urlscan.io logo urlscan.io
SecurityTrails logo

cdn.xsportbox.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-...
Submission: On October 14 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.xsportbox.com. The Cisco Umbrella rank of the primary domain is 336995.
TLS certificate: Issued by E1 on October 3rd 2023. Valid for: 3 months.
This is the only time cdn.xsportbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 139.45.197.245 9002 (RETN-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.77.64.70 16276 (OVH)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
25 11
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.xsportbox.com
weakspell.org
weak.hiweak20.store
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
potskolu.net
4    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2606:4700::6810:5c06 (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
weak.hiweak12.store
2    2606:4700:e0::ac40:650b (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
2    2606:4700:3033::ac43:c25a (United States)

ASN13335 (CLOUDFLARENET, US)
weak.hiweak19.store
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2606:4700:e4::ac40:ac1c (United States)

ASN13335 (CLOUDFLARENET, US)
cn.cdnbye.com
Apex Domain
Subdomains		 Transfer
5 hiweak12.store
weak.hiweak12.store
3 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
187 KB
4 weakspell.org
weakspell.org — Cisco Umbrella Rank: 323222
13 KB
3 potskolu.net
potskolu.net — Cisco Umbrella Rank: 57507
30 KB
2 hiweak19.store
weak.hiweak19.store — Cisco Umbrella Rank: 810640
2 MB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 16475
2 KB
2 celeritascdn.com
celeritascdn.com — Cisco Umbrella Rank: 390517
87 KB
2 xsportbox.com
cdn.xsportbox.com — Cisco Umbrella Rank: 336995
21 KB
1 hiweak20.store
weak.hiweak20.store — Cisco Umbrella Rank: 797074
2 MB
1 cdnbye.com
cn.cdnbye.com — Cisco Umbrella Rank: 133611
659 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
304 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9763
545 B
25 12
Domain Requested by
5 weak.hiweak12.store 3 redirects cdn.jsdelivr.net
4 cdn.jsdelivr.net weakspell.org
4 weakspell.org 1 redirects cdn.xsportbox.com
weakspell.org
cdn.jsdelivr.net
3 potskolu.net cdn.xsportbox.com
potskolu.net
2 weak.hiweak19.store
2 youradexchange.com celeritascdn.com
2 celeritascdn.com weakspell.org
celeritascdn.com
2 cdn.xsportbox.com cdn.xsportbox.com
1 weak.hiweak20.store
1 cn.cdnbye.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 my.rtmark.net potskolu.net
25 12

This site contains no links.

Subject Issuer Validity Valid
xsportbox.com
E1		 2023-10-03 -
2024-01-01		 3 months crt.sh
weakspell.org
GTS CA 1P5		 2023-09-15 -
2023-12-14		 3 months crt.sh
potskolu.net
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
hiweak12.store
E1		 2023-09-24 -
2023-12-23		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-08-19 -
2023-11-17		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Frame ID: BC02980C3ABE09E157A904603195EFEF
Requests: 6 HTTP requests in this frame

Frame: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Frame ID: 1A647FF56A24A1A5E048620129BB1402
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sportcast

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

84 %
HTTPS

70 %
IPv6

12
Domains

12
Subdomains

11
IPs

3
Countries

3813 kB
Transfer

4669 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763?embed=1 HTTP 301
  • https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Request Chain 18
  • https://weak.hiweak12.store/live/BX1/3105670/388/jpeg HTTP 302
  • https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
Request Chain 22
  • https://weak.hiweak12.store/live/BX1/3105670/388/jpeg HTTP 302
  • https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
Request Chain 23
  • https://weak.hiweak12.store/live/BX1/3113177/389/jpeg HTTP 302
  • https://weak.hiweak20.store/style/BX1/3113177/389.jpeg

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cdn.xsportbox.com/embed77/ 		63 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcd215d37b28c2399da60031e0cc7689b4d7843c042a99260573d3a895bdfc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8161d540f9870ead-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 18:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtpuF07mIlWy1TFW%2B%2B6rPa63wMiWv9cQK1bFlorK9fQjz5fPzh7XQnDo%2BxRfdInTYaDTUxibLXvq08RcfOQcZkVnygtnkmqsbflRhtWZ%2F7jopqiNYVBjz4GWaje9Gii32HnBt1ACyH12CZI8R2UAVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/ Frame 1A64
Redirect Chain
  • https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763?embed=1
  • https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Requested by
Host: cdn.xsportbox.com
URL: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ab77388da2de95d5bc395b0f45efa1ab5bf77311e78bdb46488727f64b7453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.xsportbox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
6900
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8161d5452e85b7ef-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 18:19:52 GMT
last-modified
Sat, 14 Oct 2023 16:24:52 GMT
link
<https://weakspell.org/wp-json/>; rel="https://api.w.org/" <https://weakspell.org/wp-json/wp/v2/posts/135763>; rel="alternate"; type="application/json" <https://weakspell.org/?p=135763>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyXLXEbHB28gxxfaUnBsA9TRbhzoGec2%2FMvUKHjMmDebTeT3uWF%2F0c5aPdi6vRKZxyfKWL%2F8x7p9ejFO7tKb4UTxvd1Ri104G99efnVlVaW2OaAwn6WgQNEd%2Fv2fuJv51xaZnpSDAyxRMIAx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-pingback
https://weakspell.org/xmlrpc.php
x-wp-embed
true
x-xss-protection
1; mode=block

Redirect headers

age
5992
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8161d544ee3fb7ef-AMS
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 18:19:52 GMT
location
https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4hHsRHr39m9x3du346LbndqFZyfitxvZ7RAfXp5R9rmNwVn7YsRR57zVtSifhhbbSOt2fAvWThsoQ8KzqEI5qYJixtlvcotn7D2I%2Ff8i9x1MnyKTv9WNKCixrbuwDVlSyl7iC%2B%2FDk5txkWF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-pingback
https://weakspell.org/xmlrpc.php
x-redirect-by
WordPress
x-xss-protection
1; mode=block
/
cdn.xsportbox.com/embed77/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Requested by
Host: cdn.xsportbox.com
URL: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvDhv6wxIMRx8fQTfnoVtkjyNCCYQZZi7KzZRVOj%2FDAXbt%2FrBAfaPWaVJK4NH988qu3%2BLROC53Nz1tHSQ8oIBygQx18pwda4w0jUrN%2Fw1dBlBRFXmF6LnSepnkQK7zwW4%2FZPUuOy%2B3aaIaP4vQyH5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8161d544bd630ead-AMS
alt-svc
h3=":443"; ma=86400
/
potskolu.net/5/6320745/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://potskolu.net/5/6320745/?oo=1&aab=1
Requested by
Host: cdn.xsportbox.com
URL: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
07d0aa7d2ed52bd7c20801480608d5a2ec8a7efe606f1ca68a53490433d4c9c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.xsportbox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
gzip
x-trace-id
29b55e080b292f2fe75e5bd5a9e695fb
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cdn.xsportbox.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
potskolu.net/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://potskolu.net/tag.min.js
Requested by
Host: cdn.xsportbox.com
URL: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fweakspell.org%2Fmma-boxing%2Ftommy-fury-vs-ksi%2F135763%3Fembed%3D1&ask=1697324400&lgt=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
72e9c7cfe696a88de9acd9d80da1b2c4c3441c2ff2c0cf5c57a07aa153d91f13
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.xsportbox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25432
x-trace-id
157a1c2b6f323d0419a6bdaf17556cb6
pragma
no-cache
last-modified
Fri, 13 Oct 2023 23:14:27 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame 1A64 		470 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20252762
x-jsd-version
0.4.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230102-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOl0%2F3K%2FCeQQlbdFTwhtP66vnenhJyDveUpfv0WMuODGz8QnqRJntLKnvnMlWiuMnUkyqifXUNB%2FOFUgDPgbl40fXQWJFQoQvZvIucAhLxGR86GKMlv%2BAypIUQnK1eD0rtNuHexg8%2F2PutX4lP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8161d545b9a50e3c-AMS
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame 1A64 		177 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21524
x-jsd-version
1.21.0
content-encoding
br
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230069-FRA, cache-yyz4542-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2c5b1-Hb5WHC2wG79jOsHQCLzlmXmj4b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDAER%2FZ%2Fn%2F62TzEBEHyqY6E8%2BBoP5xfafv9to0YEiyhKoIkWTC%2BsyTam%2F%2FKwXH9Kk1UtQnNV%2BEQu7CyK6iHpeNqyN2Y4U3ad6AvMdgnfU6pXn%2BubNgkPVgNuQ8BCb5eoy%2FTa0j8i7liMBeuhLRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8161d545b9a00e3c-AMS
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame 1A64 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21524
x-jsd-version
1.20.10
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230070-FRA, cache-yyz4557-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH79dBhEojIjW9dho1Nwi9JqXzaShYUgLMajoL9Sy21VmIMttBJh1J%2FdDdEuAWn2IPHfC8n1iZOajSeDYxjf66oWz0jhEmhueiQvcO1LAOGf1DHGHeYlZNcgebe8aOsyiqg25HKyyHQrW0epAxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8161d545b9a20e3c-AMS
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1A64 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24498
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBdFiiIfqXmTctUdRgyny7klEHnRoayxdBg%2FqP4Yl1nx7WnwnQAfOZCxyCGFW5KqiTxAaQj6kgDxSOT10CwKbGuBcwnkrdq8nCKrjWDQWbvSoIfthic%2Fft5Fi%2F%2BdHSbNKj%2F8Le7i54d6NUdvR7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8161d545b9a40e3c-AMS
wp-emoji-release.min.js
weakspell.org/wp-includes/js/ Frame 1A64 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weakspell.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 16:17:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2259
etag
W/"649dae84-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gmbx14gjV3U7Hg69%2FQldER3jp22MOiFQzgIhrr9ZU%2FzX62OhrB%2F6UsU7vUk3k%2B0abs8se0D9BTYgXyrRWHKjSp3AkzgLOfkFp3%2F3sca9BuNVpWDA2pNgU1zGY4oPaI%2FQ%2Bv6AXpfPM%2BzjfaS1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
8161d5458bd46661-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 13 Nov 2023 17:42:13 GMT
gid.js
my.rtmark.net/ 		65 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=5ffdf35023144584af08a24dd5acfefa
Requested by
Host: potskolu.net
URL: https://potskolu.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9d8dbcbd43753b629ab6647a6d8f823524af8b9707bedc55d4050179e368743e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.xsportbox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.xsportbox.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
potskolu.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://potskolu.net/?rb=6casSjgpTMnJshxSNlHmnnPsEQHXDydvb3sZ-USfyo3ex4-hqMfkXZdiP2LX4JpPYzmgwioK9dxGndP0MI5s6-dnUzDSYPoQEqUTeKJnMCYWxqH_YWgxAcDaboFUXqE0gzD4AlT-2eSRU5nWn4TXSFIHSL3Sj2EqqY8m14iFOfu90iYk8TkQlgpFy4_mcDqAG1CHuBEFUnW1bNkYrSbYQw0dX6GSRZgu48Tv0H92v0VR5D06JAGD7QYTg91GI-gBrGu-6pkwV__D72ljnLuYXph7owJa4229&request_ab2=0&zoneid=6320745&js_build=iclick-v1.606.3-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%253A%252F%252Fweakspell.org%252Fmma-boxing%252Ftommy-fury-vs-ksi%252F135763%253Fembed%253D1%26ask%3D1697324400%26lgt%3D8&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.606.3-auto&bs=3727f40a-599b-4792-b3a5-04fed4600fe7&userId=5ffdf35023144584af08a24dd5acfefa&m=link
Requested by
Host: potskolu.net
URL: https://potskolu.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5113b97502f4c312a71173050aeab0ff25d0ab132dcdd6b71ca6b9f4dd4de67b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.xsportbox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
a7f2a956e4f904158fec8019844e1899
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cdn.xsportbox.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
gethls
weakspell.org/ Frame 1A64 		64 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://weakspell.org/gethls?idgstream=OVYrTS9wbnNMVy9KU09nQ2ZKMFgwZz09Ojou6ie%2BCMLYMZUgxzCiv1ZT&serverid=1&cid=3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632050b7833ef0ea0c037f129ab4238fa391394efbd6341d23e0786be7a53eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4Eyk9rm3sE9alMVh98obj3JHesmL7aRYGopZvDvRJ3Bw59gq33daKE%2BKpo%2FY%2FgQqfNImEEtsbbIokPUhdGv%2BeGNSpKhFONq0wKKgLPt%2FjtoSlgkyoRgWTznHINyJiPZ%2BFa7tBp3Qr7p6rbl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8161d5469d8c6661-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
resource-v31.js
celeritascdn.com/script/ Frame 1A64 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeritascdn.com/script/resource-v31.js
Requested by
Host: weakspell.org
URL: https://weakspell.org/mma-boxing/tommy-fury-vs-ksi/135763/?embed=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7543d524c808dda2186a89c2eb7b63027d725f5a4d179fbfdee049c6c40a42f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6
x-guploader-uploadid
ADPycduR6TCNe5ndpsOXGkxdeZxhrWcdPiT7nv9pVtsgYGFQvgCQ1WUEBpNXoYXTA8SDiDVwY0txdnDPDHCw2d2L9EQSRLPppn-S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 09 Oct 2023 10:04:50 GMT
server
cloudflare
etag
W/"a3885ead873c9f5b8d36c0004e77c041"
vary
Accept-Encoding
x-goog-hash
crc32c=XG6EzQ==, md5=o4herYc8n1uNNsAATnfAQQ==
x-goog-generation
1696845890336009
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
199917
cf-ray
8161d5470cf7b728-AMS
expires
Sat, 14 Oct 2023 22:19:52 GMT
weak.m3u8
weak.hiweak12.store/live/BX1/ Frame 1A64 		145 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://weak.hiweak12.store/live/BX1/weak.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea7320e8e06e35440d839914b727eb8d623c7adf4f6ba0f70c0554dd67e2c65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJAOtrmH2%2BTjlL3%2FI%2BhdjZbKZqqiyChiWo7K43qlpPHvZA8Vth85Pg44Zf9sYl6wwki490%2BGZFr%2FP3fOiih1q3qh%2FZVp8n7JyDdrk6rn89UxCLFz2UyeWWznbq5xn03yFc%2FRCs%2Bj514ntdyQ5h%2F%2BndcF"}],"group":"cf-nel","max_age":604800}
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=6
cf-ray
8161d5479877d0b5-AMS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
ut.js
celeritascdn.com/script/ Frame 1A64 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeritascdn.com/script/ut.js?cb=1697307592857
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/resource-v31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc76edeafdee6d9f51e0bfb3c1f67f4a93221ca5dc98d7e7155fdd90799f39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:52 GMT
content-encoding
gzip
cf-cache-status
HIT
age
47
x-guploader-uploadid
ADPycdsYUy29EaKjup8QSRf4QszOOYZqO4cH2-JgGzA7BVTuClhSmAv8HhvOb3GGxgjx1pJdfIuvkIZLokEGdF_0kD04gg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 09 Oct 2023 10:07:02 GMT
server
cloudflare
etag
W/"05e67634907bf37307f1a50ea4b42cca"
vary
Accept-Encoding
x-goog-hash
crc32c=b724KA==, md5=BeZ2NJB783MH8aUOpLQsyg==
x-goog-generation
1696846022267412
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
82120
cf-ray
8161d5477d2db728-AMS
expires
Sat, 14 Oct 2023 22:19:52 GMT
suurl4.php
youradexchange.com/script/ Frame 1A64 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=6913926&chmob=%3F0&abtg=1&cbur=0.4049447958430723&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0&ts=1697307592867&atv=37.1&srs=2615fe0602f23e4ad3593b341654a216
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/resource-v31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b70f8219dc9d7c2010eae88d3d527b49c821b00b55433b330a7e779e1fa36b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZZuDZ%2BnalTlV9MaeVhJIASWqD%2Fp0z3Bu%2FoOk2oA8k3mPx3Zjw%2F7dzfNQyklIFOhEtK9OOWUpxn7zXXHyOA7TZWDfugDU3wOw69RiCSWM%2F34GAkmuvTH13MxJL%2BhhPY5HoalS1fpcsNo6YC8N8nqziA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
8161d547fe575c4b-AMS
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
hb.php
youradexchange.com/ut/ Frame 1A64 		0
414 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.11746622619927183
Requested by
Host: celeritascdn.com
URL: https://celeritascdn.com/script/ut.js?cb=1697307592857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weakspell.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmA2nFFoYPk1PMYk2vIHnGzs9Sfiy5b%2BdX7p%2F10UUTEYNiiEZEymr4tqb6r2NadwESn5xACKMgiqVDOjvwBVinusifocwbser9ZKCo%2FUenTvijhAoH%2FFjLpzCClVIBQUoZFMlzsQF0NlRRCyhrydg78%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8161d5482cf3d0c5-AMS
alt-svc
h3=":443"; ma=86400
storage.m3u8
weak.hiweak12.store/live/BX1/ Frame 1A64 		204 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://weak.hiweak12.store/live/BX1/storage.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c8e280b4961d430ef59732a1493656b6d4aaec7301251b5acace3b57d2bf2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGCs9ebPMEwqxVaIudNaV8auU42EbZfFfqpjfl4UFNFQYVnz7VfDOmBS8COUcOMECeM0FpalkPXKx%2FJxMyMJOsD6kG8u2YV2K7qfE%2B9UvxFi9hSnrAOObXD3h%2BHCNA65RYrFpYuVh4vvuo9q9HpsV19m"}],"group":"cf-nel","max_age":604800}
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=6
cf-ray
8161d5487983d0b5-AMS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
388.jpeg
weak.hiweak19.store/style/BX1/3105670/ Frame 1A64
Redirect Chain
  • https://weak.hiweak12.store/live/BX1/3105670/388/jpeg
  • https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
Protocol
H2
Server
2606:4700:3033::ac43:c25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8add3479a1b7bf156b0840ac554d5f95cc84ba16c52a76d7a303fb19b5cdb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9
alt-svc
h3=":443"; ma=86400
content-length
1685044
last-modified
Sat, 14 Oct 2023 18:19:44 GMT
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B7pl8V9ywWgBTbPGkCV9KFPDZBtWQMvBqnj%2FJ9tga8IVmA9KbfpXoex4HTtBwFr9sxyDL4vtnYSqJr1gccEgU5P6%2F6JMWjEv4d3Afszm%2BhjlEGqVvF8WtCl%2BEXFmAt4zoXH8GcZyHJIro0lygg5HdH0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8161d54abea76567-AMS
access-control-allow-headers
*

Redirect headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCI9uFPuON5BIp7wiNWtQQJ%2F%2BZpixiYpB6OxLfFfFLJuAf9dsMmFLbZbnjZC6YqDm51fmfEa3WmxgOQuGmJ8apx%2BnQIMQd4ZUhGtf9N3jx78be0v1dPTgRRPrFLkLKOrtFvbPa%2Bx2mM%2BG6C7d3VEFYg9"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
location
https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
access-control-allow-origin
*
cache-control
public, max-age=120
cf-ray
8161d5497e836602-AMS
alt-svc
h3=":443"; ma=86400
content-length
154
json
pro.ip-api.com/ Frame 1A64 		148 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
2869219efe96de4991c0f14566c34036e81424087baf518140e1ebde08874502

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 14 Oct 2023 18:19:53 GMT
Content-Length
148
Content-Type
application/json; charset=utf-8
999443f9-fa14-4de7-933e-5c9388e8cfa2
https://weakspell.org/ Frame 1A64 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://weakspell.org/999443f9-fa14-4de7-933e-5c9388e8cfa2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
channel
cn.cdnbye.com/v1/ Frame 1A64 		376 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cn.cdnbye.com/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ac1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70f83038bab89c7b855b596ca98c45356b07dfe563d7cb994be71668a0002fb

Request headers

Referer
https://weakspell.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSz17DUrNk7M2hUU4HUjjMK2t4p3%2Bw6VW%2Bwg0QvZ1KFrAe%2F4uwE4sLIDih59DBIvRDrOGO11Jf2KGH6ViQrtr%2BUEa05PG0Tzwury0%2Fq0OrzUjRC0w82DyctbW1QCwGxPv5vY1JVjav7CtB3e"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8161d54abfb3b79c-AMS
alt-svc
h3=":443"; ma=86400
388.jpeg
weak.hiweak19.store/style/BX1/3105670/ Frame 1A64
Redirect Chain
  • https://weak.hiweak12.store/live/BX1/3105670/388/jpeg
  • https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
1 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
Protocol
H2
Server
2606:4700:3033::ac43:c25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9
Content-Range
bytes 0-0/1685044
alt-svc
h3=":443"; ma=86400
Content-Length
1
last-modified
Sat, 14 Oct 2023 18:19:44 GMT
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVFmL%2FMZvH%2ByT6is4HF0KXVc3gtyrppJY1LVWc2yRB97Aof901k2ZYRmzGZeWnYnN8%2B9KSfOUWB%2FYI8joaqqVehF3nckfl%2BTsD7RvFHOc8bOKB59lnyu2Vs5syrZUKO%2FE%2BlWLYeHXsl2KagoRm3AkVFl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=14400
vary
Accept-Encoding
cf-ray
8161d54ca8a96567-AMS
access-control-allow-headers
*

Redirect headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJuKmT02DiOq%2BxthV5Zerv0NFl5CejfU7kFGIRoK5lgpGxVY%2BaDiLRp2mJONO22r0ASjUfFCY%2BLk983c3yYgNziUQ0Zbe%2BbTFO49fxACEhnXZYXw%2B435x%2FWFH3VsGJL5Pxa4Ue6lsQ2ExOtN6195zVt%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
location
https://weak.hiweak19.store/style/BX1/3105670/388.jpeg
access-control-allow-origin
*
cache-control
public, max-age=120
cf-ray
8161d54bd8e26602-AMS
alt-svc
h3=":443"; ma=86400
content-length
154
389.jpeg
weak.hiweak20.store/style/BX1/3113177/ Frame 1A64
Redirect Chain
  • https://weak.hiweak12.store/live/BX1/3113177/389/jpeg
  • https://weak.hiweak20.store/style/BX1/3113177/389.jpeg
2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://weak.hiweak20.store/style/BX1/3113177/389.jpeg
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb76a0bff3ab7398332613a61a71e462fc3a3b9f12087a584780541c83287d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://weakspell.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
content-length
1864396
last-modified
Sat, 14 Oct 2023 18:19:51 GMT
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc7syOP9dNnpJAuC7Tj%2BwZ41EERw6vtQ0IBGzo7BFt6%2BNRiw5AzZoqHFGaLsYAyqMkNluZ4AMbojDWsWWwtXHf8qV6Zhl%2FWhqlJxQuo9jkClKLmZzHejSmoOgsFenzBEvhTv2A4AFXqggiT5RLWn%2FyfJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8161d54d6921b7e8-AMS
access-control-allow-headers
*

Redirect headers

date
Sat, 14 Oct 2023 18:19:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OuQnJ0QaVd82F2UnjfEfVZWfDwqzuIVviETfrgcx02wLudHbR89aNfWZ%2B3T1X65%2FvLevF2noTPKntdv74e4R7nik1WVJ60RDIgUQC0qtyONjuuepfA%2FBsnyJztUfJkwLD6MaMX4IN%2BgUao1r0s9hI8n"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
location
https://weak.hiweak20.store/style/BX1/3113177/389.jpeg
access-control-allow-origin
*
cache-control
public, max-age=120
cf-ray
8161d54c19336602-AMS
alt-svc
h3=":443"; ma=86400
content-length
154

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| notLoad string| k object| _5yzu6erjt8k object| oc57y1dzlh object| zfgformats function| setImmediate function| clearImmediate function| _vmmbbpo function| _rwtgzykr function| getCookie function| setLink object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks

5 Cookies

Domain/Path Name / Value
potskolu.net/ Name: OAID
Value: 5ffdf35023144584af08a24dd5acfefa
potskolu.net/ Name: oaidts
Value: 1697307592
my.rtmark.net/ Name: ID
Value: 5ffdf35023144584af08a24dd5acfefa
cdn.xsportbox.com/ Name: prefetchAd_6320745
Value: true
potskolu.net/ Name: syncedCookie
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.xsportbox.com
celeritascdn.com
cn.cdnbye.com
my.rtmark.net
potskolu.net
pro.ip-api.com
weak.hiweak12.store
weak.hiweak19.store
weak.hiweak20.store
weakspell.org
youradexchange.com
139.45.195.8
139.45.197.245
2606:4700:3033::ac43:c25a
2606:4700::6810:5514
2606:4700::6810:5c06
2606:4700:e0::ac40:650b
2606:4700:e4::ac40:ac1c
2a06:98c1:3120::3
2a06:98c1:3121::3
51.77.64.70
07d0aa7d2ed52bd7c20801480608d5a2ec8a7efe606f1ca68a53490433d4c9c3
0b70f8219dc9d7c2010eae88d3d527b49c821b00b55433b330a7e779e1fa36b9
11c8e280b4961d430ef59732a1493656b6d4aaec7301251b5acace3b57d2bf2f
1dcc76edeafdee6d9f51e0bfb3c1f67f4a93221ca5dc98d7e7155fdd90799f39
2869219efe96de4991c0f14566c34036e81424087baf518140e1ebde08874502
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
39ab77388da2de95d5bc395b0f45efa1ab5bf77311e78bdb46488727f64b7453
4a8add3479a1b7bf156b0840ac554d5f95cc84ba16c52a76d7a303fb19b5cdb5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fcd215d37b28c2399da60031e0cc7689b4d7843c042a99260573d3a895bdfc7
5113b97502f4c312a71173050aeab0ff25d0ab132dcdd6b71ca6b9f4dd4de67b
632050b7833ef0ea0c037f129ab4238fa391394efbd6341d23e0786be7a53eb6
72e9c7cfe696a88de9acd9d80da1b2c4c3441c2ff2c0cf5c57a07aa153d91f13
9d8dbcbd43753b629ab6647a6d8f823524af8b9707bedc55d4050179e368743e
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
bfb76a0bff3ab7398332613a61a71e462fc3a3b9f12087a584780541c83287d5
c4f481e890cb7357460821eafbc7678fe6900c001c97a6520091c6c44bd2a328
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
d7543d524c808dda2186a89c2eb7b63027d725f5a4d179fbfdee049c6c40a42f
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f83038bab89c7b855b596ca98c45356b07dfe563d7cb994be71668a0002fb
fea7320e8e06e35440d839914b727eb8d623c7adf4f6ba0f70c0554dd67e2c65