www.marchmadness.cf Open in urlscan Pro
2a00:1450:4001:829::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.marchmadness.cf/
Submission: On February 28 via manual (February 28th 2022, 5:20:02 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 17 domains to perform 50 HTTP transactions. The main IP is 2a00:1450:4001:829::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.marchmadness.cf.

This is the only time www.marchmadness.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2009	15169 (GOOGLE) (GOOGLE)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3030::ac43:9738	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
50	17

2 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.marchmadness.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16173508.profitabletrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16173508.trustedgatetocontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.displayformatcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16173520.profitabletrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.effectivedisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

sawlive.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sawlive.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

static.sawlive.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.sawlive.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:9738 (United States)

ASN13335 (CLOUDFLARENET, US)

achcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	sawlive.tv sawlive.tv — Cisco Umbrella Rank: 910448 www.sawlive.tv static.sawlive.tv st.sawlive.tv	9 KB
6	blogger.com www.blogger.com — Cisco Umbrella Rank: 9282	171 KB
5	achcdn.com achcdn.com — Cisco Umbrella Rank: 178571	37 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 86	151 KB
3	histats.com s10.histats.com — Cisco Umbrella Rank: 17271 s4.histats.com — Cisco Umbrella Rank: 14990	12 KB
3	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 53428	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	257 KB
3	profitabletrustednetwork.com pl16173508.profitabletrustednetwork.com pl16173520.profitabletrustednetwork.com
2	effectivedisplaycontent.com www.effectivedisplaycontent.com — Cisco Umbrella Rank: 122110
2	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 13126	1 KB
2	displayformatcontent.com www.displayformatcontent.com — Cisco Umbrella Rank: 637025
2	trustedgatetocontent.com pl16173508.trustedgatetocontent.com
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	34 KB
2	marchmadness.cf www.marchmadness.cf	13 KB
1	googleusercontent.com themes.googleusercontent.com — Cisco Umbrella Rank: 8184	53 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	658 B
0	Failed function sub() { [native code] }. Failed
50	17

	Domain	Requested by
6	www.blogger.com	www.marchmadness.cf apis.google.com www.blogger.com
5	achcdn.com	www.sawlive.tv achcdn.com
5	apis.google.com	www.marchmadness.cf apis.google.com www.blogger.com
3	youradexchange.com	achcdn.com
3	cdn.jsdelivr.net	www.marchmadness.cf www.sawlive.tv
2	s10.histats.com	www.marchmadness.cf s10.histats.com
2	www.effectivedisplaycontent.com	www.marchmadness.cf
2	www.sawlive.tv	sawlive.tv www.sawlive.tv
2	sawlive.tv	www.marchmadness.cf www.sawlive.tv
2	resources.blogblog.com	www.blogger.com
2	www.displayformatcontent.com	www.marchmadness.cf
2	pl16173520.profitabletrustednetwork.com	www.marchmadness.cf
2	pl16173508.trustedgatetocontent.com	www.marchmadness.cf
2	ajax.googleapis.com	www.marchmadness.cf www.sawlive.tv
2	www.marchmadness.cf	www.marchmadness.cf
1	s4.histats.com	s10.histats.com
1	st.sawlive.tv	www.sawlive.tv
1	static.sawlive.tv	www.sawlive.tv
1	themes.googleusercontent.com	www.marchmadness.cf
1	pagead2.googlesyndication.com	www.marchmadness.cf
1	pl16173508.profitabletrustednetwork.com	www.marchmadness.cf
0	198.144.159.43 Failed	cdn.jsdelivr.net
50	22

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.histats.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://www.marchmadness.cf/
Frame ID: 299A8111984584B09EFDBB21E6FEAD9B
Requests: 29 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Frame ID: E3A04D238EFD073C84929CFAA82B8F05
Requests: 5 HTTP requests in this frame

Frame: http://sawlive.tv/watch/8589958ca28d8393879983bdc2c5ceceb8d4bcca.html
Frame ID: A1C12E3CEA552C4ED7D8D3D0EF80E29C
Requests: 2 HTTP requests in this frame

Frame: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Frame ID: CA4EEFC32EB9A663503A58EA9379098F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MarchMadness - NCAA Basketball

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

40 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

17
IPs

5
Countries

740 kB
Transfer

1983 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=6938280312169292564&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=6938280312169292564&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=6938280312169292564&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=6938280312169292564&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3521924214032210314&postID=6938280312169292564&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=1875197&ccid=326

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.marchmadness.cf/ 39 KB
10 KB 426ms
359ms Document
text/html 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42191fc46299e6e0157517424c9c726cad81ba8ac4fe547a57a66072a6553610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Mon, 28 Feb 2022 17:19:55 GMT
Date: Mon, 28 Feb 2022 17:19:55 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 27 Feb 2022 18:47:11 GMT
ETag: W/"4ee8e56f0de90b04ff46fcc755a749eb5ab20949b87185ae69c3e8a7f0cae0ef"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10027
Server: GSE

GET
H2 200 1529571102-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 150ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 13:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7804
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:16:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 24 Feb 2023 13:49:21 GMT

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.profitabletrustednetwork.com/94/f0/f9/ 0
0 867ms
106ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.profitabletrustednetwork.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 15:43:48 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ 517 KB
126 KB 48ms
29ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1283003
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19161-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e4b5212bff29214-FRA

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/clappr.level-selector/latest/ 9 KB
3 KB 36ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1282997
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e4b5212bff69214-FRA

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 152ms
70ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0XY7fs6Ke4WqUXp0Vqm1/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c287f014806a9e4c693e7509987366ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-0XY7fs6Ke4WqUXp0Vqm1/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 28 Feb 2022 17:19:55 GMT

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.trustedgatetocontent.com/94/f0/f9/ 0
0 900ms
434ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:56 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden a1eb6966033e68be718e2e6224746bd0.js
pl16173520.profitabletrustednetwork.com/a1/eb/69/ 0
0 747ms
109ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:55 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK cookienotice.js Show response
www.marchmadness.cf/js/ 6 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.marchmadness.cf/js/cookienotice.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:16:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 83011
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2026
X-XSS-Protection: 0
Last-Modified: Sun, 27 Feb 2022 16:50:49 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sun, 06 Mar 2022 18:16:25 GMT

GET
H2 200 3820152532-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
155 KB 153ms
42ms Script
text/javascript 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3820152532-widgets.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28874de1a690991ac52cfae8106472a6e0b0c1c4a06d30c6efe2774d1ab44683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 01:57:16 GMT
x-content-type-options: nosniff
age: 487359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158520
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 00:56:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Feb 2023 01:57:16 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 133ms
133ms Stylesheet
text/css 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3521924214032210314&zx=8cafad31-d097-49db-bbc6-0cc149f70e81

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Feb 2022 17:19:56 GMT
server: GSE
date: Mon, 28 Feb 2022 17:19:56 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 150 KB
52 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 05:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52422
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 05:06:47 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 52 KB
16 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_1?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16753
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:36:09 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 72ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 11:08:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 22306
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Mon, 14 Mar 2022 11:08:10 GMT

GET
H/1.1 200
OK image
themes.googleusercontent.com/ 52 KB
53 KB 112ms
62ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNzE5NTg3YzUtMGU0Mi00OWQ3LTg2NjUtODk1OGVlMjg1YjZj

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:56 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: private, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.png"
Timing-Allow-Origin: *
Content-Length: 53665
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/ 0
0 710ms
602ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:56 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame E3A0 7 KB
3 KB 144ms
144ms Document
text/html 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5feccb911ef30a5bc631fc58dc1796c065835ca131ff459a2e6f69b630431c3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Feb 2022 17:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2593
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 563ms
563ms Stylesheet
text/css 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3521924214032210314&zx=8cafad31-d097-49db-bbc6-0cc149f70e81

Requested by

Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Feb 2022 17:19:56 GMT
server: GSE
date: Mon, 28 Feb 2022 17:19:56 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame E3A0 53 KB
20 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36cceec33ad901422b48b69d2209b9d5e3ef1def1daf50ec22e9a6b110069b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20539
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 28 Feb 2022 17:19:56 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "611cd9fe546d4a44"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Feb 2022 17:19:56 GMT

GET
H2 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame E3A0 907 B
1021 B 52ms
37ms Image
image/png 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:24:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 22:50:50 GMT
server: sffe
age: 525333
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Mar 2022 15:24:23 GMT

GET
H2 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame E3A0 117 B
255 B 51ms
36ms Image
image/png 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 06:04:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 18:55:20 GMT
server: sffe
age: 472548
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 02 Mar 2022 06:04:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ Frame E3A0 128 KB
42 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 21:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 21:45:26 GMT

GET
H/1.1 200
OK 8589958ca28d8393879983bdc2c5ceceb8d4bcca.html Show response
sawlive.tv/watch/ Frame A1C1 290 B
866 B 131ms
115ms Document
text/html 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sawlive.tv/watch/8589958ca28d8393879983bdc2c5ceceb8d4bcca.html
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: d978e25cc83b38ba558b2d7a77c48dd67cad39c67b36863d1981c257d209bf1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fm7yTl6ZqC7MwhvjwAYAvK0px%2FGqoGCxMbTB9Cp6HDqywUS%2BXki5v2XZakahr%2FeTPQhfQusmyJJpjARVw%2B1RlNd%2B4fn04%2BDLhZrRbRpNd4SwzN2r5EawvsLNQBr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e4b521cdd389128-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden 94f0f90a8bf602c100c24d77e287c361.js
pl16173508.trustedgatetocontent.com/94/f0/f9/ 0
0 403ms
403ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK untrecge Show response
www.sawlive.tv/embed/ Frame A1C1 11 KB
2 KB 199ms
182ms Script
text/html 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sawlive.tv/embed/untrecge
Requested by: Host: sawlive.tv
URL: http://sawlive.tv/watch/8589958ca28d8393879983bdc2c5ceceb8d4bcca.html
Protocol: HTTP/1.1
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: f59461cac237c8e9a86ec477cdb7add5cbc356a49c10a60d871e24624415f1b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sawlive.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaVm6WRhjbc85K2jtiXKVjEfV8lb72N6Nscu%2BwYTtdqbCQ2SzE7edz79bQOrP02kSG0Y8nEn8JEO4zVt1xguc5y0aK%2FV1Tg%2B1Fe%2FMVRD3KlkUUpR2L8Lxq5zupZ8%2FxunCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Connection: keep-alive
CF-RAY: 6e4b521db963903d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW Show response
www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/ Frame CA4E 4 KB
2 KB 125ms
124ms Document
text/html 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Requested by: Host: www.sawlive.tv
URL: http://www.sawlive.tv/embed/untrecge
Protocol: HTTP/1.1
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 93a9255d4f1664cf7d6e1fe4eb0172acd033ec78ab6ccafd762f786496a81b67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://sawlive.tv/

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GHndc8Xcfg4K1qsQeekc1Ze6PZ%2BX7dFlHz%2BYqqbMLF1K5fLUCKq63FNnBirvSfmtQ2uluS%2BGqesOnHhit7JseEx8T1d5RX81tuH342%2BWpdQdI%2FGKxd04tmSF%2FBgyfYWoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e4b521efc0d903d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 37ms
37ms Image
image/png 2a00:1450:4001:82b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/1529571102-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:07:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 22:50:50 GMT
server: sffe
age: 526354
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 01 Mar 2022 15:07:23 GMT

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/ 0
0 194ms
103ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ey.js Show response
sawlive.tv/ Frame CA4E 23 B
769 B 17ms
16ms Script
application/javascript 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sawlive.tv/ey.js
Requested by: Host: www.sawlive.tv
URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Protocol: HTTP/1.1
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247216cca8e376cf9555456f2ea843a5247aac02e9cc07aa9afb325d6aaddef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3332
Cf-Polished: origSize=25
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23
last-modified: Sun, 02 Dec 2018 03:03:29 GMT
Server: cloudflare
etag: "5c034b81-19"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GG08mLB%2FeDfjTyLWQ1PQcnlhb6Tw8vbHCRMPUh9qkSNlfWSIwWY4tLShEiLL0syoDWz%2BIWIh2%2FQx%2Bkhj2jSnu2aNd6zpzPrv9XT66ui8J3r5dS17C2z62OQ9nmNx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Accept-Ranges: bytes
CF-RAY: 6e4b521fce519128-FRA
Cf-Bgj: minify

GET
H3 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ Frame CA4E 10 KB
4 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: www.sawlive.tv
URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 15:08:02 GMT

GET
H/1.1 200
OK close.png
static.sawlive.tv/images/ Frame CA4E 1 KB
2 KB 58ms
38ms Image
image/png 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.sawlive.tv/images/close.png
Requested by: Host: www.sawlive.tv
URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Protocol: HTTP/1.1
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f00c66e41bc7c7aacba7f28f112532f696c71b22aef2c5cf489b182453c8d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 382409
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1184
pragma: public
last-modified: Tue, 03 Apr 2018 21:47:21 GMT
Server: cloudflare
etag: "5ac3f669-4a0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APz59GL6ZMPiUks3SLnwfrid%2F2QSo6LHwosQdH81SGIssQoI1YLWoya10cAJ3%2FaS%2FdpC5R3fveWEH54Nr%2BdZ4afdriwDiEkV2tt8O%2FTEdh94BvpD%2FDedkqEMk7n1EB7H1n42KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000, public
Accept-Ranges: bytes
CF-RAY: 6e4b52207f189bf8-FRA
expires: Sat, 26 Mar 2022 07:06:28 GMT

GET
H3 200 clappr.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/ Frame CA4E 470 KB
128 KB 39ms
27ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr@latest/dist/clappr.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29677
x-jsd-version: 0.4.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e4b521ffb769b33-FRA

GET
H/1.1 200
OK gip.php
st.sawlive.tv/ Frame CA4E 2 B
690 B 60ms
43ms Image
text/html 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.sawlive.tv/gip.php?sid=902793ae3c5f54785e32f032a0d324cb&a=6a616e657a65736561&g=5345
Requested by: Host: www.sawlive.tv
URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Protocol: HTTP/1.1
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: PHP/7.0.33
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQC3LCdsdotK1WD0ZjD3jdx3%2BDh5RtpEqw2PCcAFir1v9C9ih%2Feqmc3tEreV4MSD7pO4%2BdUlqj1baagKEJpKWoryOCMKDzP7mx5MIK6OqdIsILX%2BbN6CUT3%2BbZZ0eTWd"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 6e4b52207885912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK atg.js Show response
achcdn.com/script/ Frame CA4E 20 KB
7 KB 38ms
22ms Script
text/javascript 2606:4700:3030::ac43:9738
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://achcdn.com/script/atg.js
Requested by: Host: www.sawlive.tv
URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9738 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8138fec83c72930677cb43c8e35f4dd3b705ccbcca5e4feb475cd8abb55527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=tsh+hA==, md5=GRsxkJ/79LDZuGOj2pUhEQ==
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1628
X-GUploader-UploadID: ADPycduQLeKveeSjHxq9lwDjeq8i-r0qGchITfUgEblrCU9xd4uwBja3Go2bGhTgbCTU2pITVG-EbKgAw5rhUcvTjKRYlBvEbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Tue, 15 Feb 2022 10:17:53 GMT
Server: cloudflare
ETag: W/"191b31909ffbf4b0d9b863a3da952111"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j80vDFWthlSPzxNkMtBmBXN%2Bu5n16VjPV0Ld9px5gxC1qw2qLLbJMVa2abOR3BE9tuTnFNJlxv%2BdgZZVX22fOnz2zwAtMry2YJh4jZMsgtDA8h%2B3RVT0h9TskpagSWq%2FTIlNEHT1wKfd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644920273932391
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 20332
CF-RAY: 6e4b52206c229073-FRA
Expires: Mon, 28 Feb 2022 16:57:56 GMT

GET
H/1.1 403
Forbidden invoke.js
www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/ 0
0 325ms
325ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ut.js Show response
achcdn.com/script/ Frame CA4E 15 KB
6 KB 19ms
19ms Script
text/javascript 2606:4700:3030::ac43:9738
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://achcdn.com/script/ut.js?cb=1646068797559
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9738 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2302
x-guploader-uploadid: ADPycdtJs7aA77jb9h2SZtczLdMpBOkBinRizldp_CwZAFLgx2kie-q7VuhxycJ99buurkHhmSuMbBDr3tV6YLEel1H-ng0L0g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Feb 2022 12:22:51 GMT
Server: cloudflare
etag: W/"1e3e1b7d88d8f85d315c97184a256f79"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGAovBlVhehBuIzRIfSiATvtt6Ly1ImiZQY0%2BK44htHvRGfatdPTpuOxx5eHeXjuUv8qfo4AgxMCEADoVlYg0C76xqhgTm43WLqXDx7b202CqhxI0BoECWFW1hWvVRnAaWtoGFfMRkZP"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643890971548728
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 15378
CF-RAY: 6e4b5220cd089073-FRA
expires: Mon, 28 Feb 2022 16:49:55 GMT

GET
H/1.1 200
OK czcf.php Show response
youradexchange.com/ad/ Frame CA4E 687 B
545 B 145ms
122ms Fetch
text/html 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/ad/czcf.php?cz=rsw3tbun
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 5fdae04dcc824c6b7b9efea8cb94e14b083ace2b32a04432b87e050e7af14c02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: text/html; charset=utf-8

GET playlist.m3u8
198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/ Frame CA4E 0
0

GET
H/1.1 200
OK ippg.js Show response
achcdn.com/script/ Frame CA4E 24 KB
7 KB 15ms
15ms Script
text/javascript 2606:4700:3030::ac43:9738
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://achcdn.com/script/ippg.js
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9738 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfe061961598630e5bf9f8b1eaa8743aa6021e577202d8fc5b9bdec1d558c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=4JTy+Q==, md5=P2n+H59rQ7fJLLS5WL5PfA==
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1605
X-GUploader-UploadID: ADPycdt_gqvj54owJ-bNw-eD4HZZLWeTBxq3qLNQqA9Mwisx5KkUwt3w6hq1W8ij5Lp05IUL8yqGs-6fS0rvmJG6juVTbPWNJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 10 Feb 2022 09:20:35 GMT
Server: cloudflare
ETag: W/"3f69fe1f9f6b43b7c92cb4b958be4f7c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyMZZ16imDEwjSfhGh0BmhuJxmvX3S8tXVSBoCNJwPiSWG7uBaLIezhJhpLqobCHim0%2BcFQpT8pnDTBLRd%2BpU8U7C3LbSCjD8l%2B4Ou0I9Z3FKw%2FxjNXH2uWUhL1n%2BYWc7r6bHo%2BYYt9F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644484835685124
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 24109
CF-RAY: 6e4b5221af419073-FRA
Expires: Mon, 28 Feb 2022 17:48:49 GMT

GET
H/1.1 200
OK intrf.js Show response
achcdn.com/script/ Frame CA4E 29 KB
9 KB 36ms
30ms Script
text/javascript 2606:4700:3030::ac43:9738
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://achcdn.com/script/intrf.js
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9738 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380bb142417ceb5586e653262f0bbfd62298a6df3c44a764c2e4439374ea8748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=s0obiA==, md5=6IpwNTGocQsSLuk/AkeXJw==
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1369
x-guploader-uploadid: ADPycdstQ_VkG4q_No2KWH_cH5cn4RFPoF6DNR2k4RtB6_ul0Am-TY8MFoi5ZkmCa1wSCQXJWQhg2XwawsXB_4Dm94YyZAfoPQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 13:28:39 GMT
Server: cloudflare
etag: W/"e88a703531a8710b122ee93f02479727"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3Sv27wCgN9MmOI06Vsj4XLFf7nNPxUraYmNqv2Q045MEdCNqLIutMPhtjhZIJfWmn5XlZ97T6fSBHhzT%2BgP1pEfQMByvsuWiSgVEqJJpgIMz2HkUSWU6cEa0KKsWcdRSCo07qL1bplf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644240519533349
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 29357
CF-RAY: 6e4b5221b98e9072-FRA
expires: Mon, 28 Feb 2022 17:20:17 GMT

GET
H/1.1 200
OK suv4r.js Show response
achcdn.com/script/ Frame CA4E 23 KB
8 KB 30ms
24ms Script
text/javascript 2606:4700:3030::ac43:9738
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://achcdn.com/script/suv4r.js
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:9738 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c1281acff81e3fa063e41a7235fa52017c452027613ba938fff929333156be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=cs3z8A==, md5=jgCxTUvd34UdcSN8Bbf3dw==
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1264
x-guploader-uploadid: ADPycduWqPR7u3k-yae5Xe3oXP-4QFVIxc4rsrtStmNbdYtMu8JQZ2oOgEsFLyV2nuEhYqHPjXgSM3pgEGjQ7wzIQWbXKknSdw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 13:32:27 GMT
Server: cloudflare
etag: W/"8e00b14d4bdddf851d71237c05b7f777"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr6E%2F9CRMBnIY4rk2x%2Fe%2FbUHd7MjbN7zEXJcInl6XayVyiHZoU0A7zVEhj%2Beze%2FOyixk0gPyWL%2BUw5MMlzb8qihtX%2FtscyoHxAqdxgmS2sYck6oZl%2BLfShmh6pWKoFsU7xnnqg%2FohhYo"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644240747771232
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 23153
CF-RAY: 6e4b5221ba669061-FRA
expires: Mon, 28 Feb 2022 17:52:36 GMT

GET
H/1.1 204
No Content push.php
youradexchange.com/script/ Frame CA4E 0
0 122ms
122ms Fetch 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/push.php?r=4424687&ipp=1&mads=2&position=top&czid=rsw3tbun&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=http://sawlive.tv/&cbref=
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/ippg.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Via: 1.1 google
Server: openresty

GET
H/1.1 200
OK suurl4.php Show response
youradexchange.com/script/ Frame CA4E 968 B
1008 B 197ms
183ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/suurl4.php?r=4424675&atag=1&czid=rsw3tbun&cbur=0.697432165118197&cbiframe=1&cbWidth=685&cbHeight=455&cbtitle=&cbpage=http%3A%2F%2Fsawlive.tv%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=3&seqid=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
Requested by: Host: achcdn.com
URL: http://achcdn.com/script/suv4r.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 8d06e30b61f30be665a79970f01520772737d99f7f2533780a628c0333cbb021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/json; charset=utf-8

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/ 0
0 117ms
117ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.marchmadness.cf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:57 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden a1eb6966033e68be718e2e6224746bd0.js
pl16173520.profitabletrustednetwork.com/a1/eb/69/ 0
0 104ms
104ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Feb 2022 17:19:58 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 35ms
9ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.marchmadness.cf
URL: http://www.marchmadness.cf/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:17:22 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42475
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: B9D59BA5:AA7E_2E69C9F0:0050_621D043E_215104:2F0EE
content-length: 4547
x-request-id: 1006927973

GET
H/1.1 200
OK 1875197.php Show response
s4.histats.com/stats/ 106 B
241 B 301ms
96ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/1875197.php?1875197&@f16&@g1&@h1&@i1&@j1646068798140&@k0&@l1&@mMarchMadness%20-%20NCAA%20Basketball&@n0&@o1000&@q0&@r0&@s326&@ten-US&@u1600&@b1:-33189567&@b3:1646068798&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.marchmadness.cf%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 601485c9929561b7766272a6ef892e82ce30951bd5e1c15bb5e2343016d51d48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:19:58 GMT
Connection: close
Content-Length: 106
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_326.js Show response
s10.histats.com/counters/ 17 KB
7 KB 30ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_326.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0c2fcc147b9b6b055d2afb0ea591632c23d61ebf898be9468c2a1973e55dd87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:13:26 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-1873012977"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 6470
x-request-id: 593365271

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d87827dcefa63bdd3736d9bed3670950016c4c633daa9df58f23115406870653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.marchmadness.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET playlist.m3u8
198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/ Frame CA4E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 198.144.159.43
URL: http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8

Domain: 198.144.159.43
URL: http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:37:59	Name: NID Value: 511=OASy7gn5_VSG5mzBFXhv2gMM5Mcl2F6a-UL_hNY4jCBgVOhMUyFfC5C46cLMXi-xHLj3dE9LRnyKCacQoiU0K6iOVpLAyKVip488ltzdb-8GJbgL_leE2rCVYlXdDa-WV6nKhCaWrfaiBfz2hQpGDA3zK7zCUXbcNASyedsdsCI
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstCfa1875197 Value: 1646068798140
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstCla1875197 Value: 1646068798140
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstCmu1875197 Value: 1646068798140
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstPn1875197 Value: 1
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstPt1875197 Value: 1
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstCnv1875197 Value: 1
www.marchmadness.cf/	1970-01-20 10:00:04	Name: HstCns1875197 Value: 1

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173508.profitabletrustednetwork.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 744) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 744) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fwww.marchmadness.cf&pfname=&rpctoken=14027480(Line 24) Message: Mixed Content: The page at 'https://www.blogger.com/navbar.g?targetBlogID=3521924214032210314&blogName=MarchMadness+-+NCAA+Basketball&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.marchmadness.cf/search&blogLocale=en&v=2&homepageUrl=http://www.marchmadness.cf/&vt=-3843766503127958967&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fwww.marchmadness.cf&pfname=&rpctoken=14027480' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.marchmadness.cf/search'. This endpoint should be made available over a secure connection.
network	error	URL: http://www.displayformatcontent.com/eb145779fb4b2b66c172268fb3f53282/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173508.trustedgatetocontent.com/94/f0/f9/94f0f90a8bf602c100c24d77e287c361.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 825) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 825) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.effectivedisplaycontent.com/e1059f91af22282e16b88675d4a51a6a/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 851) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 851) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW Message: Access to XMLHttpRequest at 'http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8' from origin 'http://www.sawlive.tv' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://www.displayformatcontent.com/83de4b3403a9279df5882fa82018ba4d/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://www.marchmadness.cf/(Line 865) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.marchmadness.cf/(Line 865) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.effectivedisplaycontent.com/980a0898511b31fbee35249ef3444566/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl16173520.profitabletrustednetwork.com/a1/eb/69/a1eb6966033e68be718e2e6224746bd0.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: http://www.sawlive.tv/embedm/stream/JyYzM4N1hiVnA0cUtLYzEybFdjcXJRejYxcGlYYmNvcUd1bFZseHJaNmJxSm1LY0t1ZA__/bFlaeXJOSEsyR1paY2QyaG5haG5pWFNybnFLcmxWbWwyNlNockpaVWVLbW0wOWVoaW Message: Access to XMLHttpRequest at 'http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8' from origin 'http://www.sawlive.tv' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://198.144.159.43/Gz6qSGCNvlWmhe76F_mzsA/1646097597/3138352e3231332e3135352e313635/ff14/playlist.m3u8 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

198.144.159.43
achcdn.com
ajax.googleapis.com
apis.google.com
cdn.jsdelivr.net
pagead2.googlesyndication.com
pl16173508.profitabletrustednetwork.com
pl16173508.trustedgatetocontent.com
pl16173520.profitabletrustednetwork.com
resources.blogblog.com
s10.histats.com
s4.histats.com
sawlive.tv
st.sawlive.tv
static.sawlive.tv
themes.googleusercontent.com
www.blogger.com
www.displayformatcontent.com
www.effectivedisplaycontent.com
www.marchmadness.cf
www.sawlive.tv
youradexchange.com
198.144.159.43
158.69.251.190
188.114.96.7
188.114.97.7
192.243.59.12
192.243.59.13
192.243.59.20
2606:4700:3030::ac43:9738
2606:4700::6810:5714
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2013
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2009
2a00:1450:4001:830::200a
35.190.41.116
46.105.201.240
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0bcd5919bf34c7672ee85e44fd8c6a695a7ffbdd2126f4e54caecca5ca6996eb
0c2fcc147b9b6b055d2afb0ea591632c23d61ebf898be9468c2a1973e55dd87d
0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
247216cca8e376cf9555456f2ea843a5247aac02e9cc07aa9afb325d6aaddef8
24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a
28874de1a690991ac52cfae8106472a6e0b0c1c4a06d30c6efe2774d1ab44683
2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
380bb142417ceb5586e653262f0bbfd62298a6df3c44a764c2e4439374ea8748
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
42191fc46299e6e0157517424c9c726cad81ba8ac4fe547a57a66072a6553610
5e8138fec83c72930677cb43c8e35f4dd3b705ccbcca5e4feb475cd8abb55527
5fdae04dcc824c6b7b9efea8cb94e14b083ace2b32a04432b87e050e7af14c02
5feccb911ef30a5bc631fc58dc1796c065835ca131ff459a2e6f69b630431c3d
601485c9929561b7766272a6ef892e82ce30951bd5e1c15bb5e2343016d51d48
60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade
63f00c66e41bc7c7aacba7f28f112532f696c71b22aef2c5cf489b182453c8d0
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f
8d06e30b61f30be665a79970f01520772737d99f7f2533780a628c0333cbb021
93a9255d4f1664cf7d6e1fe4eb0172acd033ec78ab6ccafd762f786496a81b67
a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff
a9c1281acff81e3fa063e41a7235fa52017c452027613ba938fff929333156be
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bdfe061961598630e5bf9f8b1eaa8743aa6021e577202d8fc5b9bdec1d558c94
c36cceec33ad901422b48b69d2209b9d5e3ef1def1daf50ec22e9a6b110069b4
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
d87827dcefa63bdd3736d9bed3670950016c4c633daa9df58f23115406870653
d978e25cc83b38ba558b2d7a77c48dd67cad39c67b36863d1981c257d209bf1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59461cac237c8e9a86ec477cdb7add5cbc356a49c10a60d871e24624415f1b8

www.marchmadness.cf Open in urlscan Pro 2a00:1450:4001:829::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

40 %HTTPS

50 %IPv6

17 Domains

22 Subdomains

17 IPs

5 Countries

740 kBTransfer

1983 kBSize

8 Cookies

8 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.marchmadness.cf Open in urlscan Pro
2a00:1450:4001:829::2013 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

40 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

17
IPs

5
Countries

740 kB
Transfer

1983 kB
Size

8
Cookies

50 HTTP transactions
2 data transactions