www.marchmadness.cf Open in urlscan Pro
2a00:1450:4001:82a::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.marchmadness.cf/
Submission: On February 26 via manual (February 26th 2022, 9:09:57 pm UTC) from UA — Scanned from DE

Summary HTTP 89 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 35 domains to perform 89 HTTP transactions. The main IP is 2a00:1450:4001:82a::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.marchmadness.cf.

This is the only time www.marchmadness.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:82a::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2009	15169 (GOOGLE) (GOOGLE)
6	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5c06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.87.67 23.109.87.67	7979 (SERVERS-COM) (SERVERS-COM)
3	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
4	2600:9000:215... 2600:9000:2156:de00:d:37cd:ccc0:21	16509 (AMAZON-02) (AMAZON-02)
2	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:cd1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.98.17 143.204.98.17	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3034::6815:3895	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.14 143.204.98.14	16509 (AMAZON-02) (AMAZON-02)
15	2620:1ec:bdf::60 2620:1ec:bdf::60	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
89	35

2 2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.marchmadness.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16173508.profitabletrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl16173508.trustedgatetocontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.effectivedisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reductionjogvast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16173520.profitabletrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.displayformatcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl16164575.trustedcpmrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

daddylive.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5c06 (United States)

ASN13335 (CLOUDFLARENET, US)

celeritascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.67 (Netherlands)

ASN7979 (SERVERS-COM, US)

duellosheliced.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:de00:d:37cd:ccc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2k487jakgs1mb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

mauchopt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cd1b (United States)

ASN13335 (CLOUDFLARENET, US)

eplayer.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net

onomousw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:3895 (United States)

ASN13335 (CLOUDFLARENET, US)

ndollarhe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

ourcoolposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.videocdn.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-14.fra50.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:bdf::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	arc.io arc.io — Cisco Umbrella Rank: 24199 static.arc.io — Cisco Umbrella Rank: 40975 core.arc.io — Cisco Umbrella Rank: 59976 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 36760	233 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 86 accounts.google.com — Cisco Umbrella Rank: 62	151 KB
6	blogger.com www.blogger.com — Cisco Umbrella Rank: 9282	171 KB
5	histats.com s10.histats.com — Cisco Umbrella Rank: 17271 s4.histats.com — Cisco Umbrella Rank: 14990	16 KB
4	cloudfront.net d2k487jakgs1mb.cloudfront.net	134 KB
3	videocdn.click 1 redirects www.videocdn.click — Cisco Umbrella Rank: 625887	395 B
3	onomousw.xyz onomousw.xyz	4 KB
3	eplayer.click eplayer.click — Cisco Umbrella Rank: 685868	34 KB
3	mauchopt.net mauchopt.net — Cisco Umbrella Rank: 126043	27 KB
3	profitabletrustednetwork.com pl16173508.profitabletrustednetwork.com pl16173520.profitabletrustednetwork.com
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	2 KB
2	ndollarhe.com ndollarhe.com	1 KB
2	celeritascdn.com celeritascdn.com — Cisco Umbrella Rank: 149049	13 KB
2	effectivedisplaycontent.com www.effectivedisplaycontent.com — Cisco Umbrella Rank: 122110
2	daddylive.fun daddylive.fun	52 KB
2	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 13126	1 KB
2	displayformatcontent.com www.displayformatcontent.com — Cisco Umbrella Rank: 637025
2	trustedgatetocontent.com pl16173508.trustedgatetocontent.com
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	129 KB
2	marchmadness.cf www.marchmadness.cf	13 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	64 KB
1	reductionjogvast.com reductionjogvast.com
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	30 KB
1	ourcoolposts.com ourcoolposts.com
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10281	544 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 53428	856 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	freychang.fun freychang.fun — Cisco Umbrella Rank: 24286	712 B
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 236	17 KB
1	duellosheliced.com duellosheliced.com	1 KB
1	trustedcpmrevenue.com pl16164575.trustedcpmrevenue.com
1	googleusercontent.com themes.googleusercontent.com — Cisco Umbrella Rank: 8184	53 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	658 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	30 KB
0	licenses4.me Failed player.licenses4.me Failed
89	35

	Domain	Requested by
14	static.arc.io	arc.io core.arc.io static.arc.io
6	www.blogger.com	www.marchmadness.cf apis.google.com www.blogger.com
5	apis.google.com	www.marchmadness.cf apis.google.com www.blogger.com
4	d2k487jakgs1mb.cloudfront.net	daddylive.fun onomousw.xyz
3	www.videocdn.click	1 redirects eplayer.click
3	onomousw.xyz	d2k487jakgs1mb.cloudfront.net
3	eplayer.click	daddylive.fun eplayer.click
3	mauchopt.net	daddylive.fun mauchopt.net
3	s10.histats.com	daddylive.fun www.marchmadness.cf s10.histats.com
2	cdnjs.cloudflare.com	static.arc.io
2	accounts.google.com	daddylive.fun
2	ndollarhe.com	daddylive.fun
2	s4.histats.com	s10.histats.com
2	celeritascdn.com	daddylive.fun celeritascdn.com
2	www.effectivedisplaycontent.com	www.marchmadness.cf
2	daddylive.fun	www.marchmadness.cf daddylive.fun
2	resources.blogblog.com	www.blogger.com
2	www.displayformatcontent.com	www.marchmadness.cf
2	pl16173520.profitabletrustednetwork.com	www.marchmadness.cf
2	pl16173508.trustedgatetocontent.com	www.marchmadness.cf
2	cdn.jsdelivr.net	www.marchmadness.cf
2	www.marchmadness.cf	www.marchmadness.cf
1	warden.arc.io	static.arc.io
1	www.googletagmanager.com	eplayer.click
1	core.arc.io	arc.io
1	arc.io	eplayer.click
1	reductionjogvast.com	eplayer.click
1	code.jquery.com	eplayer.click
1	ourcoolposts.com	mauchopt.net
1	my.rtmark.net	mauchopt.net
1	youradexchange.com	celeritascdn.com
1	www.facebook.com	daddylive.fun
1	freychang.fun	d2k487jakgs1mb.cloudfront.net
1	ssl.google-analytics.com	daddylive.fun
1	duellosheliced.com	daddylive.fun
1	pl16164575.trustedcpmrevenue.com	daddylive.fun
1	themes.googleusercontent.com	www.marchmadness.cf
1	pagead2.googlesyndication.com	www.marchmadness.cf
1	ajax.googleapis.com	www.marchmadness.cf
1	pl16173508.profitabletrustednetwork.com	www.marchmadness.cf
0	tracker.arc.io Failed	static.arc.io
0	player.licenses4.me Failed	eplayer.click
89	42

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.histats.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
trustedcpmrevenue.com R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
duellosheliced.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
mauchopt.net R3	`2022-01-30` - `2022-04-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.eplayer.click R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
onomousw.xyz Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-06` - `2022-03-06`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
ourcoolposts.com R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
arc.io Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
static.arc.io DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-09-14`	a year	crt.sh
core.arc.io DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-09-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://www.marchmadness.cf/
Frame ID: 1129368D054961EBDB54D5DF4CBD9A31
Requests: 29 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: C934313DF43B394B1BE910C1C0541089
Requests: 5 HTTP requests in this frame

Frame: https://daddylive.fun/livetv/stream-316.php
Frame ID: D1B5F2432154867A4C63F5A35E6B61D0
Requests: 24 HTTP requests in this frame

Frame: https://eplayer.click/premiumtv/daddylive.php?id=316
Frame ID: 552C1A83ADB5A329A2BAF20BD0E33E27
Requests: 17 HTTP requests in this frame

Frame: https://onomousw.xyz/ZlNaWFMHMTk1bAduOH4mFD9nfWEgdmgeN1Q4bmBkDDIxPyBXPjh2MAo8Lzw1FDw0LH0INi59YSA3OB0ZIzEcDQMqADUTMg40KBEVICANEAkfBR0KGC0XORwcHit/ahUtOQ99YSAUGRkqLjoTbRYBYzcVYwlhCj87CQsdCTwiBykUNVQaEBckX3ZoHjczPGobECRmDRAePx4zKxsHEm5qGiQ0LBoqVmEYHCstHSMOASkSF2wfNxJvHAQCYRE1ESUwNx42PAYLaR83GiIZKTNgCQ83BR8eGhk8YiIiNyMZNgsLIxQJDzcFHQloED9iMjY3H2YtAD0vaw01FSAJaXUJBR0YLyotEjExEDUSLBoAIBk5GRk8CTYsIAJiKi8LCBkpGilWChYhOywJI2E9Aj8tbRE1ODILBAIwEAsWNgM9FiE/BW80Fx88aBkpARkAawoXMRwKIAIWEDAEVTdiCT5XMABrCQUZPWg4LAFuYAA+EhkPBDwxOBA3BzAiNHZUFXwyIAk9KmU9PzkuOiUUJA8IGiw1
Frame ID: 6267490A99C3A4B9B90D113D1B921812
Requests: 2 HTTP requests in this frame

Frame: https://onomousw.xyz/UHNOa0oxES0GdTFOLE0/Ih9zTngWVnwtLmIYelN9OhIlDDlhHixFKTwcOw8sIhwgH2Q+FjpOeBY4AC5/YT0WIRIZITo/HgUyIC4bOD8PIzoUNxsqGRoyFAoCFSE0IQ8WMSsSPTsrDTINHyYPPwg7Rz84CwYmGShyMiYlUxkbCzo8HiclIS0MFSINMzoEIgwmABkLPjsNYRQnLQgSMi0FPjIxGAgNNh9/KA1hHD8sIRkxCzMyFiQ5Mhg2NhsuGzgDa1kIBTIXHA8ICwg6IiQSKy4PASIWMTgCBBsgCz4DLS4PETYCHBwWOyIufxU1LTESBAMfKTABMSg+ZxkRHzoAIiE5PSsIChcpHRJHHA0OCSIfKhs5OwhfEhUrNi0fOBcWIRg/EBgcEHVBDC0mYDIZEgcBNgspMzRDfgkbOAN4Oi0SOAkFEBY2CyoPACEcPw9gKiA+CzNDDzN7EzR+LgkxMg8ibDoAIQU6bSI6WAUyIic/eCdG
Frame ID: 5E24C1D80C3F375FE55B08F63E2D150C
Requests: 2 HTTP requests in this frame

Frame: https://player.licenses4.me/player.php?id=premium316&test=true
Frame ID: 141DA4CDD684D8E45AFB39B0187FC912
Requests: 1 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?44095ae
Frame ID: 9C47A589DA3D0DE047F638F5869FAFC6
Requests: 7 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?44095ae
Frame ID: EC7D510BAB3C3E048067D6D32BFADB7E
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?44095ae
Frame ID: BF413B9B1767F945AC47D06498C8A158
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MarchMadness - NCAA Basketball

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

89
Requests

81 %
HTTPS

62 %
IPv6

35
Domains

42
Subdomains

35
IPs

7
Countries

1181 kB
Transfer

3356 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=2003407130046375877&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=2003407130046375877&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=2003407130046375877&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=2003407130046375877&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=2003407130046375877&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=1875197&ccid=326

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://www.videocdn.click/zzht.php?id=/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js HTTP 301
https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js

89 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.marchmadness.cf/ 39 KB
10 KB 346ms
230ms Document
text/html 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5fa6d7a125605122871b0027ca4111982c3066469cb39647d289cd411c9f3f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Sat, 26 Feb 2022 21:09:51 GMT
Date: Sat, 26 Feb 2022 21:09:51 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 26 Feb 2022 18:06:47 GMT
ETag: W/"cf29295a22c26ec7ea65c6750f750956857897b8d8fdc1ba260a1c04a7e74e0a"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10005
Server: GSE

GET
H2 200 1529571102-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 90ms
9ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7804
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:16:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 24 Feb 2023 13:49:21 GMT

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.profitabletrustednetwork.com/94/f0/f9/ 0
0 600ms
93ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.profitabletrustednetwork.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:51 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 43ms
14ms Script
text/javascript 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 08:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2023 08:59:09 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ 517 KB
126 KB 46ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1123995
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e3c2822f9be9073-FRA

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/clappr.level-selector/latest/ 9 KB
3 KB 38ms
21ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1123995
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19168-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e3c282309bf9073-FRA

GET
H2 200 plusone.js Show response
apis.google.com/js/ 53 KB
21 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918949f9d5713f7b8184718f52e8d1d8793bfc04d794cf5f1efd18636ca08420

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sat, 26 Feb 2022 21:09:51 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9cf7be837b9a860e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 21:09:51 GMT

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.trustedgatetocontent.com/94/f0/f9/ 0
0 492ms
140ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:51 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden a1eb6966033e68be718e2e6224746bd0.js
pl16173520.profitabletrustednetwork.com/a1/eb/69/ 0
0 820ms
104ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:51 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK cookienotice.js Show response
www.marchmadness.cf/js/ 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.marchmadness.cf/js/cookienotice.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 17:15:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14088
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2026
X-XSS-Protection: 0
Last-Modified: Sat, 26 Feb 2022 13:50:49 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sat, 05 Mar 2022 17:15:03 GMT

GET
H2 200 3820152532-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
155 KB 90ms
10ms Script
text/javascript 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3820152532-widgets.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28874de1a690991ac52cfae8106472a6e0b0c1c4a06d30c6efe2774d1ab44683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 01:57:16 GMT
x-content-type-options: nosniff
age: 328355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158520
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 00:56:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Feb 2023 01:57:16 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 119ms
118ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3521924214032210314&zx=57d8d0e2-576f-4e90-9758-b04536f3d770

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 Feb 2022 21:09:51 GMT
server: GSE
date: Sat, 26 Feb 2022 21:09:51 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 149 KB
51 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 19:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52401
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 19:16:02 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 52 KB
17 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 14:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16753
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 14:06:05 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 19ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 11:08:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 36101
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sat, 12 Mar 2022 11:08:10 GMT

GET
H/1.1 200
OK image
themes.googleusercontent.com/ 52 KB
53 KB 56ms
35ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNzE5NTg3YzUtMGU0Mi00OWQ3LTg2NjUtODk1OGVlMjg1YjZj

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 21:09:51 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: private, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.png"
Timing-Allow-Origin: *
Content-Length: 53665
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/ 0
0 500ms
95ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame C934 7 KB
3 KB 131ms
130ms Document
text/html 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa50f20a763ea22fb2ecd1a9c11e73c2388661ead306191d2ebab78a90a4fc0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Feb 2022 21:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2593
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 596ms
596ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3521924214032210314&zx=57d8d0e2-576f-4e90-9758-b04536f3d770

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 Feb 2022 21:09:52 GMT
server: GSE
date: Sat, 26 Feb 2022 21:09:52 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame C934 53 KB
20 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36cceec33ad901422b48b69d2209b9d5e3ef1def1daf50ec22e9a6b110069b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20539
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sat, 26 Feb 2022 21:09:52 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "611cd9fe546d4a44"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 21:09:52 GMT

GET
H2 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame C934 907 B
1 KB 24ms
9ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:24:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 22:50:50 GMT
server: sffe
age: 366329
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Mar 2022 15:24:23 GMT

GET
H2 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame C934 117 B
230 B 23ms
10ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 06:04:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 18:55:20 GMT
server: sffe
age: 313544
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 02 Mar 2022 06:04:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ Frame C934 128 KB
42 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 14:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43036
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 14:06:06 GMT

GET
H2 200 stream-316.php Show response
daddylive.fun/livetv/ Frame D1B5 137 KB
52 KB 186ms
112ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://daddylive.fun/livetv/stream-316.php

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd8bbdeb6eb58f9e6381159e8f2a259b53dc69b6add32bf996765b1c8487916

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/

Response headers

date: Sat, 26 Feb 2022 21:09:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
greyf: HIT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGPz7Kb3U%2FBP268fMu6la7Kvh5a165n35QKo8jnGJtVDJN8cksWXIi3sKW%2FyaXA3cT0lYuRashN3f11SmcBoJjlvdNumvpcu1Oth4OQYApFbLOu4nPO9oRj9KKGH6UjHG%2BQz0kI%2BedHDlHhK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e3c282adc755a25-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.trustedgatetocontent.com/94/f0/f9/ 0
0 100ms
99ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:07:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 22:50:50 GMT
server: sffe
age: 367349
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Mar 2022 15:07:23 GMT

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/ 0
0 197ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 su.js Show response
celeritascdn.com/script/ Frame D1B5 25 KB
8 KB 146ms
49ms Script
text/javascript 2606:4700::6810:5c06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/su.js
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 773
x-guploader-uploadid: ADPycdvduKkfJg5iOKDhEVFL_3CDfBxdbnGnFtJntU15ClDsd2zH49VrjoZNcGhuOi_lAEAlBCrS7WsDcTX4u64zmp0QUVV48g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Mon, 07 Feb 2022 13:27:32 GMT
server: cloudflare
etag: W/"52355fb1698469eed7632a46e8a4f23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=EVjXSA==, md5=UjVfsWmEae7XYypG6KTyOg==
x-goog-generation: 1644240452215465
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 25170
cf-ray: 6e3c282c3cc35a07-MXP
expires: Sun, 27 Feb 2022 01:09:52 GMT

GET
H/1.1 403
Forbidden ddd430767cdbddd8ac0726a842abd6c0.js
pl16164575.trustedcpmrevenue.com/dd/d4/30/ Frame D1B5 0
0 692ms
95ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl16164575.trustedcpmrevenue.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:53 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK 11822 Show response
duellosheliced.com/rflHFJ2pbNpDdm/ Frame D1B5 0
1 KB 76ms
22ms Script
application/javascript 23.109.87.67
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://duellosheliced.com/rflHFJ2pbNpDdm/11822

Requested by

Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.67 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 21:09:52 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://daddylive.fun
Access-Control-Max-Age: 600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options: nosniff
Keep-Alive: timeout=20

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D1B5 11 KB
5 KB 49ms
9ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:07:04 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 411796668

GET
H2 200 / Show response
d2k487jakgs1mb.cloudfront.net/ Frame D1B5 200 KB
66 KB 196ms
166ms Script
text/plain 2600:9000:2156:de00:d:37cd:ccc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:d:37cd:ccc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 54790631692557ea161ca3a8a34f82b281f865c7df290a425514fab29f689261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 21:09:52 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 67570
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: 14uQ2bd11Lt65uR7JGd0wNRgNbWvLTv7ESofSk5_bNBz4zl-nt9C7Q==

GET
H/1.1 403
Forbidden invoke.js
www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/ 0
0 108ms
108ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 ut.js Show response
celeritascdn.com/script/ Frame D1B5 15 KB
5 KB 59ms
59ms Script
text/javascript 2606:4700::6810:5c06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/ut.js?cb=1645909792705
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/su.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1686
x-guploader-uploadid: ADPycdvAHFR487uQmEf7KoIqB4IQ6Vw6eQgAejtzhwFZgFy7lPh2sos8Ka8mfWWDl0Hd5bh_c0JdgwG1zFyowaY2iJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 03 Feb 2022 12:22:51 GMT
server: cloudflare
etag: W/"1e3e1b7d88d8f85d315c97184a256f79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
x-goog-generation: 1643890971548728
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 15378
cf-ray: 6e3c282de9e85a07-MXP
expires: Sun, 27 Feb 2022 01:09:52 GMT

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/ 0
0 95ms
94ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden a1eb6966033e68be718e2e6224746bd0.js
pl16173520.profitabletrustednetwork.com/a1/eb/69/ 0
0 112ms
111ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:52 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame D1B5 53 B
187 B 292ms
94ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fwww.marchmadness.cf%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-185938487&@b3:1645909793&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddylive.fun%2Flivetv%2Fstream-316.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: c12688e699c922439ef461e2af6c153c7c5f6be13588248e3f2095172033f3d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 21:09:53 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 35ms
19ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:00:23 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42473
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: C11B0E2A:97D8_2E69C9F0:0050_621A9721_8AA03:1D2C2
content-length: 4547
x-request-id: 787484009

GET
H/1.1 200
OK 1875197.php Show response
s4.histats.com/stats/ 110 B
245 B 284ms
93ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/1875197.php?1875197&@f16&@g1&@h1&@i1&@j1645909793018&@k0&@l1&@mMarchMadness%20-%20NCAA%20Basketball&@n0&@o1000&@q0&@r0&@s326&@ten-US&@u1600&@b1:-43652751&@b3:1645909793&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.marchmadness.cf%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: 820a8a944c6139b6cf9b5df74db3e639984874df35879f5ea803deca5f2635f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 21:09:53 GMT
Connection: close
Content-Length: 110
Content-Type: text/html;charset=UTF-8

HEAD
H3 200 stream-316.php Show response
daddylive.fun/livetv/ Frame D1B5 0
612 B 79ms
63ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://daddylive.fun/livetv/stream-316.php

Requested by

Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaNJhs0%2BAlJw%2BRilQzKWVR0pKSfvq0R3r%2FLamieJ84%2BJWnI2CaA5SSCrWn3trLbyodg0W0kUEZdkxXahFup6Dd9Yn2wpY411O9LIwGoN3%2FRhHDrxAyGsN5ZaoWNgD5FTbU3m3WR%2Fg0bCF8KX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 6e3c28305eda91f9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options: nosniff
greyvps1: STALE

GET
H2 200 / Show response
mauchopt.net/5/4284414/ Frame D1B5 3 KB
2 KB 66ms
27ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mauchopt.net/5/4284414/?oo=1&aab=1
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 045a182b37de8f8539b2e0213d7d6565228e09b5c6001306487e12c5175aa192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-trace-id: 2b1b981008b8e5970dbefc080672f1f3
pragma: no-cache, no-cache
date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://daddylive.fun
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
mauchopt.net/ Frame D1B5 69 KB
23 KB 63ms
23ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mauchopt.net/tag.min.js

Requested by

Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6d62a4acf760fe3da610cbb8298ed703a8757fe0329af25b39f0b74f41272ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 22539
x-trace-id: c130164760f0332e2cf6f3ee3bff72ee
pragma: no-cache
last-modified: Mon, 21 Feb 2022 14:11:05 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame D1B5 45 KB
17 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2750
date: Sat, 26 Feb 2022 20:24:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 26 Feb 2022 22:24:03 GMT

GET
H2 200 daddylive.php Show response
eplayer.click/premiumtv/ Frame 552C 78 KB
29 KB 174ms
108ms Document
text/html 2606:4700:e6::ac40:cd1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9e508cc2a459b49f3b45eb5f320f056183b1691cbd5c9cda2f86b8a683dbd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 26 Feb 2022 20:45:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTGEcVen0JG5r35TFlowUyCb57W4pGut1ry950w62jQlzsasgntaQkL1ZuYQ%2FjeuHkkVjxF7ldw3MO8OR2HoBso3dHoinbwSM%2FUG2c2tqX90%2BhKxUhxur5HPPEt2%2FXrQI89g5cf4YWO6%2BKrt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e3c2830cfab3760-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
freychang.fun/ Frame D1B5 16 B
712 B 155ms
122ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2k487jakgs1mb.cloudfront.net
URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8701b352e5cd47e9f272ed876b05ff22da5b74a06cc7a8b979e483ac95a103f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://daddylive.fun
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycX1EJM%2FX%2FpvspfGAO2o2hmXPeQKjsBl%2FLtOnhswQ%2BP%2Fb9msNUy89grtP7vOblwSfNLKvT1FbSVvLc8AhtKpu6VNnopHHpu0YiqSHwhl1%2FDHu1zM%2BYVkIoiXO4z3V0zt%2B8PKbl%2BhH9HdwwN1"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e3c28307e729a06-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
onomousw.xyz/ Frame D1B5 0
489 B 130ms
99ms XHR
text/plain 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onomousw.xyz/utx?cb=sVSZcmXbBAED&top=daddylive.fun&tid=944681
Requested by: Host: d2k487jakgs1mb.cloudfront.net
URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 21:09:53 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://daddylive.fun
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: LCwEZ9FKBxMqppRz2jKobmE-vIaGfFJAK_omuHeLp6Q0DxKSZOdNFQ==

GET
H2 200 BW80Fx88aBkpARkAawoXMRwKIAIWEDAEVTdiCT5XMABrCQUZPWg4LAFuYAA+EhkPBDwxOBA3BzAiNHZUFXwyIAk9KmU9PzkuOiUUJA8IGiw1 Show response
onomousw.xyz/ZlNaWFMHMTk1bAduOH4mFD9nfWEgdmgeN1Q4bmBkDDIxPyBXPjh2MAo8Lzw1FDw0LH0INi59YSA3OB0ZIzEcDQMqADUTMg40KBEVICANEAkfBR0KGC0XORwcHit/ahUtOQ99YSAUGRkqLjoTbRYBYzcVYwlhCj87CQsdCTwiBykUNVQaEBckX3Zo... Frame 6267 3 KB
2 KB 98ms
98ms Document
text/html 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onomousw.xyz/ZlNaWFMHMTk1bAduOH4mFD9nfWEgdmgeN1Q4bmBkDDIxPyBXPjh2MAo8Lzw1FDw0LH0INi59YSA3OB0ZIzEcDQMqADUTMg40KBEVICANEAkfBR0KGC0XORwcHit/ahUtOQ99YSAUGRkqLjoTbRYBYzcVYwlhCj87CQsdCTwiBykUNVQaEBckX3ZoHjczPGobECRmDRAePx4zKxsHEm5qGiQ0LBoqVmEYHCstHSMOASkSF2wfNxJvHAQCYRE1ESUwNx42PAYLaR83GiIZKTNgCQ83BR8eGhk8YiIiNyMZNgsLIxQJDzcFHQloED9iMjY3H2YtAD0vaw01FSAJaXUJBR0YLyotEjExEDUSLBoAIBk5GRk8CTYsIAJiKi8LCBkpGilWChYhOywJI2E9Aj8tbRE1ODILBAIwEAsWNgM9FiE/BW80Fx88aBkpARkAawoXMRwKIAIWEDAEVTdiCT5XMABrCQUZPWg4LAFuYAA+EhkPBDwxOBA3BzAiNHZUFXwyIAk9KmU9PzkuOiUUJA8IGiw1
Requested by: Host: d2k487jakgs1mb.cloudfront.net
URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 4b1c19f8a5d0a07a1b2af421b74657e3509f44046d16ac30569fcfc1a0650c18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php

Response headers

content-type: text/html
content-length: 1238
date: Sat, 26 Feb 2022 21:09:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zbKMay8tGaDB3tI-7krF6JimW0Uq2tB6-9ZMQFdbviatjnXy-dAS6Q==

GET
H2 200 eCdG Show response
onomousw.xyz/UHNOa0oxES0GdTFOLE0/Ih9zTngWVnwtLmIYelN9OhIlDDlhHixFKTwcOw8sIhwgH2Q+FjpOeBY4AC5/YT0WIRIZITo/HgUyIC4bOD8PIzoUNxsqGRoyFAoCFSE0IQ8WMSsSPTsrDTINHyYPPwg7Rz84CwYmGShyMiYlUxkbCzo8HiclIS0MFSIN... Frame 5E24 3 KB
2 KB 105ms
104ms Document
text/html 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onomousw.xyz/UHNOa0oxES0GdTFOLE0/Ih9zTngWVnwtLmIYelN9OhIlDDlhHixFKTwcOw8sIhwgH2Q+FjpOeBY4AC5/YT0WIRIZITo/HgUyIC4bOD8PIzoUNxsqGRoyFAoCFSE0IQ8WMSsSPTsrDTINHyYPPwg7Rz84CwYmGShyMiYlUxkbCzo8HiclIS0MFSINMzoEIgwmABkLPjsNYRQnLQgSMi0FPjIxGAgNNh9/KA1hHD8sIRkxCzMyFiQ5Mhg2NhsuGzgDa1kIBTIXHA8ICwg6IiQSKy4PASIWMTgCBBsgCz4DLS4PETYCHBwWOyIufxU1LTESBAMfKTABMSg+ZxkRHzoAIiE5PSsIChcpHRJHHA0OCSIfKhs5OwhfEhUrNi0fOBcWIRg/EBgcEHVBDC0mYDIZEgcBNgspMzRDfgkbOAN4Oi0SOAkFEBY2CyoPACEcPw9gKiA+CzNDDzN7EzR+LgkxMg8ibDoAIQU6bSI6WAUyIic/eCdG
Requested by: Host: d2k487jakgs1mb.cloudfront.net
URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 8bdc771b1d18a1131e5e6f500047834c4104add85c9dc1d8ae00f26d0a724105

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php

Response headers

content-type: text/html
content-length: 1211
date: Sat, 26 Feb 2022 21:09:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l3yfUYa6AR79h1QUgZeiGorEELSbvD2x8pkgtzp_rSqYt8Okb4fM5g==

GET
H2 204 OE9SNHgXcDFHRVwZAF4tCysWbkl2JgYEHFUZBVA6bAhjYyJTHnRAEVxyawBMDndjEghRK28FXks7M0ANS3JjEhFWKT0JXk5yYxpLDGFgAFYLaScJSR47IlUfBX50RAxMI28FTgx6awRBD3ZhB0oM
ndollarhe.com/ Frame D1B5 0
482 B 180ms
132ms Image
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/OE9SNHgXcDFHRVwZAF4tCysWbkl2JgYEHFUZBVA6bAhjYyJTHnRAEVxyawBMDndjEghRK28FXks7M0ANS3JjEhFWKT0JXk5yYxpLDGFgAFYLaScJSR47IlUfBX50RAxMI28FTgx6awRBD3ZhB0oM
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUc4sPvk0geW7NqXaMyqMJ0ZOa83inhb3RohoqiwSeuFz2JGErYEJe3xd5YoZA59bfJg9Kh5Lp5K8zOS6hTTIwBZcR8beAb9tsbu4exf8vqFnPisSKdgn5auplA9O7RtGrVllrNW6Er33rNP"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e3c2830ef173761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ Frame D1B5 0
0 177ms
149ms Image
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ Frame D1B5 0
0 96ms
68ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ Frame D1B5 0
0 90ms
62ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
d2k487jakgs1mb.cloudfront.net/ Frame D1B5 200 KB
66 KB 195ms
165ms Fetch 2600:9000:2156:de00:d:37cd:ccc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k487jakgs1mb.cloudfront.net/?kajkd=944681
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:d:37cd:ccc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5ce0b4ba91605fa069cf1e11dcc84e4ab570784e90785077f7b7f16d73b45fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://daddylive.fun
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 67569
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id: TRDFMghbnJ3usYrEFIj9s6zRIU_WDhfo7AyT9mArvN-_h-hzCWorxQ==

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame D1B5 919 B
856 B 209ms
181ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=4202623&excluded_countries=RU%2CUA&cbur=0.6760459883493863&cbiframe=1&cbWidth=710&cbHeight=500&cbtitle=&cbpage=http%3A%2F%2Fwww.marchmadness.cf%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/su.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e99029900756f083bd2e1bea4cf6c17e3fd9b93252f4c8f17c06232978ba86bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/json; charset=utf-8

GET
H2 200 cc_326.js Show response
s10.histats.com/counters/ 17 KB
7 KB 17ms
17ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_326.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0c2fcc147b9b6b055d2afb0ea591632c23d61ebf898be9468c2a1973e55dd87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 20:56:00 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-1873012977"
x-cacheable: Matched cache
content-type: text/javascript
x-grace: full
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 6470
x-request-id: 661488144

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame D1B5 65 B
544 B 51ms
14ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=ad256b142a934b0db371fb8e8b62f9bf

Requested by

Host: mauchopt.net
URL: https://mauchopt.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f5237a5fcd678785eead3b7a5d59c30f3bd9e359f79b99d3e60906364d0f39fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://daddylive.fun
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d87827dcefa63bdd3736d9bed3670950016c4c633daa9df58f23115406870653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
d2k487jakgs1mb.cloudfront.net/dbEJEbFUPLSoKahgrIFFsWHZyVGRKKDcDOxx/KjU/GCAyHiI5Eg0mM0o2PghoXGQoDTsLf2IJOw9/dUo0CCB5WHMYMisHaA42IBgvBy02BDxKNyVROAM4LQA5DWd2KmBCcmFeZUQ1LQIxAzU3SWdcLDBJZ1xzdEJlSXEGSW... Frame 6267 745 B
813 B 158ms
158ms Script
text/plain 2600:9000:2156:de00:d:37cd:ccc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k487jakgs1mb.cloudfront.net/dbEJEbFUPLSoKahgrIFFsWHZyVGRKKDcDOxx/KjU/GCAyHiI5Eg0mM0o2PghoXGQoDTsLf2IJOw9/dUo0CCB5WHMYMisHaA42IBgvBy02BDxKNyVROAM4LQA5DWd2KmBCcmFeZUQ1LQIxAzU3SWdcLDBJZ1xzdEJlSXEGSWdcNS0CY1hndy5wXnI8WmFFZ3-ZcNBwyKAkiCSAvBSFJcAJZZltsd1pwXnJsBz0YLyhJZy9ndlw5BSkhSWdcJSEPPgNrYV5lDyo2AzgJZ3YqbFRsdEJhW3d8Qm1cZ3ZcJg0kJR48SXACWWZbbHdacxl/
Requested by: Host: onomousw.xyz
URL: https://onomousw.xyz/ZlNaWFMHMTk1bAduOH4mFD9nfWEgdmgeN1Q4bmBkDDIxPyBXPjh2MAo8Lzw1FDw0LH0INi59YSA3OB0ZIzEcDQMqADUTMg40KBEVICANEAkfBR0KGC0XORwcHit/ahUtOQ99YSAUGRkqLjoTbRYBYzcVYwlhCj87CQsdCTwiBykUNVQaEBckX3ZoHjczPGobECRmDRAePx4zKxsHEm5qGiQ0LBoqVmEYHCstHSMOASkSF2wfNxJvHAQCYRE1ESUwNx42PAYLaR83GiIZKTNgCQ83BR8eGhk8YiIiNyMZNgsLIxQJDzcFHQloED9iMjY3H2YtAD0vaw01FSAJaXUJBR0YLyotEjExEDUSLBoAIBk5GRk8CTYsIAJiKi8LCBkpGilWChYhOywJI2E9Aj8tbRE1ODILBAIwEAsWNgM9FiE/BW80Fx88aBkpARkAawoXMRwKIAIWEDAEVTdiCT5XMABrCQUZPWg4LAFuYAA+EhkPBDwxOBA3BzAiNHZUFXwyIAk9KmU9PzkuOiUUJA8IGiw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:d:37cd:ccc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95579c465f4184665c723de91d60b519c61f634e6414d4911963df2d7518a2d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onomousw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 535
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: jcklUlNB35ZJRi56oyHDlMS0qccjsxSNsw4mE7NQVUvzhTbIqMEtGw==

GET
H2 200 / Show response
mauchopt.net/ Frame D1B5 2 KB
2 KB 15ms
15ms Fetch
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mauchopt.net/?rb=8nL3Ad1pJY2YVp04_CR36Udac1JDg7Knck2InuN6D2XJAa70CMtfEI3zEcTKvkPtj1VlGu6U9ftKjyQCtPxVAugheN5DoY5onSItM4iQHbr_oFoEqr3czIC-YKFYceAOF-TKszA1F16IlwEvIxoBrWYC8PvdFIvOyRa_kpu_egQ4JSkSRAO4h0HPKXfYzlmpoDltqyOoZ0eQ4IHR4rAK-GVByiJ8BB6mf1Lw5z2tNSi8zrko6UBjVJQbTHLSGzQ4ivpOWyebLL6iUkfwDATlCLGl08NTOgp8Wipd-8i00MaoaFeQ&request_ab2=0&zoneid=4284414&js_build=iclick-v1.363.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=710&wiw=710&wih=500&wfc=2&pl=https%3A%2F%2Fdaddylive.fun%2Flivetv%2Fstream-316.php&drf=http%3A%2F%2Fwww.marchmadness.cf%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.363.0&bs=028e2dd3-2ef9-46ec-88af-75a1f0aacf19&userId=ad256b142a934b0db371fb8e8b62f9bf&m=link

Requested by

Host: mauchopt.net
URL: https://mauchopt.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

258e3342f44bb682bc3a012bf64e759543fb0dfaaea67c732f3bea0f94bf35d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: 8771e18d5946c5f757f9f65cd12cb8c9
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://daddylive.fun
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 KNE51NXJXIRtTTUAnEQhLAHpDDUASJAZaHERzJEFBeywkXCYGOUATBk4qSAVUWC8bUk8SKxtWTwVoFFEQCXpTQBMJIxpPG1giFBBAcntbBVcGfl1CG1oqGkIBEXxFWwYRfEUEQhp+UAYwEXxFQhtaeEEQQXZrRwUKAnpcEEAELwVFHlE5EFcZXTpQBzQBfU-IbQQJ... Show response
d2k487jakgs1mb.cloudfront.net/ Frame 5E24 175 B
458 B 162ms
162ms Script
text/plain 2600:9000:2156:de00:d:37cd:ccc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k487jakgs1mb.cloudfront.net/KNE51NXJXIRtTTUAnEQhLAHpDDUASJAZaHERzJEFBeywkXCYGOUATBk4qSAVUWC8bUk8SKxtWTwVoFFEQCXpTQBMJIxpPG1giFBBAcntbBVcGfl1CG1oqGkIBEXxFWwYRfEUEQhp+UAYwEXxFQhtaeEEQQXZrRwUKAnpcEEAELwVFHlE5EFcZXTpQBzQBfU-IbQQJrRwVaXyYBWB4RfDYQQAQiHF4XEXxFUhdXJRocVwZ+Fl0AWyMQEEByd00bQhp6QgBKGnZFEEAEPRRTE0YnUAc0AX1CG0ECaAAI
Requested by: Host: onomousw.xyz
URL: https://onomousw.xyz/UHNOa0oxES0GdTFOLE0/Ih9zTngWVnwtLmIYelN9OhIlDDlhHixFKTwcOw8sIhwgH2Q+FjpOeBY4AC5/YT0WIRIZITo/HgUyIC4bOD8PIzoUNxsqGRoyFAoCFSE0IQ8WMSsSPTsrDTINHyYPPwg7Rz84CwYmGShyMiYlUxkbCzo8HiclIS0MFSINMzoEIgwmABkLPjsNYRQnLQgSMi0FPjIxGAgNNh9/KA1hHD8sIRkxCzMyFiQ5Mhg2NhsuGzgDa1kIBTIXHA8ICwg6IiQSKy4PASIWMTgCBBsgCz4DLS4PETYCHBwWOyIufxU1LTESBAMfKTABMSg+ZxkRHzoAIiE5PSsIChcpHRJHHA0OCSIfKhs5OwhfEhUrNi0fOBcWIRg/EBgcEHVBDC0mYDIZEgcBNgspMzRDfgkbOAN4Oi0SOAkFEBY2CyoPACEcPw9gKiA+CzNDDzN7EzR+LgkxMg8ibDoAIQU6bSI6WAUyIic/eCdG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:d:37cd:ccc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 723d219c43255be25ce862a5e9b9467be9606685fa9dd45b57b509e067632108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onomousw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 181
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: nMKZOgxGt2I24wX3LAsofulM-CaRRwunkjddQn1vvbd6MRB1Y9PhOA==

GET
H2 204 favicon.ico
ourcoolposts.com/ Frame D1B5 0
0 47ms
13ms Fetch 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcoolposts.com/favicon.ico

Requested by

Host: mauchopt.net
URL: https://mauchopt.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=60

GET
H2 200 H3gxsGxlI58IShaueAXeG42uwsw.js Show response
eplayer.click/cdn-cgi/apps/head/ Frame 552C 7 KB
3 KB 333ms
32ms Script
application/javascript 2606:4700:e6::ac40:cd1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eplayer.click/cdn-cgi/apps/head/H3gxsGxlI58IShaueAXeG42uwsw.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8c0be5093dc6cb45714059744d01c054560f15e360f2973ed2e647e4948194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/premiumtv/daddylive.php?id=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2433382
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2CXTKRWB7477WQTA
x-amz-id-2: g57UgX7w6jRsowR6owcAWgMHbuF9jSj/vO5GKu4LOxPTOwOKZbC5sLpa+Dk56UyD9U+5m+ofM7A=
last-modified: Sun, 23 Jan 2022 13:29:24 GMT
server: cloudflare
etag: W/"2f933a926abbceb0f3f88b5c30e1dc52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H3rTwVkGEE0zXRVMTCNGC2lf4VWEWVKkDuBKRHnyKmBavai5xZ%2Ffu3lybGQJ48TH2ol9XVLxUS6jhHOaDGzKqJpcsGLNJkh55n7gKVI7zcCASeXyaUl67jyhgA0vRy3JXdneWW3UOS16gGJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: WzN3N_31dfnsLp1dm7UK.uEaPQw4fjbM
cf-ray: 6e3c28335df83760-MXP

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame 552C 87 KB
30 KB 59ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1645909793.dop203.ml1.t,1645909793.cds208.ml1.hn,1645909793.cds001.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1

403
Forbidden

bb18a1b8543b35921df608a0b3ae100d.js
reductionjogvast.com//bb/18/a1/ Frame 552C
Redirect Chain

https://www.videocdn.click/zzht.php?id=/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js

0
0

336ms
92ms

Script
application/javascript

192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 26 Feb 2022 21:09:53 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date: Sat, 26 Feb 2022 21:09:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age: 50s
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUn3sxBLRViaWNP21uZsKINUIP7GbzAyLYp5RTCFPkVhyPgPuOB2Sl%2BHb7r%2FzAV9%2Bw720beO3vZpGJ%2FqVfc4pHDI0fH89BBbkeb84%2BV32u82Atgoi3loz5Kp4GvjbG1RLMCzCBWvie4j%2FT7ed4MjRI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
cache-control: max-age=5
cf-ray: 6e3c28319acd9168-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expires: Sat, 26 Feb 2022 21:09:58 GMT

GET
H2 404 bb18a1b8543b35921df608a0b3ae100d.js
www.videocdn.click/zzht.php/bb/18/a1/ Frame 552C 0
0 54ms
26ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.videocdn.click/zzht.php/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 popunder.gif
ndollarhe.com/ Frame D1B5 35 B
626 B 80ms
47ms Image
image/gif 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/popunder.gif
Requested by: Host: daddylive.fun
URL: https://daddylive.fun/livetv/stream-316.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://daddylive.fun/livetv/stream-316.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Sat, 26 Feb 2022 21:09:53 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Feb 2022 18:34:56 GMT
server: cloudflare
age: 354897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W%2FD0cnAmnLyRlC6IEjc4gXb%2BiuvmXyv3znpCWEXByEJNzKUoDmbJdSOn7bT3qJbNBnzFoAWGqvsik1HIsbSRPhbCQ3CZMPqJRQACE2oURa5hlwnOpYg6zC1XmuyM%2BYpPOfy3cDfLrm3ElI%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e3c28334b215a07-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3yQudXxhQ7jNBb0QmsKrBkTquuQ.js Show response
eplayer.click/cdn-cgi/apps/body/ Frame 552C 4 KB
2 KB 342ms
40ms Script
application/javascript 2606:4700:e6::ac40:cd1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eplayer.click/cdn-cgi/apps/body/3yQudXxhQ7jNBb0QmsKrBkTquuQ.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/cdn-cgi/apps/head/H3gxsGxlI58IShaueAXeG42uwsw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 189101c6dd7e53651648e56cbd4fa1f8b2f05a3eda3b1073c0cb4ac39ed739c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/premiumtv/daddylive.php?id=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2066388
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: NEEF2XHZHS5APQAR
x-amz-id-2: FeLXl6PUBQ2aT4Bj0/0IJnYIc5Q83W8rH/wA5zw0IVbmWnWm05qc3DWqBDrzj/bl2BBuZnfuYgE=
last-modified: Sun, 23 Jan 2022 13:29:23 GMT
server: cloudflare
etag: W/"8755b4cc101a7fd4ac03decaacc1b34f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2k0hZtMjecYrk%2F35myQ2mS5M%2FAPX4WDdWNciH3PEd4fT5DQtbF6N1PX%2FKze9yBaKMFn0Hm%2BaVpr0m7lJpIhw9O6LGSW%2BHaUGHli9v9or94HyluA5ZZyXUZ9WKMJ%2FvWl92cQqUuWgbUST4Kv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: KNBUSFPqQ7BCLMk940PzgYgtYfJzNHo6
cf-ray: 6e3c28357b1d3760-MXP

GET
H3 404 bb18a1b8543b35921df608a0b3ae100d.js
www.videocdn.click/zzht.php/bb/18/a1/ Frame 552C 0
0 125ms
39ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.videocdn.click/zzht.php/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
Requested by: Host: eplayer.click
URL: https://eplayer.click/premiumtv/daddylive.php?id=316
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET player.php
player.licenses4.me/ Frame 141D 0
0

GET
H2 200 widget.min.js Show response
arc.io/ Frame 552C 7 KB
3 KB 37ms
7ms Script
application/javascript 143.204.98.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: eplayer.click
URL: https://eplayer.click/cdn-cgi/apps/head/H3gxsGxlI58IShaueAXeG42uwsw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-14.fra50.r.cloudfront.net

Software

Resource Hash

ede777ff1a1db097d4ff59e47bf648597dae763c9c6d058ce52126b9fdc0c7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Thu, 27 Jan 2022 23:15:03 GMT
age: 2342
etag: "61f32777-b74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Sat, 26 Feb 2022 20:30:52 GMT
x-amz-cf-pop: FRA50-C1
content-length: 2932
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: mGWRFHhCkl91uRGPgAZRxP_eGFzwV1cev9P_6qywOv-jz0W25dwfvg==

GET
H2 200 core.js Show response
static.arc.io/widget/js/ Frame 552C 310 KB
90 KB 129ms
11ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?44095ae
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 862c8a19133e887922efcd1878fc67439ea730f72d063522af67dfa18c0a7fd3

Request headers

Referer
Origin: https://eplayer.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0mn0XYgAAAACokZBua/q0Tbn0IoMSPiX9QU1TMDRFREdFMTgxMABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: A5A930Z88FG3NYTJ
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAAlaflG/SlUTaW0fZ+g1146RlJBRURHRTEwMDgAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: oHoHvFwZZtvr2lCBIFKhU+8fNSaaCkbZ22a3+TmUFr1Gf09B+qUl5z5zAMtIREPKL1BBJQts8HY=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "7cd758885e5a2041b7f63fa60c09f157"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 broker.html Show response
core.arc.io/ Frame 9C47 2 KB
907 B 122ms
11ms Document
text/html 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?44095ae

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/

Response headers

cache-control: public
content-length: 512
content-type: text/html
content-encoding: br
expires: Tue, 22 Mar 2022 15:25:48 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
etag: "61e89f9d-200"
vary: Accept-Encoding
x-cache: TCP_HIT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-azure-ref-originshield: 0P9YUYgAAAADMpMHSKBO6TaeixTIZfuoQQU1TMDRFREdFMTkxNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-azure-ref: 0IpcaYgAAAAAVX5yGdvLES6kBi/uPGIV8RlJBRURHRTEwMTYAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
date: Sat, 26 Feb 2022 21:09:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 552C 174 KB
64 KB 41ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P9T7Y7DHXS

Requested by

Host: eplayer.click
URL: https://eplayer.click/cdn-cgi/apps/body/3yQudXxhQ7jNBb0QmsKrBkTquuQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82fb8e774affe64b182f18f830b64552dcad2453eaa64977b1e4590145b4a086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65146
x-xss-protection: 0
expires: Sat, 26 Feb 2022 21:09:54 GMT

GET
H2 200 broker.b281d075.js Show response
static.arc.io/broker/js/ Frame 9C47 24 KB
9 KB 9ms
9ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.b281d075.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 03VAVYgAAAADq9rhy2TxqTJ2ru/XrxdJ5QU1TMDRFREdFMTgxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: YYXMTTZKYKS5K7J2
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAADH8Nx00WoFS6PF7YKsmghiRlJBRURHRTEwMDgAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: Xtv9PUUH3JnQvWGEiJn1Ad60iY61vDloG7erKellZ0SUSl5Vc+4qdvk7F8srHEgekz71lJ60RjM=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "8c5f6da1d62d33cc4c32a8ce63be2bf6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 9C47 49 KB
17 KB 9ms
9ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:53 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0RQUVYgAAAAAjVvrs7b/aQo85BAii/Sb2QU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: R223RQAHDQ1KJHNG
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAABfkglV6ckDTLQA8XoLjc8VRlJBRURHRTEwMDgAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: 97KHDhvU7g5EihI5uaw7YIwd7LZCPED7v7d8RFGON85ipnT6ntq3AuSZSp1HR/xkURCZi84uuWY=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 9C47 0
4 KB 33ms
12ms Other
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 03dYUYgAAAACCcWZqdCv5Q4wS/lPzbqLFQU1TMDRFREdFMTgxMwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: N5BWM20BK5ATV6ZZ
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAACdx9Sqv178TqoS5jOgwRR9RlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: YNQ0MsH+208Dl3+Ca9RLlJHTm6Z+mQc5j5zFRig5riMYcyUrSCTreHPM7fneUd3+mDm5jOGGJQc=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 9C47 0
14 KB 32ms
11ms Other
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0PdkZYgAAAABBhmKO04NRQLLaRYyei62XQU1TMDRFREdFMTkyMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: 04RR90K22M8JEGDB
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAADD58HbYhFeSaDP7cMd7mODRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: fC1FBZGV/07hC3N7MOuNo2W6zYtA4mT7U6OVDQ3cxQeL+uBQK/mmkLYY1S4yjbSnukd1+LjsPIs=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ Frame 552C 94 KB
31 KB 10ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0Nn4XYgAAAAAXxsJww/a8TqZCiRShc7qeQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: ZXGD7TM4GR1YDVQG
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAARVe68R1PCQpbE+XWTJHoMRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: Tba07vH4nMi2tgG7OzMii2/wXSlm4cbAV/eatxDfGNA1Gnr0pnPbZ78s5F/gDFiJwpbAl7ajkVg=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 552C 85 KB
6 KB 11ms
10ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?44095ae
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0zDcVYgAAAADdUFvbmR5KTYL6pdCRdAPpQU1TMDRFREdFMTgxNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: P9SAHJHFB5MJV33V
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAABBNo5XOzTHRojucrEn/TmaRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: qCKx/SlQvvaV9OOI41YRDI5e78XfNjKuOfsdZFTAaw/EZ5huKOy/580MN2DAOly6AuvmpuC+0PY=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ Frame 552C 40 KB
12 KB 16ms
16ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2bf26771ea7f60b2ca0d9e62e42349d920abc78fa993c9e7cf7312c0ab231da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0Nn4XYgAAAAC/pMR7geiKSoWFqWODxTbrQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: 4M0KZ2MZ55X3KV6N
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAB2YlLmrL2ST4C1AQDOMiZKRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: 9fyAV67xBGK/pLFusuG+RqzIC7cF+38Og97MSuyA9+i3jC8kz+0cNX9jaMr3bNh9p2Wh5As4OfI=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "4b57d2edfcaa736085fa11ae0d4477a7"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame EC7D 85 KB
5 KB 10ms
9ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?44095ae
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0zDcVYgAAAADdUFvbmR5KTYL6pdCRdAPpQU1TMDRFREdFMTgxNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: P9SAHJHFB5MJV33V
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAAVqkSOJc8GR7A2r0K3E2sdRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: qCKx/SlQvvaV9OOI41YRDI5e78XfNjKuOfsdZFTAaw/EZ5huKOy/580MN2DAOly6AuvmpuC+0PY=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame EC7D 2 KB
1 KB 81ms
32ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 782232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei3YHAjdeZEfT7fY1POJHSl1DAS7ZdymsHMqu%2BNlIODHOfdTNoWcg3X07HNNku1iJz%2BKkvFatvy9QNw9jg89npG6OEaWFBKRI29d2AZ9Snrk2YVI0a4Jacvuu0REkphlIMAFbZjU1JXb3vfUoajWTYB5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e3c28373c9a0f62-MXP
expires: Thu, 16 Feb 2023 21:09:54 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame BF41 85 KB
5 KB 10ms
10ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?44095ae
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0zDcVYgAAAADdUFvbmR5KTYL6pdCRdAPpQU1TMDRFREdFMTgxNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: P9SAHJHFB5MJV33V
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAC7zTA4r7E4QYy7B8kKFETvRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: qCKx/SlQvvaV9OOI41YRDI5e78XfNjKuOfsdZFTAaw/EZ5huKOy/580MN2DAOly6AuvmpuC+0PY=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame BF41 2 KB
922 B 68ms
32ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 782232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2J9ej5NUjEY6iJtN4GRqUMVFhFSk5Ad9enRnxUhj8vtAXmsQ1guJIPkJhf4WqMCcrWiO0wfnSfwvS77165IOwXkAX1cL1zEz%2FKfwQQdPB3hy93U7mnJ6kE9PHW7fNVyUS0sg2aiRhwuiDC8loaewnfU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e3c28373c9e0f62-MXP
expires: Thu, 16 Feb 2023 21:09:54 GMT

GET
DATA 200
OK truncated
/ Frame EC7D 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BF41 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF41 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 9C47 45 KB
14 KB 12ms
11ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:54 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0PdkZYgAAAABBhmKO04NRQLLaRYyei62XQU1TMDRFREdFMTkyMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: 04RR90K22M8JEGDB
x-cache: TCP_HIT
x-azure-ref: 0IpcaYgAAAAAFmgCLuwxuS4SAu1u1Lz6ZRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: fC1FBZGV/07hC3N7MOuNo2W6zYtA4mT7U6OVDQ3cxQeL+uBQK/mmkLYY1S4yjbSnukd1+LjsPIs=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET /
tracker.arc.io/ Frame 552C 0
0

POST
H2 204 LALsWggiT8PoRRmDn9zPBr
warden.arc.io/mailbox/nodes/ Frame 552C 0
0 342ms
111ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/LALsWggiT8PoRRmDn9zPBr

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eplayer.click/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Feb 2022 21:09:54 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame 9C47 14 KB
4 KB 11ms
11ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:55 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 03dYUYgAAAACCcWZqdCv5Q4wS/lPzbqLFQU1TMDRFREdFMTgxMwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: N5BWM20BK5ATV6ZZ
x-cache: TCP_HIT
x-azure-ref: 0I5caYgAAAADk5YOae7hbTLk/ilQCU0IeRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: YNQ0MsH+208Dl3+Ca9RLlJHTm6Z+mQc5j5zFRig5riMYcyUrSCTreHPM7fneUd3+mDm5jOGGJQc=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: AmazonS3
etag: "7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
accept-ranges: bytes

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ Frame 552C 60 KB
14 KB 16ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:55 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 069gZYgAAAACMlsdHDa6bRrV0UH6u2LMuQU1TMDRFREdFMTgxMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: BEZAFKSX9G9PPF2P
x-cache: TCP_HIT
x-azure-ref: 0I5caYgAAAAA/5Ve5gNZbQaguBCLNc8XoRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: SFme3qgaP3KNtQ01WjdoXKSuBTkxl3RcREaznENVdap58ryPlzpXpQYv3JSIsJGKfH8verXG8HY=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "fa12476f8ee3c92b8369e0c9d3b915f9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ Frame 552C 3 KB
2 KB 15ms
9ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eplayer.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 21:09:55 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield: 0RJ0ZYgAAAADzkXI24K2tTIhPZ6TqP3saQU1TMDRFREdFMTkxNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id: DW9FFAAY0MYJDVN0
x-cache: TCP_HIT
x-azure-ref: 0I5caYgAAAABrgMFnbI10Rpwk0+MElZOhRlJBRURHRTEwMTUAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2: p+jhln48aUAAbfFkz6QG0QIpAgWDh/6qJrX7m5UMHjG9lbeZCd+skO8ouSxdjTprBB2g+8cr+xo=
last-modified: Thu, 27 Jan 2022 23:15:28 GMT
server: AmazonS3
etag: "14884d9e881791d580471ec30f89f22a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: player.licenses4.me
URL: https://player.licenses4.me/player.php?id=premium316&test=true

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
duellosheliced.com/	1970-01-20 01:13:16	Name: GL_UI4 Value: eJw9jUtugzAYhHnTKAV1JA6QIwCCJF5WPUSX6Dd2iBuwI%2BME9fa1KrWr%2BTQPTRAEUVUifGYx4gf1OLC25oIxoq499mPXs0vXtfzcMMGpOR05dmodHPFZugSvk9TSqnEYjZAF3nz059y02XSClFvSokC6%2BMZcIOfWbKu0VYxE0yKRfVyt8Zou9GUsInb2qLTHsEZk1ioud8g%2FlRZ%2BV%2B4RNXVZZAH295ncxdhlUCILkU6WhET4jpeRnJyM%2FUYu5Hpz5g6YWQz%2F%2Fd%2FbeGtqZEI%2B1ei%2FjbtK%2BwM7Skp0
duellosheliced.com/	1970-01-20 01:13:16	Name: GL_GI10 Value: eJxljNGKwjAURGuqVVFcBvyA%2FoAFa0F81u76oN8QQr2VIM0NSRTr11sVloV9G87MmSiKxHwGoS2my80qy9fZssiKHPGZGGJXYlrx1QTXSqMawvCHXKNMi8TRWbOB2JeYfLKs%2BEQY7MrFH%2Fa2BnvyntCvdGiBb6fMpb66kKomPSptMH4VH33e6f8HsfYWo2NerNNDOGFsKEhvibq4ZWfZqUCY%2FdL3VRJjpL20ju9t0sNX0A092JDkuvYUOtS7JeIJhQBMTw%3D%3D
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstCfa1875197 Value: 1645909793018
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstCla1875197 Value: 1645909793018
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstCmu1875197 Value: 1645909793018
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstPn1875197 Value: 1
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstPt1875197 Value: 1
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstCnv1875197 Value: 1
www.marchmadness.cf/	1970-01-20 09:57:25	Name: HstCns1875197 Value: 1
mauchopt.net/	1970-01-20 09:57:25	Name: OAID Value: ad256b142a934b0db371fb8e8b62f9bf
mauchopt.net/	1970-01-20 09:57:25	Name: oaidts Value: 1645909793
my.rtmark.net/	1970-01-20 09:57:25	Name: ID Value: ad256b142a934b0db371fb8e8b62f9bf
freychang.fun/	1970-01-20 09:50:13	Name: csu Value: 1940810696243060@1
mauchopt.net/	1970-01-20 01:21:54	Name: syncedCookie Value: true
core.arc.io/	1970-01-20 09:57:25	Name: _immortal\|Arc_nodeId Value: LALsWggiT8PoRRmDn9zPBr
.arc.io/	1970-01-25 02:32:38	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-02-26T21:09:54.338Z%22%2C%22dismissedAt%22:null}

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173508.profitabletrustednetwork.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 744) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 744) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fwww.marchmadness.cf&pfname=&rpctoken=26131797(Line 24) Message: Mixed Content: The page at 'https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fwww.marchmadness.cf&pfname=&rpctoken=26131797' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.marchmadness.cf/search'. This endpoint should be made available over a secure connection.
network	error	URL: http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 825) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 825) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 851) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 851) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 865) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 865) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl16164575.trustedcpmrevenue.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.videocdn.click/zzht.php/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.videocdn.click/zzht.php/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
apis.google.com
arc.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
celeritascdn.com
code.jquery.com
core.arc.io
d2k487jakgs1mb.cloudfront.net
daddylive.fun
duellosheliced.com
eplayer.click
freychang.fun
mauchopt.net
my.rtmark.net
ndollarhe.com
onomousw.xyz
ourcoolposts.com
pagead2.googlesyndication.com
pl16164575.trustedcpmrevenue.com
pl16173508.profitabletrustednetwork.com
pl16173508.trustedgatetocontent.com
pl16173520.profitabletrustednetwork.com
player.licenses4.me
reductionjogvast.com
resources.blogblog.com
s10.histats.com
s4.histats.com
ssl.google-analytics.com
static.arc.io
themes.googleusercontent.com
tracker.arc.io
warden.arc.io
www.blogger.com
www.displayformatcontent.com
www.effectivedisplaycontent.com
www.facebook.com
www.googletagmanager.com
www.marchmadness.cf
www.videocdn.click
youradexchange.com
player.licenses4.me
tracker.arc.io
139.45.195.8
139.45.197.151
139.45.197.239
143.204.98.14
143.204.98.17
18.223.141.84
192.243.59.12
192.243.59.13
192.243.59.20
192.99.8.34
2001:4de0:ac18::1:a:1b
23.109.87.67
2600:9000:2156:de00:d:37cd:ccc0:21
2606:4700:3030::ac43:dadd
2606:4700:3034::6815:3895
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:5c06
2606:4700:e6::ac40:cd1b
2620:1ec:bdf::60
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200d
2a00:1450:4001:82a::2009
2a00:1450:4001:82a::2013
2a00:1450:4001:831::2008
2a00:1450:400e:802::200a
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
2a06:98c1:3121::7
35.190.41.116
46.105.201.240
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
045a182b37de8f8539b2e0213d7d6565228e09b5c6001306487e12c5175aa192
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb
0c2fcc147b9b6b055d2afb0ea591632c23d61ebf898be9468c2a1973e55dd87d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
189101c6dd7e53651648e56cbd4fa1f8b2f05a3eda3b1073c0cb4ac39ed739c1
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
258e3342f44bb682bc3a012bf64e759543fb0dfaaea67c732f3bea0f94bf35d2
28874de1a690991ac52cfae8106472a6e0b0c1c4a06d30c6efe2774d1ab44683
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3bd8bbdeb6eb58f9e6381159e8f2a259b53dc69b6add32bf996765b1c8487916
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471
4b1c19f8a5d0a07a1b2af421b74657e3509f44046d16ac30569fcfc1a0650c18
54790631692557ea161ca3a8a34f82b281f865c7df290a425514fab29f689261
5fa6d7a125605122871b0027ca4111982c3066469cb39647d289cd411c9f3f0b
60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade
6d62a4acf760fe3da610cbb8298ed703a8757fe0329af25b39f0b74f41272ca3
723d219c43255be25ce862a5e9b9467be9606685fa9dd45b57b509e067632108
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
820a8a944c6139b6cf9b5df74db3e639984874df35879f5ea803deca5f2635f2
82fb8e774affe64b182f18f830b64552dcad2453eaa64977b1e4590145b4a086
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
862c8a19133e887922efcd1878fc67439ea730f72d063522af67dfa18c0a7fd3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bdc771b1d18a1131e5e6f500047834c4104add85c9dc1d8ae00f26d0a724105
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
918949f9d5713f7b8184718f52e8d1d8793bfc04d794cf5f1efd18636ca08420
95579c465f4184665c723de91d60b519c61f634e6414d4911963df2d7518a2d0
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b9e508cc2a459b49f3b45eb5f320f056183b1691cbd5c9cda2f86b8a683dbd6
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff
a8701b352e5cd47e9f272ed876b05ff22da5b74a06cc7a8b979e483ac95a103f
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c12688e699c922439ef461e2af6c153c7c5f6be13588248e3f2095172033f3d1
c2bf26771ea7f60b2ca0d9e62e42349d920abc78fa993c9e7cf7312c0ab231da
c36cceec33ad901422b48b69d2209b9d5e3ef1def1daf50ec22e9a6b110069b4
c5ce0b4ba91605fa069cf1e11dcc84e4ab570784e90785077f7b7f16d73b45fd
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d87827dcefa63bdd3736d9bed3670950016c4c633daa9df58f23115406870653
df8c0be5093dc6cb45714059744d01c054560f15e360f2973ed2e647e4948194
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99029900756f083bd2e1bea4cf6c17e3fd9b93252f4c8f17c06232978ba86bd
ede777ff1a1db097d4ff59e47bf648597dae763c9c6d058ce52126b9fdc0c7e0
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f5237a5fcd678785eead3b7a5d59c30f3bd9e359f79b99d3e60906364d0f39fc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7
fa50f20a763ea22fb2ecd1a9c11e73c2388661ead306191d2ebab78a90a4fc0a
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

www.marchmadness.cf Open in urlscan Pro 2a00:1450:4001:82a::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

81 %HTTPS

62 %IPv6

35 Domains

42 Subdomains

35 IPs

7 Countries

1181 kBTransfer

3356 kBSize

16 Cookies

8 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.marchmadness.cf Open in urlscan Pro
2a00:1450:4001:82a::2013 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

81 %
HTTPS

62 %
IPv6

35
Domains

42
Subdomains

35
IPs

7
Countries

1181 kB
Transfer

3356 kB
Size

16
Cookies

89 HTTP transactions
10 data transactions