taraftariummp.cc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://taraftariummp.cc/
Submission: On November 29 via api (November 29th 2023, 5:11:26 pm UTC) from US — Scanned from NL

Summary HTTP 40 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 40 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is taraftariummp.cc.

This is the only time taraftariummp.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3031::6815:5bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:3284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	8

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

taraftariummp.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::6815:5bb2 (United States)

ASN13335 (CLOUDFLARENET, US)

ddt21.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3284 (United States)

ASN13335 (CLOUDFLARENET, US)

7.at23.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	4 MB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	151 KB
7	ddt21.one ddt21.one	253 KB
4	taraftariummp.cc taraftariummp.cc	50 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 28950 whos.amung.us — Cisco Umbrella Rank: 16137	7 KB
1	at23.one 7.at23.one	910 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	88 KB
40	7

	Domain	Requested by
13	blogger.googleusercontent.com	taraftariummp.cc ddt21.one
9	cdn.ampproject.org	taraftariummp.cc cdn.ampproject.org
7	ddt21.one	cdn.ampproject.org ddt21.one
4	taraftariummp.cc	taraftariummp.cc
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	ddt21.one
1	7.at23.one	ddt21.one
1	ajax.googleapis.com	ddt21.one
40	8

This site contains links to these domains. Also see Links.

Domain
alliedequine.com
cutt.ly
bit.ly

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ddt21.one GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
at23.one E1	`2023-11-26` - `2024-02-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://taraftariummp.cc/
Frame ID: 7B3700EB6AB514A31C873F9FA986D9B6
Requests: 23 HTTP requests in this frame

Frame: https://ddt21.one/zf/ced2.html
Frame ID: 60B45CB5D3723830A2F3BC602B5AEE77
Requests: 16 HTTP requests in this frame

Frame: https://ddt21.one/oldstreaming/sayacff.html
Frame ID: 5B13CC3D5D1B7CC559474B1417F55FAF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Taraftarium24 | Canlı maç izle | BeinSports İzle

Detected technologies

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

83 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

4173 kB
Transfer

5401 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://alliedequine.com/

Search URL Search Domain Scan URL

URL: https://cutt.ly/Ywk4Rivp

Search URL Search Domain Scan URL

URL: https://cutt.ly/Iwk4RGKM

Search URL Search Domain Scan URL

URL: https://cutt.ly/FwvEbEga

Search URL Search Domain Scan URL

URL: https://bit.ly/canlimacizle2023

Search URL Search Domain Scan URL

URL: https://cutt.ly/NwmvU3no
Title: BONUSUNU AL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
taraftariummp.cc/ 53 KB
14 KB 65ms
35ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://taraftariummp.cc/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a955a36baa94e9dfbf9aa309df2f1d519f6500ff16478e10c06dd62abd3c85b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 4590
CF-Cache-Status: HIT
CF-RAY: 82dc7823c8a50b04-AMS
Cache-Control: max-age=14400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 17:11:20 GMT
Last-Modified: Wed, 29 Nov 2023 15:54:50 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJa8a4uSwP%2FpbUfcaMFWaYwan7q8O1w66Lgcqb%2Bxf1Uw8pUn2Gi5B40%2Fud87KDsQ0l2JDnihxdpfGIWSD1RCDCvcNUUPgruY9yIIvNtnFZIDSx%2BT68Q9JFjArD15e%2Ba%2BncVj3I2BzUt8QVnJaC2Q"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 128ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73067
x-xss-protection: 0
server: sffe
etag: "1283125788d1ffce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1cf00865b3919d58f0663d7f38383f024a30e751f67b7c13f8e17c57a086663

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11517
x-xss-protection: 0
server: sffe
etag: "8281082633213d8c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 127ms
67ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78f07fc9742f1a774613fb4658b18574c379c636d7889e3693539aedd046777a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9641
x-xss-protection: 0
server: sffe
etag: "f4a3e8a2946c4e4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 125ms
65ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb98bb683d7459c6e05ca1e6706e8481acfb1ee333c0701443968a8fb91d5a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "dc263bcdfed9e52e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 140ms
81ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bebb5a3a14000a9c601f0c5b84508fba2e35d68ed495f8bc83edd5336c40735

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8935
x-xss-protection: 0
server: sffe
etag: "1fde9125c05045bb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
9 KB 89ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9533a9eadcb634b238c4679ce01a446b6e1212048c7dc8d0094d2702f1e224a7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8528
x-xss-protection: 0
server: sffe
etag: "5dc7f14927ba2fec"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 17:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32240
x-xss-protection: 0
server: sffe
etag: "6c561bf69fb7c6ef"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Nov 2023 17:11:21 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bba676a9155540ab0b10e5b672609fcf615d90768fce0d3662c6afa5a5bbee34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK taraf.png
taraftariummp.cc/images/ 18 KB
19 KB 30ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://taraftariummp.cc/images/taraf.png
Requested by: Host: taraftariummp.cc
URL: http://taraftariummp.cc/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cffa0930fa4e85ade62308bda023f1ed44bfdc1ab265147ab807bcf699a5f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:11:21 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 127050
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 18567
last-modified: Sat, 11 Nov 2023 15:54:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZm%2BNoM7uFAUSc3che0YWW6EuvW9MMxZZI7%2BozA4VXsykEFXoUO63azVl6L2LWt9iiHrqhpvsa635b%2BzKQ%2Fd69leN8eMsH09A8Zecn0roDhe8Xq5yOoPkWXF72cxYhF00CpQe3w%2FbfVcP5Y7IhZz"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 82dc78261bff0b04-AMS
expires: Tue, 05 Dec 2023 05:53:49 GMT

GET
H2 200 170bahiscom%281%29.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiogQuz637DFH5KzjbQwNeSCah7lyGyTSi65iew9KwGqZ3V57V-qSZDB-VPuVGJSQBApgRYKFhqhlWIQqawBOYGrlAzmN6tW0uh6e_w53v9_hMjgEySINm4Ks0l2F9ir3wA-LNeZsZR2tM8agGC... 3 KB
4 KB 274ms
195ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiogQuz637DFH5KzjbQwNeSCah7lyGyTSi65iew9KwGqZ3V57V-qSZDB-VPuVGJSQBApgRYKFhqhlWIQqawBOYGrlAzmN6tW0uh6e_w53v9_hMjgEySINm4Ks0l2F9ir3wA-LNeZsZR2tM8agGC8pdJgiL9E7cDmQQ5YHCvk7EKqkhoqM0S3qiSZkmGNX1-/s1600/170bahiscom%281%29.webp

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

932d919ca949f3b000e3f7630e67130eb170acb15b61851543a719f6061c1458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v201d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="170bahiscom(1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3339
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 170mario.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLc__kw7usliSybRhwFmoqu-YskyQYOfRAc2rzIpj6E84JvbWanOYulKTS3lH8j-rlrVtUX5TTKgVJzmyibARU54C2kkrwmbU4RMN3rCWXsOkVXTZXWWYFKkGDr58z68Tkj4rq4D_yoOG--vbr... 11 KB
11 KB 320ms
242ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLc__kw7usliSybRhwFmoqu-YskyQYOfRAc2rzIpj6E84JvbWanOYulKTS3lH8j-rlrVtUX5TTKgVJzmyibARU54C2kkrwmbU4RMN3rCWXsOkVXTZXWWYFKkGDr58z68Tkj4rq4D_yoOG--vbrLjUFCoHanI77rhWQQAxhNuvqyNPM5IiXVn7Dh8C4taII/s1600/170mario.jpg

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43e6ea5f77ace35131ead5d233aaf48f9bf2a7c13196411109abb1f120244c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v201a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="170mario.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11508
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 183x65.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0ulYdj8Rrc5H88y8b_yq3orOyjNkf_OYJV1Vmebrjt1ZZyujQbZrjwVmdFJPeiv-JNDxu4CFxaEe05Z6OmFBNSeM_yY1quuD7LB65pJmPV4Q5owk7RoUHEZtLtnLysZdovHsAg8EvpG8HYNT1... 127 KB
127 KB 738ms
659ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0ulYdj8Rrc5H88y8b_yq3orOyjNkf_OYJV1Vmebrjt1ZZyujQbZrjwVmdFJPeiv-JNDxu4CFxaEe05Z6OmFBNSeM_yY1quuD7LB65pJmPV4Q5owk7RoUHEZtLtnLysZdovHsAg8EvpG8HYNT13dEnDaQwlrxmfL7DRIMy2NJpNjh_EsVN3vX0BqKWM2Sw/s1600/183x65.gif

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ddd938fb69faecf9d983fdf1d8eeaa1525f2572e59860bd6e3f6af8c945511aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v23f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="183x65.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129612
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 tarafbet.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiTIkeiBoM3LR9FwBiGz_3PrihF4wZOot0YvcKjoaB7r8a8YEGQC3ThCzfMSYDdfqMc0wx3O_6fRtfr6ripocxnIWj_Be3Kq-mq-V5dquYyB8lzNiUl-ApfcJfKWMAjPEtaQAENhOqQTsENzzJ... 41 KB
41 KB 275ms
197ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiTIkeiBoM3LR9FwBiGz_3PrihF4wZOot0YvcKjoaB7r8a8YEGQC3ThCzfMSYDdfqMc0wx3O_6fRtfr6ripocxnIWj_Be3Kq-mq-V5dquYyB8lzNiUl-ApfcJfKWMAjPEtaQAENhOqQTsENzzJ4a3Mdeg0cT0eH-LbQmAjPuIqU4fTW7OfRXCmCQTDfyEf/s1600/tarafbet.webp

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7d05332916d0dd6938a33b546d57f30c65610981c923789ebfdbd44d14a8a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v200d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tarafbet.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42257
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 bahiscom-bonus.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiptSg9145Xe-i2l8LmPj2-vHEWmv091gPe4xXyNsflAMCU3Pv9cDvxMBlIWG9yzFKooNXXnC0EPn55xRIAl1IbFuwHVAbVNfLUpUEulBb1Ah2vntnlbDxNbvcrk2dF4OkJj9d-IG2j2CZiWMeY... 8 KB
8 KB 323ms
245ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiptSg9145Xe-i2l8LmPj2-vHEWmv091gPe4xXyNsflAMCU3Pv9cDvxMBlIWG9yzFKooNXXnC0EPn55xRIAl1IbFuwHVAbVNfLUpUEulBb1Ah2vntnlbDxNbvcrk2dF4OkJj9d-IG2j2CZiWMeYXc11Oiqql-eY1jS8s8xz5iAEVllqu_5jJ8Wz1zt2BSIQ/s1600/bahiscom-bonus.webp

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3dcf03c0ad936c561eae6593b043421a6e9a9a162645255c6a4fd24175ff08b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2015"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bahiscom-bonus.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8094
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 marionet-splash.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCrogcqqTiFNOnNLZvS6_jhu2yYDUj26yvCtNUkEnUNidfSsbVRtrUksfWRyKYGc4VosGxMi6XtRUS1HKq6J-nfjdGW-24393An-OIMdoWCLqvvCNAN_xdmqtlaNQoE12UvqCk8gP_qLoqDtJD... 2 MB
2 MB 369ms
291ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCrogcqqTiFNOnNLZvS6_jhu2yYDUj26yvCtNUkEnUNidfSsbVRtrUksfWRyKYGc4VosGxMi6XtRUS1HKq6J-nfjdGW-24393An-OIMdoWCLqvvCNAN_xdmqtlaNQoE12UvqCk8gP_qLoqDtJD5PPKENlZLrW4xJuipAm-N8KIuUv7Kc3z_Jh-msJTI3J-/s1600/marionet-splash.webp

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

19766704490377142694e4f6ec7f61bc467c61c34313987c6f147e5fd9eccf69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2016"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marionet-splash.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2329644
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 splash-taraf.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzJ3DgKwRRNYK-mpMenXrtXs2AoBsk62TriVX8F68NyYZtytJ8As6ebB9oMDoKv0acVSUm43Ro1bueE_lDBs7lOiuluXpIppLt6GysxFFC102AuaO5pLt1BKRq9NJiOaIFapWBGKZsHptoModL... 283 KB
283 KB 300ms
224ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzJ3DgKwRRNYK-mpMenXrtXs2AoBsk62TriVX8F68NyYZtytJ8As6ebB9oMDoKv0acVSUm43Ro1bueE_lDBs7lOiuluXpIppLt6GysxFFC102AuaO5pLt1BKRq9NJiOaIFapWBGKZsHptoModLq3EcEDn_Y_syuQav0XlsHk0XXkzozG900m9li-aaNXHY/s1600/splash-taraf.webp

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad9ae75c9b6f5f1484a009f2952a9fddb41aae7ffd3c13ba6bf20a9216ecc9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2017"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="splash-taraf.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289628
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 728x90.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsyRqa72GN4w7areLSxeL1AJbYp07OwUREknTRHCk3Iu_R_yIsoixRvrkfk8TH6Pc2U6NCspLtYvU31OGc7eiqAPEbPwX5jBj21IJRThxJeFKSbxuIWc6RjABbJ2vz9uMzehDXypcKHCohMKqX... 395 KB
395 KB 357ms
281ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsyRqa72GN4w7areLSxeL1AJbYp07OwUREknTRHCk3Iu_R_yIsoixRvrkfk8TH6Pc2U6NCspLtYvU31OGc7eiqAPEbPwX5jBj21IJRThxJeFKSbxuIWc6RjABbJ2vz9uMzehDXypcKHCohMKqXO-hB2gi9rIa2JqjSGWKBGWjJe72fF4axhlD2bcBPmWyp/s1600/728x90.gif

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ebf475fb0af2d81ab1ef6c92c6830bbd32aa13a6f90daaf03eb77db453823ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v241"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404638
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 728x90GIF.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHNU9UUaQOBe5aZRgZhpJGWWX9MbTbRpyP_dMWzEzbClp5VW-UlmuSBB08-C4NVgOSOGtEAfj0o07JtHjROswsxCgbZiRoFJuTC2soIHitbLPvPHALa-77ULcYkQLmrY1btctwly-11-Zdzha... 57 KB
57 KB 497ms
421ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHNU9UUaQOBe5aZRgZhpJGWWX9MbTbRpyP_dMWzEzbClp5VW-UlmuSBB08-C4NVgOSOGtEAfj0o07JtHjROswsxCgbZiRoFJuTC2soIHitbLPvPHALa-77ULcYkQLmrY1btctwly-11-Zdzha75BWaSQC5KUxwi5p2v-YHvmp9OoVuMR6k-_k3biTizaZ/s1600/728x90GIF.gif

Requested by

Host: taraftariummp.cc
URL: http://taraftariummp.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d0fafb3a291634bb22f8d338fa233dba998b69d3a04640a14be752b3ceddfa34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v247"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90GIF.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58290
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H/1.1 200
OK bahiscom-1.webp
taraftariummp.cc/images/ 10 KB
10 KB 55ms
32ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://taraftariummp.cc/images/bahiscom-1.webp
Requested by: Host: taraftariummp.cc
URL: http://taraftariummp.cc/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfc2f64cc8000e7165b9883a5aafb5fea49bd159f36fc51fd4da25265ed76ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:11:21 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 287676
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 9788
last-modified: Sat, 11 Nov 2023 15:54:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re6Fo0%2FPv7WVmuwmhtX5dwtWRwkXirx4SN%2FJtlacJMSWMx4CFlOQtMcNavxTgQOyhIUAydAt9Xuq9Vt1js13sTvyQfQlWjhtc49F2xSPHN6unExvQnqw%2FYzcp5phDhjsl5b0YCkKtdHkKnPkVjEk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 82dc782638ed9073-FRA
expires: Sun, 03 Dec 2023 09:16:44 GMT

GET
H/1.1 200
OK mario-pop.webp
taraftariummp.cc/images/ 6 KB
7 KB 61ms
38ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://taraftariummp.cc/images/mario-pop.webp
Requested by: Host: taraftariummp.cc
URL: http://taraftariummp.cc/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe95c4d4a3647e8af1c5b60cb6f04058a75b0e755bf5d34d6d2d8eda6cdf3973

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://taraftariummp.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:11:21 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 286575
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6402
last-modified: Sat, 11 Nov 2023 15:54:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yFRbGndNdIK0%2B2LHOVpv0E8kUsrsTsFGhiSlrHWLxHwGoFmYwGYH8GdZbvB%2B47ZCkqgi4ZP8XF%2Bb%2FlyzdoDLCYF2elbiJkKp2kw8UQcb3%2FnmVZZMiKzvNBkB0eHd9dg6DZmGl%2FqiEo%2F9MNkjtBR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 82dc78263c030b89-AMS
expires: Sun, 03 Dec 2023 09:35:04 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 8 KB
3 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://taraftariummp.cc/
Origin: http://taraftariummp.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:24:01 GMT
age: 74840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2981
x-xss-protection: 0
server: sffe
etag: "c752a0bdfe6b8e6b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:24:01 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 12 KB
4 KB 53ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

600d54e614ecc2e8c06f0cb077d8973485f4abd2eb0b7e62815b1b173eeaedbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://taraftariummp.cc/
Origin: http://taraftariummp.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:24:01 GMT
age: 74840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "53fc57f869c7e77f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:24:01 GMT

GET
H2 200 ced2.html Show response
ddt21.one/zf/ Frame 60B4 9 KB
4 KB 91ms
30ms Document
text/html 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/ced2.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996673d5bacc58de43f9f3369a5f61194755a0ec84082660f7aa91b79df30618

Request headers

Referer: http://taraftariummp.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 5526
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 82dc7826a95f2c47-FRA
content-encoding: br
content-type: text/html
date: Wed, 29 Nov 2023 17:11:21 GMT
last-modified: Sun, 26 Nov 2023 08:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Vk3%2BbOCAhkMDPega%2F6bhsnYmF14KIyG1TMCp%2FWhEoNcVzWcHHuwktddE4NGMwW4bngiCSOLcu6V4wPDgByxM1r8ccb4hkNxUMMyM0MGo%2Fz%2BMakJ1Xyia4TNRJJGgsCBJnWMhA5T5Qw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 videojs.min.css
ddt21.one/zf/kralplayer/videojs8/skins/flow/ Frame 60B4 76 KB
20 KB 33ms
29ms Stylesheet
text/css 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/kralplayer/videojs8/skins/flow/videojs.min.css
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824fb8a32b673785b203aab02ab78b6412fbc0a2a3805ce1b9d56d4e42ff324c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/zf/ced2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 08:40:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5525
etag: W/"65630490-12eaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng1v%2FXI4eryvyyFtJiJNx4U50KXfTW3qQEy8pAXah2zO0autsyzwiCA6%2FMMwGfat4LQa8h%2BMsPw9n1t%2F%2BjvP529dEHud%2Bta4bjZCSMiUc0EvFLAK2wUF8vGWX7U53wTEau3lgQcx%2FCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82dc7826e9a72c47-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 video.min.js Show response
ddt21.one/zf/kralplayer/videojs8/ Frame 60B4 548 KB
159 KB 60ms
58ms Script
application/javascript 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/kralplayer/videojs8/video.min.js
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ad2bd4cde85b353bf269c344cd006663e73997aff9ed8df2aa332c8987c5be3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/zf/ced2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 08:40:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5525
etag: W/"65630478-891e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80boDIGp8ssxiRhIYsM85HGrF1t3xTtbD5UEJTEFoJ4tELaoXOSCD3hYQeL%2FRtoXyXRtBTiThLtNBIY%2B%2FL1je74K6oqDvmAxO4gHfOiR7L7HFOBrMX6imDPkQ5a7YYtwZus5PzWE%2BlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82dc7826e9ab2c47-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 nuevo.min.js Show response
ddt21.one/zf/kralplayer/videojs8/ Frame 60B4 117 KB
30 KB 36ms
34ms Script
application/javascript 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/kralplayer/videojs8/nuevo.min.js
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf023520cc5536b9946b0bf97c59aacd8f871d4ed1be812cce83c495d1d65b64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/zf/ced2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 08:40:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5525
etag: W/"65630478-1d4fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTH%2FtHmeqo9kNlEiRPt%2FLuQiCqoZI2Ns%2BUbYpUnWvT6qx%2BBV%2Bf%2FV9xX9AKDsgB%2BMKZ210l3ibaH3VZ8%2FtcjZ6M2MMtbJTFo2ZKVBi9TT8frVkxUSmsKyuOfdLChuynmTcB1Nhvek6NM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82dc7826e9b02c47-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vastpro.js Show response
ddt21.one/zf/kralplayer/videojs/plugins/ Frame 60B4 132 KB
37 KB 53ms
50ms Script
application/javascript 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/kralplayer/videojs/plugins/vastpro.js
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c6c66cc9f32b45c788b9e02d237fd00115ca9466cee45915c2d3d9e2d52386

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/zf/ced2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 08:40:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5525
etag: W/"65630478-211ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf7gk2FNuI3hlD0349c2DXYUcMjCGsH6Ut5BQQLAe9wit2lhj9BZbpebie4NBozDkVR%2F007oHZAoMy%2B4%2FhpkpflpAR%2Bt%2BrWDu3%2BujoJcDFuMrMPMPhDxD3lroOzIJ1F6DERjTIuiWlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82dc7826e9b12c47-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tr.js Show response
ddt21.one/zf/kralplayer/videojs8/lang/ Frame 60B4 7 KB
3 KB 35ms
33ms Script
application/javascript 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/zf/kralplayer/videojs8/lang/tr.js
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da724db11bc9686d20313e15a4082194b0bd77b8e7224297e8cef13247c1a567

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/zf/ced2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 08:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5525
etag: W/"6563048a-1b7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU3LnJxhTzaM2M6zTjlEBXh9dzu57OeNIVGOLv81aKzkFSxD5ln1cecyti8ZDIMR3cC%2BIPOA0TRXL6USLST07ziKCB3cCVAsqIZyIp%2F%2BA%2FhNl5WAsC1VPdGYK3OfjDHEol0UHg0qUQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82dc7826e9b22c47-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 250mario.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMYVLovZZzCt1IP2zTkZAD4IjmxcoGp756sT1OBA_tVVPLUY5VB8K3MaAmobV2o07GVZXgdfV7QJ8yV3vvmfjy4VZSv6HaPu8Le4darwBtb9wmCJD0uqt396Slg8ZneDl6tCvncyktJX7EzHb-... Frame 60B4 57 KB
58 KB 265ms
263ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMYVLovZZzCt1IP2zTkZAD4IjmxcoGp756sT1OBA_tVVPLUY5VB8K3MaAmobV2o07GVZXgdfV7QJ8yV3vvmfjy4VZSv6HaPu8Le4darwBtb9wmCJD0uqt396Slg8ZneDl6tCvncyktJX7EzHb-hcTKDobDC050PQhrSOo6GRVot-L0kYFqw-fqUK-gVN5l/s1600/250mario.jpg

Requested by

Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

35f1d26ab2aa3d15ac63109fe1ad6a822c5238857ae44a64f56523e2edfac861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2029"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="250mario.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58845
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 250km.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmjA0RKpltEhgwRuBKMlo5GtFnesiE7W-nl3cI0FW4fd57J-o__2MS5-2qzfEE0JihbLvn4Q8OUcGQII5Xi054rn4cI-iJMRQt3CnEmwgJgWjsbsmhKf1pyFH3pz_RKZjgkMFX2WvPrWNyHP49... Frame 60B4 278 KB
278 KB 271ms
269ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmjA0RKpltEhgwRuBKMlo5GtFnesiE7W-nl3cI0FW4fd57J-o__2MS5-2qzfEE0JihbLvn4Q8OUcGQII5Xi054rn4cI-iJMRQt3CnEmwgJgWjsbsmhKf1pyFH3pz_RKZjgkMFX2WvPrWNyHP49ejXNuY-1vd3wdrIptAXSyt1D6TWbsPqBH3Vywsg7FEzU/s1600/250km.gif

Requested by

Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5053ef279c4a54bcc9869f7fc5ce873e633d9ca974cf075078c99b8df2acb18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v204e"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="250km.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284730
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 250taraf.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxuvU26uyw91cEv4vHyrDOIVXg_fK2gU319kyCMQfDjiII2fElbjEhOZzVLtvvBtCfIsKC2rttRAexTMIR1EwukfWS3GNHvuNNZ16nFFvyE66xrH-qwQnDWxstWqzXoB9_SAOBfatUTo64a4ji... Frame 60B4 43 KB
43 KB 259ms
258ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxuvU26uyw91cEv4vHyrDOIVXg_fK2gU319kyCMQfDjiII2fElbjEhOZzVLtvvBtCfIsKC2rttRAexTMIR1EwukfWS3GNHvuNNZ16nFFvyE66xrH-qwQnDWxstWqzXoB9_SAOBfatUTo64a4jiA9CvFyRgWfONl-ubBYZw_rX6tZnDoGR_GMWssPJY0jAM/s1600/250taraf.jpg

Requested by

Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ee3b1190cfea13cb19f1fce51769c40d7834f85b5dee4edc0604a4a8469e9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2036"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="250taraf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43634
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:21 GMT

GET
H2 200 splash.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbulLcV7ZfvW1HPftHc3W832bBl5nTzMrNmA4v3duwDhEsvOKgPMwVtmbj4qe1YfzyTICnt4CqnBdsUcEzlm0sFopSajfJOy3TV7Bw-Ufoauuig4FcHHOXJcliw_reOk6jwArm82QYzFooxm_5... Frame 60B4 34 KB
34 KB 893ms
893ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbulLcV7ZfvW1HPftHc3W832bBl5nTzMrNmA4v3duwDhEsvOKgPMwVtmbj4qe1YfzyTICnt4CqnBdsUcEzlm0sFopSajfJOy3TV7Bw-Ufoauuig4FcHHOXJcliw_reOk6jwArm82QYzFooxm_5T0loInicSNq-APXkmqw2RqWnTm8Ft7Ut26k3_FuLAOVm/s1600/splash.jpg

Requested by

Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1a2a5f4f0c6e353d59fd9ccdb35ca251df91ed5dbd1985558380305fbf3e6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v201f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="splash.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34944
x-xss-protection: 0
expires: Thu, 30 Nov 2023 17:11:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ Frame 60B4 88 KB
88 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:19:05 GMT
x-content-type-options: nosniff
age: 579136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89795
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 00:19:05 GMT

GET
DATA 200
OK truncated
/ Frame 60B4 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9945a7fa0fad28e744677cbd497cd005ca81928b9f9d97fd1ba22f99be9feeda

Request headers

Referer
Origin: https://ddt21.one
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 index.m3u8 Show response
7.at23.one/taso1/ Frame 60B4 1 KB
910 B 218ms
35ms XHR
application/vnd.apple.mpegurl 2606:4700:3037::6815:3284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7.at23.one/taso1/index.m3u8
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/kralplayer/videojs8/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 155f4e1b1bb8861b162ade797c56b5577a377153bee781c514d3932fa69cfc6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrWOE6c9cgFrhXmlnLpaFVfZZLQ1ak6EBcVFdnWUNRCDRllGtooOyQ1yOQie1J5MJb1ma6O1QXjjzlt2htCJ9USuo7GoKhUqAqyD8cWT0dT7I%2FObrMJhri%2F9cfdwmqighVTdNDRIKTbf"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 82dc78292d265d85-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 98e26253-f058-4d4a-855a-47f682fdead2
https://ddt21.one/ Frame 60B4 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ddt21.one/98e26253-f058-4d4a-855a-47f682fdead2
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be5bb7db495a155165ede1d070d2df8e830f21cea57fb9cc182825bbed5fc132

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 4946
Content-Type: application/javascript

GET
BLOB 200
OK a16ff410-9782-4a3b-86b2-ffa4f427dffd
https://ddt21.one/ Frame 60B4 81 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ddt21.one/a16ff410-9782-4a3b-86b2-ffa4f427dffd
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eeee3fdc4288a1fb57f8f72d89310fdeb142354a0f4faba33243fe94c704b99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 83066
Content-Type: application/javascript

GET
BLOB 200
OK 95c1a5d9-d00e-4cc1-afaf-1d8ca4a4b799
https://ddt21.one/ Frame 60B4 81 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ddt21.one/95c1a5d9-d00e-4cc1-afaf-1d8ca4a4b799
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eeee3fdc4288a1fb57f8f72d89310fdeb142354a0f4faba33243fe94c704b99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 83066
Content-Type: application/javascript

GET
H3 200 sayacff.html Show response
ddt21.one/oldstreaming/ Frame 5B13 430 B
717 B 51ms
50ms Document
text/html 2606:4700:3031::6815:5bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddt21.one/oldstreaming/sayacff.html
Requested by: Host: ddt21.one
URL: https://ddt21.one/zf/ced2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199639d076bbb51df4f46b2baaf74be8bc361e60c4c07ba9da45a8dd49844c06

Request headers

Referer: https://ddt21.one/zf/ced2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 7107
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 82dc78289d8203b0-FRA
content-encoding: br
content-type: text/html
date: Wed, 29 Nov 2023 17:11:21 GMT
last-modified: Tue, 15 Aug 2023 18:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUIlrdu3cnkfRKHvWTx4E1gDw97XcVtLXleQNksFrF9Mvj8n4nuUsP%2F07uZ4WkEp9JH19t9bvnEPPULxiLS6Hf1xq%2Bp3a3hGGPR8fFYC97HT0vlpQEhhge5EP4fZo6NzCSuTjU5VCFk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 classic.js Show response
widgets.amung.us/ Frame 5B13 13 KB
7 KB 114ms
40ms Script
application/x-javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: ddt21.one
URL: https://ddt21.one/oldstreaming/sayacff.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
server: cloudflare
age: 1371
etag: W/"63c0411e-32c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 82dc782999be4db1-FRA
expires: Thu, 30 Nov 2023 16:48:30 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ Frame 5B13 31 B
155 B 151ms
140ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=bhad8y02v4&t=&c=c&x=https%3A%2F%2Fddt21.one%2Foldstreaming%2Fsayacff.html&y=https%3A%2F%2Fddt21.one%2Fzf%2Fced2.html&a=0&d=0.098&v=27&r=7827
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f9f6d5838a51292445b501572a0968e29ce9f3e1edf9ad8e908f3ddfbe2284

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ddt21.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:11:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82dc782a0a644db1-FRA
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5B13 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7.at23.one
ajax.googleapis.com
blogger.googleusercontent.com
cdn.ampproject.org
ddt21.one
taraftariummp.cc
whos.amung.us
widgets.amung.us
2606:4700:10::ac43:88d
2606:4700:3031::6815:5bb2
2606:4700:3037::6815:3284
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2001
2a06:98c1:3120::3
0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5
0ee3b1190cfea13cb19f1fce51769c40d7834f85b5dee4edc0604a4a8469e9a0
155f4e1b1bb8861b162ade797c56b5577a377153bee781c514d3932fa69cfc6f
19766704490377142694e4f6ec7f61bc467c61c34313987c6f147e5fd9eccf69
199639d076bbb51df4f46b2baaf74be8bc361e60c4c07ba9da45a8dd49844c06
1eeee3fdc4288a1fb57f8f72d89310fdeb142354a0f4faba33243fe94c704b99
2ebf475fb0af2d81ab1ef6c92c6830bbd32aa13a6f90daaf03eb77db453823ff
35f1d26ab2aa3d15ac63109fe1ad6a822c5238857ae44a64f56523e2edfac861
35f9f6d5838a51292445b501572a0968e29ce9f3e1edf9ad8e908f3ddfbe2284
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3dcf03c0ad936c561eae6593b043421a6e9a9a162645255c6a4fd24175ff08b0
43e6ea5f77ace35131ead5d233aaf48f9bf2a7c13196411109abb1f120244c53
45cffa0930fa4e85ade62308bda023f1ed44bfdc1ab265147ab807bcf699a5f2
5053ef279c4a54bcc9869f7fc5ce873e633d9ca974cf075078c99b8df2acb18e
600d54e614ecc2e8c06f0cb077d8973485f4abd2eb0b7e62815b1b173eeaedbb
6bebb5a3a14000a9c601f0c5b84508fba2e35d68ed495f8bc83edd5336c40735
78f07fc9742f1a774613fb4658b18574c379c636d7889e3693539aedd046777a
824fb8a32b673785b203aab02ab78b6412fbc0a2a3805ce1b9d56d4e42ff324c
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
85c6c66cc9f32b45c788b9e02d237fd00115ca9466cee45915c2d3d9e2d52386
8fb98bb683d7459c6e05ca1e6706e8481acfb1ee333c0701443968a8fb91d5a2
932d919ca949f3b000e3f7630e67130eb170acb15b61851543a719f6061c1458
9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087
9533a9eadcb634b238c4679ce01a446b6e1212048c7dc8d0094d2702f1e224a7
9945a7fa0fad28e744677cbd497cd005ca81928b9f9d97fd1ba22f99be9feeda
996673d5bacc58de43f9f3369a5f61194755a0ec84082660f7aa91b79df30618
9ad2bd4cde85b353bf269c344cd006663e73997aff9ed8df2aa332c8987c5be3
9cfc2f64cc8000e7165b9883a5aafb5fea49bd159f36fc51fd4da25265ed76ef
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a955a36baa94e9dfbf9aa309df2f1d519f6500ff16478e10c06dd62abd3c85b3
ad9ae75c9b6f5f1484a009f2952a9fddb41aae7ffd3c13ba6bf20a9216ecc9d0
b1cf00865b3919d58f0663d7f38383f024a30e751f67b7c13f8e17c57a086663
bba676a9155540ab0b10e5b672609fcf615d90768fce0d3662c6afa5a5bbee34
be5bb7db495a155165ede1d070d2df8e830f21cea57fb9cc182825bbed5fc132
cf023520cc5536b9946b0bf97c59aacd8f871d4ed1be812cce83c495d1d65b64
d0fafb3a291634bb22f8d338fa233dba998b69d3a04640a14be752b3ceddfa34
da724db11bc9686d20313e15a4082194b0bd77b8e7224297e8cef13247c1a567
ddd938fb69faecf9d983fdf1d8eeaa1525f2572e59860bd6e3f6af8c945511aa
e1a2a5f4f0c6e353d59fd9ccdb35ca251df91ed5dbd1985558380305fbf3e6d9
f7d05332916d0dd6938a33b546d57f30c65610981c923789ebfdbd44d14a8a06
fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e
fe95c4d4a3647e8af1c5b60cb6f04058a75b0e755bf5d34d6d2d8eda6cdf3973

taraftariummp.cc Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

83 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

4173 kBTransfer

5401 kBSize

0 Cookies

6 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

taraftariummp.cc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

83 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

4173 kB
Transfer

5401 kB
Size

0
Cookies

40 HTTP transactions
3 data transactions