51:05 GMT
GET H3	200	d.js Show response waust.at/	14 KB 7 KB	43ms 18ms	Script application/x-javascript	2606:4700:20::ac43:4739 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/d.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2764 alt-svc h3=":443"; ma=86400 last-modified Thu, 12 Jan 2023 17:19:40 GMT server cloudflare etag W/"63c0412c-3972" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0043UrS4mLhjcae7mQVBxXMHfr41Mce8kNsmRMtZxtkY86AmqzSv8p2bpnRsn6MevsQxGjVlhotrLYG6VCJt1DGGzCvfGLaCzKAz%2FUPPB7l%2Bg3G2z86trOz0QkWiIay5ZUiNxo2"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 87443a35dcb65b6e-FRA expires Mon, 15 Apr 2024 13:15:17 GMT
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	42ms 19ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 230535 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6646 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIzloFjYS9ev4U%2Fz5Mnb4vxh5O%2BqI%2F0DtW8TNBONb5JZcxwsPuZslj8XiMONN7riq3%2BIPo9bAhnbAygs9jnLr7uRWEXWFrvMIXJgkG%2F%2BBCjew3bivLeYMOe3mNDNYTrNGUpOEylyVeCiV7luaQ4jnbR6"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87443a359e2a1c03-FRA expires Fri, 04 Apr 2025 14:01:21 GMT
GET H2	200	bootstrap.min.js Show response frdl.to/xfst_theme2/js/	57 KB 15 KB	21ms 21ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/bootstrap.min.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 09:51:05 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 447016 content-length 15434 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:13 GMT server ddos-guard etag W/"63493369-e2d8" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 09:51:05 GMT
GET H2	200	clipboard.min.js Show response frdl.to/xfst_theme2/js/	9 KB 3 KB	21ms 20ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/clipboard.min.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 10:21:08 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 445213 content-length 3216 x-xss-protection 1; mode=block, 1; mode=block last-modified Sat, 10 Dec 2022 15:13:04 GMT server ddos-guard etag W/"6394a200-23c8" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 10:21:08 GMT
GET H2	200	script.js Show response frdl.to/xfst_theme2/js/	520 B 351 B	20ms 19ms	Script application/javascript	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/js/script.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 3653640dd81b2b40edab3d87bc89dfa5ebd5cc4a8bdd439b996fcefccce972a5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Tue, 09 Apr 2024 12:19:31 GMT x-content-type-options nosniff, nosniff content-encoding br age 438111 content-length 211 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:17 GMT server ddos-guard etag W/"6349336d-208" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true accept-ranges bytes access-control-allow-headers X-Requested-With, X-Requested-With expires Thu, 09 May 2024 12:19:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	295 KB 99 KB	48ms 24ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RL652D9SYS Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 41751fd0aeb827605174ba7af3dcfea359c3665d332336c14bf106ce6ba368e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100776 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Apr 2024 14:01:21 GMT
GET H3	200	tag.min.js Show response arvigorothan.com/	79 KB 27 KB	62ms 26ms	Script text/javascript	2606:4700:3030::ac43:9677 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://arvigorothan.com/tag.min.js Requested by Host: frdl.to URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:9677 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c85fe656798fe16a9470a10fdb6f969d6f131f9277cef36601ac580deb4b2197 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 63654 alt-svc h3=":443"; ma=86400 x-trace-id 50b5f6a24510266cb65b289b951989a3 pragma no-cache last-modified Sat, 13 Apr 2024 20:10:15 GMT accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOEQtaobODd1mw3gkLcrOKTGxnveZeTHZZp%2FNByO8aI0Zb%2Fe1QY43idQyL4CcyY6ac5ZM84w64UzI%2FbHuUWtA7eM%2B9QX2SjKF1zk%2F5FN6e7Y%2F7JRWwllbFQpvsV0U6JrgAe9dK9xAykHV8XlaJEP"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 access-control-allow-credentials true vary Accept-Encoding timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon cf-ray 87443a35ef219b5e-FRA expires Sun, 14 Apr 2024 20:20:27 GMT
GET H2	200	bootstrap.min.css frdl.to/xfst_theme2/css/	152 KB 23 KB	20ms 20ms	Stylesheet text/css	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/css/bootstrap.min.css Requested by Host: frdl.to URL: https://frdl.to/xfst_theme2/css/style.min.css?t=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/xfst_theme2/css/style.min.css?t=5 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 14 Apr 2024 09:11:31 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 17390 content-length 23237 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:00:59 GMT server ddos-guard etag W/"6349335b-2606e" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type text/css access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Tue, 14 May 2024 09:11:31 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	127ms 8ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://frdl.to Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 17:34:04 GMT x-content-type-options nosniff age 505637 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Apr 2025 17:34:04 GMT
GET H2	200	fa-brands-400.woff2 frdl.to/xfst_theme2/fa/webfonts/	73 KB 73 KB	18ms 18ms	Font text/html	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/xfst_theme2/fa/webfonts/fa-brands-400.woff2 Requested by Host: frdl.to URL: https://frdl.to/xfst_theme2/css/style.min.css?t=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash dbf8ab8166f32964699a3c0032256c61d91290d5d603e7cb5091e8a3c4ce1ca0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/xfst_theme2/css/style.min.css?t=5 Origin https://frdl.to Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 14 Apr 2024 04:22:27 GMT x-content-type-options nosniff, nosniff content-encoding gzip age 34734 content-length 74686 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 14 Oct 2022 10:01:02 GMT server ddos-guard etag W/"6349335e-1239c" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin *, * ddg-cache-status HIT cache-control max-age=2592000 access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Tue, 14 May 2024 04:22:27 GMT
GET H3	200	/ Show response whos.amung.us/pingjs/	30 B 215 B	455ms 360ms	Script text/javascript	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=y7al8deyqr&t=Download%20Match%20The%20Day%20mkv&c=d&x=https%3A%2F%2Ffrdl.to%2Flv0rwen27u9n%2FMatch.Of.The.Day.mkv.html&y=&a=0&v=27&r=1474 Requested by Host: waust.at URL: https://waust.at/d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09ea4e07e23a89445d0a2751e5d42506a0e29b5836d21642acd0650d4c06d6df Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:22 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 87443a36a8c12c39-FRA alt-svc h3=":443"; ma=86400 content-type text/javascript;charset=UTF-8
POST H2	204	collect region1.google-analytics.com/g/	0 239 B	67ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-RL652D9SYS&gtm=45je44a0v9174254740za200&_p=1713103281591&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1472514900.1713103282&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713103281&sct=1&seg=0&dl=https%3A%2F%2Ffrdl.to%2Flv0rwen27u9n%2FMatch.Of.The.Day.mkv.html&dt=Download%20Match%20The%20Day%20mkv&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=569 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RL652D9SYS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 14 Apr 2024 14:01:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://frdl.to cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response lelrouxoay.com/5/7319742/	3 KB 2 KB	55ms 15ms	XHR application/json	139.45.197.243 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://lelrouxoay.com/5/7319742/?oo=1&js_build=iclick-v1.770.8-auto&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122 Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3bc82b266f0bdb9dd761dc6dcc682c8f8cb41627e729e938cd16cdaaf37a4c97 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT content-encoding gzip x-trace-id 5639524cdbf45ebcfccb73db662a008a pragma no-cache, no-cache server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://frdl.to cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 538 B	44ms 12ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=00803e7b7fa24468eceeeae8307c962b Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1ecd76b4d573f5280f7c315b905c2ef8794fab784d7b03cf64f862082daf1b28 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://frdl.to access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	/ Show response lelrouxoay.com/	2 KB 3 KB	21ms 21ms	Fetch application/json	139.45.197.243 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://lelrouxoay.com/?rb=gdUt4_Kz5ffDohwZSCgpAACfUyXwb2wDo9vKYcsIkKlByJEzWUK8tS4seeAqvSqcf1NtwMWaZ2vm5L7f6ik8q-NN60D2jyQvzs_Nm6VeCexaaRinBY1cN9zukq_OYkMVAbAYpMe5WfWn5ZnaOs_nAEVevf94rqbg68aWadYKlxTr4mTn_qbWWgSeKVXm55MRNbFpJJ_F26S7i9AlpAK5GZRCD6bFBUTM-2khhp_YUhHbnkw_ozU_8rNY9P1f92e_i-xxyJeVLQV58Hazlx-mnaeYjiqiYuVMM5cOs1pEpEnMInh14YfrRBEOFEkTrAaN&request_ab2=0&zoneid=7319742&js_build=iclick-v1.770.8-auto&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=520&wy=520&cw=1600&wfc=0&pl=https%3A%2F%2Ffrdl.to%2Flv0rwen27u9n%2FMatch.Of.The.Day.mkv.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FBerlin&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.770.8-auto&navlng=de-DE&pnt=0&pnrc=0&bml=1&bmi=1&wasm=1&bs=52104844-4407-4ee2-842c-b5c0568d00f6&userId=00803e7b7fa24468eceeeae8307c962b&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122&m=link Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ca71030d4773160ec80c80305749561dfd7bd6237c69301df769d773fa037688 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:01:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id eed5fc15593eae21202a6718ec4423ce pragma no-cache server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://frdl.to cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon expires Tue, 11 Jan 1994 10:00:00 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	favicon.ico frdl.to/lv0rwen27u9n/	15 KB 5 KB	309ms 309ms	Other text/html	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/lv0rwen27u9n/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash dd988e5bd78f00029438cf26a0dded52187ac914b3a3950dd35e9f5f1c082993 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=0;includeSubDomains; X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 14 Apr 2024 14:01:22 GMT x-content-type-options nosniff, nosniff, nosniff strict-transport-security max-age=0;includeSubDomains; content-encoding gzip age 0 x-xss-protection 1; mode=block, 1; mode=block server ddos-guard vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin *, * access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS ddg-cache-status MISS access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Sat, 13 Apr 2024 14:01:22 GMT
GET H2	200	favicon.gif frdl.to/lv0rwen27u9n/images/	14 KB 5 KB	297ms 297ms	Other text/html	185.178.208.141 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://frdl.to/lv0rwen27u9n/images/favicon.gif Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.141 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 8b4f87e3d976806044c4ef18f8d5b8cb8c44abe1358bebc289ba82786de0106a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=0;includeSubDomains; X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 14 Apr 2024 14:01:22 GMT x-content-type-options nosniff, nosniff, nosniff strict-transport-security max-age=0;includeSubDomains; content-encoding gzip age 0 x-xss-protection 1; mode=block, 1; mode=block server ddos-guard vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin *, * access-control-allow-methods GET,POST,OPTIONS, GET,POST,OPTIONS ddg-cache-status MISS access-control-allow-credentials true, true access-control-allow-headers X-Requested-With, X-Requested-With expires Sat, 13 Apr 2024 14:01:22 GMT

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| share_facebook function| share_twitter function| share_gplus function| share_vk number| timeout function| delComment function| player_start boolean| xRds boolean| cRAds boolean| googleAd function| hab object| _wau function| Popper object| bootstrap object| jQuery19109885017499317215 function| ClipboardJS function| gtag object| dataLayer string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| zfgstorage object| pi8d06bnc2e object| zfgformats function| onClickTrigger boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| x string| x1 string| x2

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.frdl.to/	1970-01-21 04:37:19	Name: __ddg1_ Value: y6wzsDQDlDXR6VIK2a7h
			.frdl.to/	1970-01-21 05:27:43	Name: _ga Value: GA1.1.1472514900.1713103282
			.frdl.to/	1970-01-21 05:27:43	Name: _ga_RL652D9SYS Value: GS1.1.1713103281.1.0.1713103281.0.0.0
			lelrouxoay.com/	1970-01-21 04:37:19	Name: OAID Value: 00803e7b7fa24468eceeeae8307c962b
			lelrouxoay.com/	1970-01-21 04:37:19	Name: oaidts Value: 1713103281
			my.rtmark.net/	1970-01-21 04:37:19	Name: ID Value: 00803e7b7fa24468eceeeae8307c962b
			frdl.to/	1970-01-20 19:51:43	Name: prefetchAd_7319742 Value: true
			lelrouxoay.com/	1970-01-20 20:01:48	Name: syncedCookie Value: true

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://frdl.to/lv0rwen27u9n/Match.Of.The.Day.mkv.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arvigorothan.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
frdl.to
freedl.ink
lelrouxoay.com
my.rtmark.net
region1.google-analytics.com
waust.at
whos.amung.us
www.googletagmanager.com
139.45.195.8
139.45.197.243
185.178.208.141
188.114.97.3
2001:4860:4802:34::36
2606:4700:10::6816:4aab
2606:4700:20::ac43:4739
2606:4700:3030::ac43:9677
2606:4700::6811:190e
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
09ea4e07e23a89445d0a2751e5d42506a0e29b5836d21642acd0650d4c06d6df
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1c78e7aba432bfb05b65f1c37fcf2a4f3438c20b3c2a727af462834e9567ccb0
1ecd76b4d573f5280f7c315b905c2ef8794fab784d7b03cf64f862082daf1b28
3653640dd81b2b40edab3d87bc89dfa5ebd5cc4a8bdd439b996fcefccce972a5
37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5
3bc82b266f0bdb9dd761dc6dcc682c8f8cb41627e729e938cd16cdaaf37a4c97
41751fd0aeb827605174ba7af3dcfea359c3665d332336c14bf106ce6ba368e3
43a52c7b1448ea0192fe12c6b2b2c5fd14c079f7254e71ea49e0db5a5dbbf832
552b9587003fbf5fd875cc5f070b43639751b15e624782059cb3168d4c36b6b0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
8b4f87e3d976806044c4ef18f8d5b8cb8c44abe1358bebc289ba82786de0106a
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
b4cde5b65ea7cf04906b364fa9338894e111117ff98151333e034a4e9753ac80
b8570b25846d0a739b755af846fa5c94bfd1fe16237a6676bcba7bd60c5f81ef
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c85fe656798fe16a9470a10fdb6f969d6f131f9277cef36601ac580deb4b2197
ca71030d4773160ec80c80305749561dfd7bd6237c69301df769d773fa037688
dbf8ab8166f32964699a3c0032256c61d91290d5d603e7cb5091e8a3c4ce1ca0
dd988e5bd78f00029438cf26a0dded52187ac914b3a3950dd35e9f5f1c082993
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d