to.xrivonet.info Open in urlscan Pro
2606:4700:3033::6815:2461  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• http://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 HTTP 302
• https://cdn.engine.spotscenered.info/scripts/ba.js?z=51054

Request Chain 17

• https://newdmn.icu/stream/71834.html HTTP 301
• https://freefeds.com/stream/71834.html

Request Chain 44

• https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
• https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=

Request Chain 46

• https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=54155&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=qsKLpbZ3vegxDOfbwcrY4D_z6grCUDuFbD8RGGEJBZV7YAIAkDYjBDhY2tugqR4ZVki_rJwBQV4Q_CBlzQ2lxiAIItKVqVu4RsU1e1Yd20SCaqAq1_lFRxlFUnzZgxKgkv2v3QZuaBZ8Rd_PRFnY24UUCLmWstFOn9hQGg1BDugnjLRF6tTqxDyIvSiMoFfrmpzGNkwkshuQ3s_Cikr_0ubD2Th2VRNZ59OS1uBOfsbaeDb5xorRyBtcEm97TJBTtkLjfpIrGbkRZ-BK3WNKlxyrp84ge6Boz_HBZM2JYrwqPIUhxkNYYw2s03GTN8CvvXtScrN6ZIKWlPlqKd6YlcuE-SF9ifZpoIxpNwNW6bmmkq4z9-aE0zlcpQjMUJlnUAt7HV47KLuyD8gSSm4oW-UPedLQWXMsW8jqSVUvaMEYWRIRMF9peTwHZXEwmUKGvZGN-ToOCv8Za7LyWEc97kJwg9yjgCjwvEzgDP_0Pqzf6fFjO5tJi_rINtUG0WwCCREVbWix3n83C_1TKoriVTATAbcoVqjJvgobYuOb1p6dTvyo6HnueIFOuGgPy4nddpCI9SIPdXluJSy7tXalUiKzVY8pBQT9okD30NFGmwmpU0xCwJ4psAJu55ukg7io41tXGZZ3Z--JxCE-LDAyMKFRrlshGMhP0vP2rpBnwazqhmULCcdulMsNJHFGSGzaX2GTjSKuBYeAnybXpq1sbT1iPC3mImxOfNmgJ9Lg3OnhUxW97ujuMfO3ul5aWVdeAcogdCnADNWqOTbVTthaqkQILZkXVt1mPteicSMFOuNrdQT71Fo3SYi3XcxmfWis_ZXuM-rVW4qghOw6eDpT_1HxgAfA6wwVzIOlZz0v79HOYzjfwu7Kst5siuXz5i39BlyTuqrVSzD4vYlrW47k056pnCP1sYyQlMqSc_SZwm01&kw=&mw=728&mh=90&cu= HTTP 302
• https://engine.spotscenered.info/mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&cu=&kw=&mw=728&mh=90

Request Chain 74

• http://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 HTTP 302
• https://cdn.engine.spotscenered.info/scripts/ba.js?z=51036

Request Chain 78

• https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9=

Request Chain 79

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 80

• https://creativecdn.com/cm-notify?pi=mgid HTTP 302
• https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
• https://cm.mgid.com/m?cdsp=501037&c=7CqB5IgWsmuX2E8o9H6P&pi=mgid&tc=1

Request Chain 82

• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ0QXNWVmRMczdq&muidn=l44AsVVdLs7j HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ0QXNWVmRMczdq&muidn=l44AsVVdLs7j&google_tc= HTTP 302
• https://cm.mgid.com/google?muidn=l44AsVVdLs7j&google_error=3

Request Chain 83

• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid

Request Chain 84

• https://x.bidswitch.net/sync?dsp_id=303&user_id=l44AsVVdLs7j HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l44AsVVdLs7j HTTP 302
• https://sync.admanmedia.com/bidswitch.gif?puid=&redir=[RED]

Request Chain 85

• https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
• https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
• https://cm.mgid.com/m?cdsp=287839&c=c90bacfb-3194-46f9-a4a8-265b12226b14

Request Chain 86

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://cm.mgid.com/m?cdsp=371158&c=aac3fcd0-5725-4834-9c5c-a174967835df&ttl=1622772457

Request Chain 103

• https://whos.amung.us/cwidget/freestreamon/000000ffffff.png HTTP 307
• https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=

Request Chain 108

• https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=56118&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=n5o1p59f1GFA9wP346R3ycKTksjv26jB1dziKY-Il6fiGB_-Ps7n2yyRENDl0efNZ9qZJoDJ1eURl-hzBe2pbMzk6vM3_0g3lg1P3_0VyMg3rkH3kt-UqgEhH6tLz3Sozb-ViRATLJ0IKmm4myPWMFA1aEMYtt3SXMB8kjqY0njZbDSxYNlwtFsEuo9-v2TqGa4HsALTHiBvXyD60r9frpD-fhhbdmnpHu9ECE73fM-BTmjaX_yn44V4r0Zul-urAWVoU_20JovpNbtY2730569YdM1BzN1hxwTdDD8wM8Al_qVgpAOaQGTCWy0l4ilPZLIEEa-0hdHhCqI3OO4G4kx1TN_1gNimIJh8t8Yk_lSWktsG688Kzsz6H0aU4DQYkVGw6dPeZ8JkAR1x028Ccj5lmILVva-X9avVAWHc_sqKi0Rd-wN-NQMi7Z8sAyoVxoTrEUoi8zxyUrWA6Q9X2_BIBdGawahOvw4BX2cpedd6MjdrkLJ8AziYivdG-UbK_DdMf5aqyk1HTGQSW51ByCLhMxQWXe49lOE4808koEwElzw_X5FBkshTmmULZUR8H75cPNzBvr_VR28hUeHdpHQz5LbiNx0JQ5JFxI43dAFlkbDdjdwDs1qTOHlO72gLVc1gZ6FVKGquEKM04Q-eLxZhiIlA9PnvSxXAp4ybxr4ES6ZFf9_21UeWO2vAbouG3LyRVdfvLZ7sldoHA39mTGdlkmlbuejArLbyofU8qG3Z_K1z4Fgcs3vP-mr1aY7BWhzgcd3ggBE6J2DUwAPFrmgkuia3W4y6hF3q59ugDn88bMgbQLfHC-_G1a6yQY61CW5rknNUsKJhVugxzBRUD-cad5dJx8DS_ohWjXPysOjpYrPuP-9xGbUVfkVpOyxpYEL_nfeSA8uByay6e7wcPN9BGlOnREJi6ZkEIvK959g1&kw=&mw=300&mh=250&cu= HTTP 302
• https://engine.spotscenered.info/mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&cu=&kw=&mw=300&mh=250

Request Chain 110

• https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1620180457000 HTTP 307
• https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set tdn3.html Show response to.xrivonet.info/	59 KB 16 KB	353ms 330ms	Document text/html	2606:4700:3033::6815:2461 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700:3033::6815:2461 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a45a8f7d77eda9ede780bc049b9be9a1ae3e601d7748df9a71ed901a57c57f08 Request headers Host to.xrivonet.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:35 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dc7a937c87425f557ece9b1fa25e085b21620180455; expires=Fri, 04-Jun-21 02:07:35 GMT; path=/; domain=.xrivonet.info; HttpOnly; SameSite=Lax last-modified Tue, 06 Apr 2021 07:54:01 GMT vary Accept-Encoding CF-Cache-Status DYNAMIC cf-request-id 09dbe0e76a00005364cc267000000001 Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7hocYeHEN%2BM54jCPo887u2QGJuNtTJw3Xxr2MsGDU4RLCsz%2BF%2FGgXuWwYpzKQ8utBi%2BJNODvU7XhWW41ooUKmQXXT%2F46F%2Fm%2Bj7YPJtJ7lp%2BmxE%2B5eLW8WbFt4qON"}]} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 64a66a8578385364-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	403 Forbidden	05f4c9fbb0d0e23d527016355f12b6c7.js pl15563626.passtechusa.com/05/f4/c9/	0 0	431ms 184ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://pl15563626.passtechusa.com/05/f4/c9/05f4c9fbb0d0e23d527016355f12b6c7.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:35 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-153096092-1 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a890bdcaff381517e1f86aab2533a0017e89c0484e601f46bffe497c6f335599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:35 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35870 x-xss-protection 0 last-modified Wed, 05 May 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 05 May 2021 02:07:35 GMT
GET H2	200	16153472-css_bundle_v2.css www.blogger.com/static/v1/widgets/	42 KB 42 KB	7ms 6ms	Stylesheet text/css	2a00:1450:4001:809::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/16153472-css_bundle_v2.css Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Apr 2021 09:59:49 GMT x-content-type-options nosniff last-modified Thu, 02 Jul 2015 01:50:07 GMT server sffe age 403666 vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42984 x-xss-protection 0 expires Sat, 30 Apr 2022 09:59:49 GMT
GET H2	200	authorization.css www.blogger.com/dyn-css/	1 B 534 B	102ms 102ms	Stylesheet text/css	2a00:1450:4001:809::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3127189521511558727&zx=d740d3e9-2abb-42bf-b18d-41c9a8d4501c Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport content-encoding gzip x-content-type-options nosniff last-modified Wed, 05 May 2021 02:07:35 GMT server GSE date Wed, 05 May 2021 02:07:35 GMT x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." cache-control no-cache, no-store, max-age=0, must-revalidate content-type text/css; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response dc5k8fg5ioc8s.cloudfront.net/	157 KB 47 KB	184ms 171ms	Script text/plain	143.204.101.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=826383 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 143.204.101.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-177.fra50.r.cloudfront.net Software / Resource Hash 2f3a59f1bd2eb785666c0a6fc5817c1434d2a2936c2508330f8e14fa0f0ed4db Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 May 2021 02:07:35 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA50-C1 X-Cache Miss from cloudfront access-control-allow-origin * Cache-Control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 48103 Via 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront) X-Amz-Cf-Id jLwPzZLH23LWvGkl2MJtAvBfE7xN7ZsqyYTwu5-n15kQx5kE0HAQSA==
GET H/1.1	403 Forbidden	61b9671524e2ca246e7898cf092e4832.js pl164625.pvclouds.com/61/b9/67/	0 0	427ms 180ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://pl164625.pvclouds.com/61/b9/67/61b9671524e2ca246e7898cf092e4832.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:35 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	6507 Show response latheendsmoo.com/ra3bOSAfVZZG/	0 1 KB	82ms 41ms	Script application/javascript	172.255.6.54 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL http://latheendsmoo.com/ra3bOSAfVZZG/6507 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 172.255.6.54 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:35 GMT Content-Encoding gzip Strict-Transport-Security max-age=1 Server nginx Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers * X-Content-Type-Options nosniff Keep-Alive timeout=20
GET H/1.1	200 OK	icon18_wrench_allbkg.png img1.blogblog.com/img/	475 B 849 B	12ms 6ms	Image image/png	2a00:1450:4001:809::2009 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://img1.blogblog.com/img/icon18_wrench_allbkg.png Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 03 May 2021 18:43:52 GMT X-Content-Type-Options nosniff Last-Modified Mon, 03 May 2021 01:08:56 GMT Server sffe Age 113024 Content-Type image/png Cache-Control public, max-age=604800 Cross-Origin-Resource-Policy cross-origin Accept-Ranges bytes Content-Length 475 X-XSS-Protection 0 Expires Mon, 10 May 2021 18:43:52 GMT
GET H2	200	ba.js Show response cdn.engine.spotscenered.info/scripts/ Redirect Chain http://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 https://cdn.engine.spotscenered.info/scripts/ba.js?z=51054	2 KB 1 KB	31ms 13ms	Script application/x-javascript	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4538b877bf359ff7ff6b6be10e1034dd98c28a1bb52e2fa6def34f3b8115065a Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT age 1169 x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0eabb00004db22a2c3000000001 last-modified Wed, 05 May 2021 01:35:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary *, Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1200 cf-ray 64a66a8ac8914db2-FRA expires Wed, 05 May 2021 02:27:36 GMT Redirect headers Date Wed, 05 May 2021 02:07:36 GMT Server cloudflare Vary Accept-Encoding Location https://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 Connection keep-alive CF-RAY 64a66a8a5f921f21-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 0 cf-request-id 09dbe0ea7900001f2157ba3000000001
GET		emb.js st.chatango.com/js/gz/	0 0
GET H3-29	200	3190386002-widgets.js Show response www.blogger.com/static/v1/widgets/	91 KB 37 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:809::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/3190386002-widgets.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Apr 2021 17:10:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 02 Jul 2015 01:50:07 GMT server sffe age 377808 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37848 x-xss-protection 0 expires Sat, 30 Apr 2022 17:10:48 GMT
GET H2	200	plusone.js Show response apis.google.com/js/	54 KB 21 KB	37ms 36ms	Script application/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0593a255a01933e26823747656a39bc1fc7188582e67ac5223eefa74f7c2c021 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wnZeDRkgqYFo3A4eSOifyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF x-frame-options SAMEORIGIN etag "4fc60c8cf782c16d4329b84dfda715b7" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-wnZeDRkgqYFo3A4eSOifyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Wed, 05 May 2021 02:07:36 GMT
GET H/1.1	403 Forbidden	invoke.js www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/	0 0	306ms 179ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://www.bcloudhost.com/976b0d76d773f5547d37fe90ada4248d/invoke.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:36 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153096092-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 2261 date Wed, 05 May 2021 01:29:55 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Wed, 05 May 2021 03:29:55 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	33ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=604137576&t=pageview&_s=1&dl=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&ul=en-us&de=UTF-8&dt=RivoRD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=164477267&gjid=386653045&cid=415007222.1620180456&tid=UA-153096092-1&_gid=145912925.1620180456&_r=1&gtm=2ou4l3&z=1045259463 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 05 May 2021 02:07:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://to.xrivonet.info cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	403 Forbidden	61b9671524e2ca246e7898cf092e4832.js pl164625.pvclouds.com/61/b9/67/	0 0	100ms 100ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://pl164625.pvclouds.com/61/b9/67/61b9671524e2ca246e7898cf092e4832.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:36 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	compatibility.js Show response celeritascdn.com/script/	20 KB 9 KB	32ms 17ms	Script application/javascript	2606:4700::6810:5b06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://celeritascdn.com/script/compatibility.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip CF-Cache-Status HIT Age 1681 X-GUploader-UploadID ABg5-UzsJxtnMyBmV_3tToUIjtpy58NFAtyi3hUeFYfj8ZQG6dz4gK_xA6cbu-4yQBYPrTz7nlE0OjqmGWmAT_HnVno6XGjXJg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 09dbe0ec3700004ee589944000000001 Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server cloudflare ETag W/"c2bbc1e2544049cb035c321919bef2bc" Vary Accept-Encoding x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 20647 CF-RAY 64a66a8d29b54ee5-FRA Expires Wed, 05 May 2021 06:07:36 GMT
GET H2	200	71834.html Show response freefeds.com/stream/ Frame 978B Redirect Chain https://newdmn.icu/stream/71834.html https://freefeds.com/stream/71834.html	13 KB 6 KB	47ms 24ms	Document text/html	2606:4700:3038::6815:eb33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freefeds.com/stream/71834.html Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f527df9e28a07dba602b1fb93d05acdf17aee93eb03f9171da95ca6ca8b927b Request headers :method GET :authority freefeds.com :scheme https :path /stream/71834.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://to.xrivonet.info/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers date Wed, 05 May 2021 02:07:36 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d3c41555c619959a6c8bd8382954d23811620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.freefeds.com; HttpOnly; SameSite=Lax; Secure vary Accept-Encoding x-proxy-cache HIT referrer-policy no-referrer-when-downgrade cf-cache-status DYNAMIC cf-request-id 09dbe0ecb700004e2c35169000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82fu%2FlCtWrjZLfuMkp4dNOJdx2sHUKomreEqpE%2F7jYkDON5UZujzf62FBIBytdIPA3n8%2FikZzss6FJ3dzYmu%2FvjpssDq9vuu748V1FF1WuyVtnQDuVJW1%2F4%3D"}],"max_age":604800,"group":"cf-nel"} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 64a66a8dfa234e2c-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Wed, 05 May 2021 02:07:36 GMT content-type text/html set-cookie __cfduid=d58eaf8beb1f9f7b0220628552b6029af1620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.newdmn.icu; HttpOnly; SameSite=Lax; Secure location https://freefeds.com/stream/71834.html cf-cache-status DYNAMIC cf-request-id 09dbe0ec420000c28624221000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P2U8tXyKahfCqlh8GFpb414CmAwCSJz49w%2F11t30p1foNgzbgoo64VI1IzjHunal6Rz%2B7QmegKl31eXGxDux6Rn4DrY9kT9makTcPE%2Bm8daFSJ0%2FjMb4"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 64a66a8d386ec286-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	Cookie set publi.html Show response bc.psntvs.me/ Frame 2CEF	204 B 1 KB	346ms 320ms	Document text/html	2606:4700:3030::ac43:aecc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://bc.psntvs.me/publi.html Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aecc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73e5aec1a65a7fb0d5590896e70f9eba3f66b1c39efd274c8b144d3f1380c409 Request headers Host bc.psntvs.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://to.xrivonet.info/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d32ebc22cfd8f31e0fe5982c5fbf588b21620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.psntvs.me; HttpOnly; SameSite=Lax last-modified Tue, 02 Apr 2019 16:51:41 GMT vary Accept-Encoding CF-Cache-Status DYNAMIC cf-request-id 09dbe0ec47000016ea5e3e3000000001 Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pjY6cXJsvZjTP%2B5CsGCHKx%2FaUI%2FfNfcfuHiAK3SOs%2BeiqPIVgtL1%2FaUeJQjZRSm3S1G1kRTcX3i7jaH7WYL9D4YCr%2BNN1LvSjtQJOpOxK3PZlE2mxqfXhCo%3D"}]} NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare CF-RAY 64a66a8d3a3716ea-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	xrivonet.info.266699.js Show response jsc.mgid.com/x/r/ Frame 818A	279 KB 76 KB	57ms 49ms	Script text/javascript	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a07eeaf8a9d4143e79e53d6576888fb9a9441ad9cc71cefa0d3b29901bf8eb1d Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip CF-Cache-Status HIT Age 3794 Cf-Polished origSize=285774 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id BYYRXNZX71YV4MCE x-amz-id-2 eNCOIU2CyPfLxYEbIoNpHcBf3IuG6Ga170TnGH9YDk9C8Kw7u2WNRRfnFmJBT1n+Wkn2wMyuVp8= Last-Modified Tue, 27 Apr 2021 05:40:33 GMT Server cloudflare ETag W/"f91c3b6d8f5a1a2260177aa6a572f3db" Vary Accept-Encoding Content-Type text/javascript Expires Wed, 05 May 2021 05:07:36 GMT Cache-Control public, max-age=10800 cf-request-id 09dbe0ec5a0000edef2ca29000000001 CF-RAY 64a66a8d5f91edef-CDG Cf-Bgj minify
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response code.jquery.com/	95 KB 33 KB	14ms 7ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.12.4.min.js Requested by Host: cdn.engine.spotscenered.info URL: http://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 Protocol HTTP/1.1 Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Last-Modified Fri, 20 May 2016 17:18:54 GMT Server nginx ETag W/"573f46fe-17b8b" Vary Accept-Encoding X-HW 1620180456.dop216.fr8.t,1620180456.cds167.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 33738
GET H/1.1	200 OK	pop.js Show response c1.popads.net/	30 KB 10 KB	19ms 7ms	Script application/javascript	2a02:6ea0:c700::3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL http://c1.popads.net/pop.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 425a7a9b9f10f9809288169af01695376da8b90b3e957f4987c4dad263403d49 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-77-POP frankfurtDE Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip X-77-NZT-Ray fo1Lemzhifc= Transfer-Encoding chunked X-77-Cache HIT X-Cache HIT Connection keep-alive alt-svc quic="195.181.175.50:443"; ma=2592000; v="44,43,39" X-77-NZT AcO1rzJ7H/DvaRgAAA== Last-Modified Tue, 09 Feb 2021 20:16:57 GMT Server CDN77-Turbo ETag W/"6022edb9-77fd" Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Age 6249 Expires Mon, 17 May 2021 00:23:27 GMT
GET H/1.1	403 Forbidden	invoke.js www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/	0 0	99ms 98ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL http://www.bcloudhost.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:36 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	Cookie set identify.html Show response ufpcdn.com/script/ Frame 7FA9	2 KB 2 KB	186ms 174ms	Document text/html	2606:4700:3037::ac43:8e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://to.xrivonet.info/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d67ce4cfa247970988874c1daec51c4ec1620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=c40068eccbd1d72d854a17e29589ae0be8def7f2-1620180456-1800-AWdEvPQ8L4UgjGMNm4QZiXWaxi8O7BopeDNAaq+SZJkDSXLBTjPFbbGe7NYXjdpQs53wsm0hOUEHEyAyEHUKkNg=; path=/; expires=Wed, 05-May-21 02:37:36 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 09dbe0ec5a00002c5265bb8000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LtEHSif%2FYJ9KWRWiMO3tg%2FtbjBI1hY%2BRT4OjaZtYCdHDA2sEQuzFY0hAU%2FFROk%2FITtZ61eCdxRSkqJnZS4Aeuoire6jeSjgsegnRSqGJ80A7TOKxD4Hb"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 64a66a8d5f5a2c52-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	banner.engine Show response engine.spotscenered.info/	2 KB 4 KB	177ms 170ms	Script text/html	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://engine.spotscenered.info/banner.engine?id=0480c52b-5c68-4b25-963c-0861ecd966b7&z=51054&cid=b9c&rand=42312&ver=async&time=-120&referrerurl=&abr=false&curl=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html Requested by Host: cdn.engine.spotscenered.info URL: http://cdn.engine.spotscenered.info/scripts/ba.js?z=51054 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3abfbb4d83c760b30fcb0f333eca3180859f53a01ae4cf314577e7fd533fca47 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding gzip cf-cache-status DYNAMIC alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="CAO PSA OUR IND" access-control-allow-origin * cache-control private, no-transform cf-ray 64a66a8d6b114db2-FRA content-type text/html; charset=utf-8 cf-request-id 09dbe0ec6200004db214b9f000000001
GET H2	200	/ Show response c.mgid.com/pv/	0 604 B	135ms 78ms	Script text/plain	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?pv=5&cbuster=1620180456646338622069&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwrivz1.blogspot.com%2F&lu=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&pageView=1&site=356366&pvid=1793a47d4c68fab3cff&implVersion=10&dpr=1 Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:36 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a8e7c58ee58-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed080000ee581a938000000001
GET H2	200	MGID_plus.svg cdn.mgid.com/images/logos/	2 KB 1 KB	73ms 27ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/MGID_plus.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT age 4218 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id B9201827F81D32DC x-amz-id-2 oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs= last-modified Tue, 23 Feb 2021 16:22:15 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root etag W/"f7525f3a5f32c6f4a8e9867e9f57ab45" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-request-id 09dbe0ed010000cdc3c9278000000001 cf-ray 64a66a8e68a4cdc3-CDG expires Thu, 06 May 2021 02:07:36 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 812 B	74ms 28ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT age 4218 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 1D76EA8A206ECCA7 x-amz-id-2 lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-request-id 09dbe0ed010000cdc3593a7000000001 cf-ray 64a66a8e68a6cdc3-CDG expires Thu, 06 May 2021 02:07:36 GMT
GET H2	200	int_exchange_wages_ad.svg cdn.mgid.com/images/mgid/	1 KB 744 B	73ms 27ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT age 4211 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id A6EC37B2A7BDE00B x-amz-id-2 PwXuLK/xbxwm8Hf3CE9lBqGE5I1x8jZ+3dC6/axU5ZbcSWyTHkWZUyetDT5gQlgZpKn8sbHG1f0= last-modified Mon, 04 May 2020 12:16:53 GMT server cloudflare etag W/"37346cd2daeeec771e8ffe3a34ef43ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-request-id 09dbe0ed020000cdc37fadb000000001 cf-ray 64a66a8e68a8cdc3-CDG expires Thu, 06 May 2021 02:07:36 GMT
GET DATA	200 OK	truncated /	138 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff fonts.gstatic.com/s/roboto/v15/	19 KB 19 KB	8ms 6ms	Font font/woff	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://to.xrivonet.info Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 11:06:15 GMT x-content-type-options nosniff last-modified Wed, 14 Jan 2015 22:48:53 GMT server sffe age 486081 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19684 x-xss-protection 0 expires Fri, 29 Apr 2022 11:06:15 GMT
GET H/1.1	200 OK	colored.js Show response widgets.amung.us/	8 KB 4 KB	22ms 15ms	Script application/x-javascript	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://widgets.amung.us/colored.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b957ea339d35a0f04ef914c475611606e5b3b326cf08cb9d68bf78bca23a6521 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT content-encoding gzip CF-Cache-Status HIT Age 231 Transfer-Encoding chunked Connection keep-alive cf-request-id 09dbe0ed0200002c4a06841000000001 last-modified Mon, 03 May 2021 17:48:25 GMT Server cloudflare etag W/"60903769-1ee4" Vary Accept-Encoding Content-Type application/x-javascript access-control-allow-origin * cache-control max-age=86400 CF-RAY 64a66a8e6e882c4a-FRA expires Thu, 06 May 2021 02:03:45 GMT
GET H2	200	/ Show response c.adsco.re/	35 KB 12 KB	32ms 13ms	Script text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT server cloudflare age 3733663 etag W/"49M/vRKXL5pROhm5uOGH7A==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 64a66a8e7f234ed9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed0e00004ed9e4279000000001 expires Sat, 05 Jun 2021 02:07:36 GMT
GET H3-29	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/	142 KB 50 KB	17ms 14ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b4f01e3784c081814429943d9a1cafcaa556bae64e786806e2e757be1fbb013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 04 May 2021 20:47:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Apr 2021 17:53:46 GMT server sffe age 19229 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50899 x-xss-protection 0 expires Wed, 04 May 2022 20:47:07 GMT
GET H2	200	1 Show response servicer.mgid.com/266699/	5 KB 2 KB	93ms 89ms	Script application/x-javascript	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/266699/1?pv=5&cbuster=1620180456738674597469&niet=4g&nisd=false&w=726&h=519&cols=3&ref=&cxurl=https%3A%2F%2Fwrivz1.blogspot.com%2F&lu=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&pageView=1&pvid=1793a47d5228a9430e7&implVersion=10&dpr=1 Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b04107f935eaf88f8598269e116f9964af17067a0a117019ba3585d9c486ad1e Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a8ebc78ee58-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed2f0000ee58283db000000001
GET H2	200	/ 6.adsco.re/	0 472 B	34ms 12ms	Other text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://to.xrivonet.info Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin http://to.xrivonet.info access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 64a66a8ece3a4e92-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed4100004e929390c000000001
GET H/1.1	200 OK	/ 4.adsco.re/	0 462 B	84ms 24ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://to.xrivonet.info Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	suurl.php Show response onclickgenius.com/script/	4 KB 1 KB	205ms 184ms	Script application/javascript	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2059055&cbrandom=0.047391319585025515&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=RivoRD&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash 8bbafefc854228363ff221332a1c7081884cf4d7f3cdef0ac1b5450d55635f02 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Transfer-Encoding chunked Server openresty Via 1.1 google Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	chrome.js Show response celeritascdn.com/script/	36 KB 12 KB	17ms 17ms	Script application/javascript	2606:4700::6810:5b06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://celeritascdn.com/script/chrome.js Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip CF-Cache-Status HIT Age 997 X-GUploader-UploadID ABg5-UyI37W8tz8yfF0mTbdYOrcF8YYHBVe_yU1V9KNq5sEk7zllZwdDbakhe9KKpDJMqYcmBAADg2dI8lNAlpdbNCfh43NIyQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 09dbe0ed2c00004ee5a5ba4000000001 Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server cloudflare ETag W/"ef6565ab259dafbc08468b4d0bb46762" Vary Accept-Encoding x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 37300 CF-RAY 64a66a8eab324ee5-FRA Expires Wed, 05 May 2021 06:07:36 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 978B	85 KB 28 KB	44ms 15ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://freefeds.com Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3732917 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 cf-request-id 09dbe0ed4e00004ee68f171000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DGsMc7vzqFVdaTxcwuPSKPJTqMXMzDMXes%2FRnnNGdNg0hm3xhI8oOz1nmxERynplUONe8HSrbHLRMbQui1YATDEIJ4LToniFPFdgys1EPqtmQDt6aaFsHNRErLjKrV%2B6sA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 64a66a8ee83d4ee6-FRA expires Mon, 25 Apr 2022 02:07:36 GMT
GET H2	404	showads.js foxcdn.life/ Frame 978B	0 0	49ms 16ms	Script text/html	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/showads.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	clappr.min.js Show response cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 978B	513 KB 138 KB	36ms 7ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 16758 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 141142 etag W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk" x-served-by cache-fra19122-FRA, cache-hhn4054-HHN date Wed, 05 May 2021 02:07:36 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	level-selector.min.js Show response cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 978B	28 KB 9 KB	42ms 13ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 8407 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 9513 etag W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko" x-served-by cache-fra19179-FRA, cache-hhn4054-HHN date Wed, 05 May 2021 02:07:36 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	nwm-dbh.min3.js Show response foxcdn.life/ Frame 978B	9 KB 4 KB	45ms 13ms	Script application/javascript	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/nwm-dbh.min3.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9e39f3702418e1e21cc8cd0b858268d4b183fc53ee42aa7b319cd12641be6a3 Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:36 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 7068 cf-polished origSize=11016 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed5300004e44dc8ae000000001 last-modified Fri, 19 Jun 2020 20:18:52 GMT server cloudflare etag W/"5eed1dac-2b08" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=crnsXIc3olNsoIbURD2O5xhjI7h9zOqwaEz6pa8yvbGuX5nk03tmeWMM5rPR2XXnQ47ox3JEF4DkZHoM1dgJ0AJ%2FkoNHi98xcPfSlP0ShAvl8jhmDkKpAg%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=14400 cf-ray 64a66a8eec3a4e44-FRA cf-bgj minify
GET H2	200	/ widgets.amung.us/draw/ Frame 978B Redirect Chain https://whos.amung.us/cwidget/freestreamon/000000ffffff.png https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=	1 KB 2 KB	33ms 13ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b16fae971d92ee4a467bee911ec79ed7f09707f669336d1403883d3d08726b1 Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT server cloudflare age 26788 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 content-disposition filename=wau-widget.png cf-ray 64a66a9269fd2c32-FRA cf-request-id 09dbe0ef8300002c3249adf000000001 expires Wed, 05 May 2021 18:41:09 GMT Redirect headers location https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= date Wed, 05 May 2021 02:07:37 GMT cache-control max-age=295 content-type text/html; charset=UTF-8
GET H3-29	200	js Show response www.googletagmanager.com/gtag/ Frame 978B	88 KB 35 KB	34ms 19ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-187547947-2 Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 60895ef9329d075604a9f709a87ba41d8469541c51dd98a8e96ea2d645bf8b1d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35789 x-xss-protection 0 last-modified Wed, 05 May 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 05 May 2021 02:07:37 GMT
GET H3-29	200	mediahosting.engine Show response engine.spotscenered.info/ Frame 7D46 Redirect Chain https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=54155&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=qsKLpbZ3vegx... https://engine.spotscenered.info/mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=...	843 B 4 KB	175ms 174ms	Document text/html	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://engine.spotscenered.info/mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&cu=&kw=&mw=728&mh=90 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.12.4.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ee35ec07f51f771d6040322136d0aa898ff69c21e06457f126bd0df63a79cea2 Request headers :method GET :authority engine.spotscenered.info :scheme https :path /mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&cu=&kw=&mw=728&mh=90 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://to.xrivonet.info/ accept-encoding gzip, deflate, br accept-language en-US cookie IKSR={}; IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; ISSH=5B019B; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; ISH=#{}; ISH_Q=#[]; VMI=6905fc6a-59fa-4265-9ab5-b1485d7732c6; IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; IPLH_Q=#[76297]; IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; IZH_Q=#[51054]; IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; IMH_Q=#[85243]; ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; ISPH_Q=#[12147]; ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; ICH_Q=#[38981] Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers date Wed, 05 May 2021 02:07:37 GMT content-type text/html; charset=utf-8 content-length 843 set-cookie __cfduid=d01c118dac8ee39fc89cd5cff5f0fa02f1620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.spotscenered.info; HttpOnly; SameSite=Lax IKSR={}; path=/; SameSite=None; secure IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ISSH=5B019B; path=/; SameSite=None; secure VMI=6905fc6a-59fa-4265-9ab5-b1485d7732c6; path=/; SameSite=None; secure IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[76297]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Wed, 05-May-2021 06:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[51054]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[85243]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[12147]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[38981]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly cache-control private, no-transform access-control-allow-origin * x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" cf-cache-status DYNAMIC cf-request-id 09dbe0ee08000005bfec8d7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 64a66a900ae905bf-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Wed, 05 May 2021 02:07:36 GMT content-type text/html; charset=utf-8 content-length 423 set-cookie __cfduid=d01c118dac8ee39fc89cd5cff5f0fa02f1620180456; expires=Fri, 04-Jun-21 02:07:36 GMT; path=/; domain=.spotscenered.info; HttpOnly; SameSite=Lax IKSR={}; path=/; SameSite=None; secure IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure ISSH=5B019B; path=/; SameSite=None; secure VMI=6905fc6a-59fa-4265-9ab5-b1485d7732c6; path=/; SameSite=None; secure IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[76297]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Wed, 05-May-2021 06:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH=#{}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[51054]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[85243]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[12147]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}]}; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[38981]; expires=Mon, 05-May-2031 02:07:36 GMT; path=/; SameSite=None; secure; HttpOnly cache-control private, no-transform location //engine.spotscenered.info/mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&cu=&kw=&mw=728&mh=90 access-control-allow-origin * x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" cf-cache-status DYNAMIC cf-request-id 09dbe0ed4c000005bf132c7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 64a66a8ed99405bf-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
POST H/1.1	200 OK	p Show response adsco.re/	0 417 B	42ms 30ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://to.xrivonet.info Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 462 B	41ms 29ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 7bce36180c66e68d9b9c5140aa9f582a6b4af212c5ef777db0e7cfaf5c965ca3 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	/ Show response 6.adsco.re/	53 B 670 B	24ms 12ms	XHR text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://to.xrivonet.info Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 64a66a8edd712b4d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ed4900002b4d88005000000001
POST H/1.1	200 OK	/ mdtk4qme8ekw.l4.adsco.re/	0 464 B	86ms 18ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://mdtk4qme8ekw.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 05 May 2021 02:07:36 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ mdtk4qme8ekw.n4.adsco.re/	0 464 B	9342ms 86ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://mdtk4qme8ekw.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 05 May 2021 02:07:46 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ mdtk4qme8ekw.s4.adsco.re/	0 464 B	696ms 179ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://mdtk4qme8ekw.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 , Romania, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 05 May 2021 02:07:37 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H/1.1	200 OK	/ Show response c.adsco.re/ Frame 4AD7	35 KB 14 KB	20ms 12ms	Document text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://to.xrivonet.info/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control public, max-age=2678400 Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Expires Sat, 05 Jun 2021 02:07:36 GMT ETag W/"49M/vRKXL5pROhm5uOGH7A==" Content-Encoding gzip CF-Cache-Status HIT Age 3733373 cf-request-id 09dbe0ed4a00002b89b28c0000000001 Vary Accept-Encoding Server cloudflare CF-RAY 64a66a8edf5a2b89-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	/ 6.adsco.re/ Frame 4AD7	0 664 B	11ms 11ms	Other text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://c.adsco.re Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://c.adsco.re Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 64a66a8fee562b4d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0edf100002b4d99146000000001
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 4AD7	0 456 B	25ms 24ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://4.adsco.re/ Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://c.adsco.re Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:36 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	32 B 216 B	212ms 205ms	Script text/javascript	67.202.94.94 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=rtnlniviutns&t=RivoRD&c=u&x=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&y=&a=0&d=1.483&v=27&r=5579 Requested by Host: widgets.amung.us URL: http://widgets.amung.us/colored.js Protocol HTTP/1.1 Server 67.202.94.94 , United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash d0c890e7b040a1f563b0b9791e47468b2042b8cec410f9c4e4dcf0db997127c0 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding gzip transfer-encoding chunked content-type text/javascript;charset=UTF-8
GET H3-29	404	showads.js foxcdn.life/ Frame 978B	0 0	24ms 13ms	Script text/html	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/showads.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	i.js Show response cm.mgid.com/	1 KB 1007 B	91ms 84ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1620180456993135773616 Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67440a1459841d55e5f7ec315adf9bc797abec24887b1973ad303d41d8d2d5bd Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT content-encoding br cf-cache-status DYNAMIC x-mg-request-uuid 721fb270-0aa2-4b7e-9613-8b21055a6ac4 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a904ac6cdc3-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ee300000cdc39eb84000000001 server cloudflare
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame 5B07	19 B 294 B	89ms 84ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1620180456996435348676 Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT content-encoding br cf-cache-status DYNAMIC x-mg-request-uuid 94464f07-1f7f-4958-a5d7-a8945889eabf expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a904ac7cdc3-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ee300000cdc3a6b24000000001 server cloudflare
GET H/1.1	200 OK	beacon.js Show response b.scorecardresearch.com/	1 KB 2 KB	29ms 16ms	Script application/javascript	65.9.84.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://b.scorecardresearch.com/beacon.js Requested by Host: jsc.mgid.com URL: http://jsc.mgid.com/x/r/xrivonet.info.266699.js?t=121452 Protocol HTTP/1.1 Server 65.9.84.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 Date Wed, 05 May 2021 01:48:23 GMT Via 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront) Last-Modified Fri, 26 Feb 2021 14:35:05 GMT Server AmazonS3 Age 1155 ETag "1827f116c73f319409b97f10b8a58ade" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop AMS1-C1 Accept-Ranges bytes Content-Length 1469 X-Amz-Cf-Id H29wiNMTE-SnGBAu6O-0GSqwf0v7kgH8tko9xk23OVCFV2TUK8hKxA==
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN... s-img.mgid.com/g/8164852/492x328/-/	22 KB 22 KB	48ms 46ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1620180456-zrLhTd_8w7gYuXspGBQfT7qv3YrjI9nhZEi1oPalgAA Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 380f8f8d-5761-450d-a582-efa629d0f97b age 1026741 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22712 cf-request-id 09dbe0ee2f0000ee58da3e4000000001 last-modified Mon, 08 Feb 2021 10:20:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d85ee58-CDG
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp s-img.mgid.com/g/8193499/492x328/125x507x492x328/	35 KB 36 KB	32ms 29ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1620180456-vhw_fXS39tf2tNM3dZvEq4LK-oDEqThANT-KHwkPji0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ca6a1deffca1b5641230245a8f4449da068519b436c439368f6dd8fd33a9c61 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 109c430c-fdf3-4296-af28-cc7671d4c2d6 age 1026694 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36220 cf-request-id 09dbe0ee300000ee584e01e000000001 last-modified Wed, 10 Feb 2021 07:15:53 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d87ee58-CDG
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp s-img.mgid.com/g/8164865/492x328/0x0x900x600/	21 KB 22 KB	48ms 46ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1620180456-14rWVEbryHVEPr8XoDhcJIUN0hZhcTxouUXJTNZjR38 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 6076d8da-21b5-43f5-a52c-bfcdaa40ce58 age 1026732 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21892 cf-request-id 09dbe0ee2f0000ee5848026000000001 last-modified Mon, 08 Feb 2021 10:20:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d84ee58-CDG
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE3OWYxZDljMzEwNmUxNTE4ZjE4YWUzOTlhZWM1MWI2LnBuZw.webp s-img.mgid.com/g/8164851/492x328/117x304x680x453/	23 KB 23 KB	43ms 42ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164851/492x328/117x304x680x453/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE3OWYxZDljMzEwNmUxNTE4ZjE4YWUzOTlhZWM1MWI2LnBuZw.webp?v=1620180456-BtWZZLWJR7wlhDX9swJcTaop7qgCul_x9uPBShvfhZ4 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da1a7b5ffccd6031eda5ee9d5452dd54942494f6d77dd51b0cc2febeccc4617a Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 6ddbd879-93f3-45e8-aff7-1d79c024c307 age 1026541 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23192 cf-request-id 09dbe0ee310000ee581d883000000001 last-modified Mon, 08 Feb 2021 10:20:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d8dee58-CDG
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UwMDBkYjZkYmVhMDYyOGM2YzQwY2VjMjA4ZjQ2YjQ2LmpwZWc.webp s-img.mgid.com/g/8164906/492x328/73x0x821x547/	24 KB 24 KB	37ms 37ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164906/492x328/73x0x821x547/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UwMDBkYjZkYmVhMDYyOGM2YzQwY2VjMjA4ZjQ2YjQ2LmpwZWc.webp?v=1620180456-tcLqb_ILvMtpgaRmf8hmVO9MIJna7A66Oym10HxLxqE Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd89af3e83639932a3436a1367a105a53cadf643ab95224ff2f351506187a64d Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 955cc604-4938-433a-ac8f-42f848e7dede age 1026453 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24404 cf-request-id 09dbe0ee300000ee58eb073000000001 last-modified Mon, 08 Feb 2021 10:20:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d8bee58-CDG
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp s-img.mgid.com/g/8164909/492x328/16x0x492x328/	10 KB 10 KB	27ms 26ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164909/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1620180456-018nyu6_4b1oXndVQgYoemvNIAGZBOIcO2wFe9cWJMY Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid b39f18dc-e236-4c4c-890e-db57098ddbe6 age 1026732 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10278 cf-request-id 09dbe0ee310000ee5838369000000001 last-modified Mon, 08 Feb 2021 10:20:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a904d8cee58-CDG
GET H3-29	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN... s-img.mgid.com/g/8164852/492x328/-/ Frame 818A	22 KB 23 KB	105ms 43ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1620180456-zrLhTd_8w7gYuXspGBQfT7qv3YrjI9nhZEi1oPalgAA Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 380f8f8d-5761-450d-a582-efa629d0f97b age 1026741 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22712 cf-request-id 09dbe0ee8a0000089f03b2f000000001 last-modified Mon, 08 Feb 2021 10:20:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90de36089f-CDG
GET H3-29	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp s-img.mgid.com/g/8193499/492x328/125x507x492x328/ Frame 818A	35 KB 36 KB	140ms 78ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1620180456-vhw_fXS39tf2tNM3dZvEq4LK-oDEqThANT-KHwkPji0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ca6a1deffca1b5641230245a8f4449da068519b436c439368f6dd8fd33a9c61 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 109c430c-fdf3-4296-af28-cc7671d4c2d6 age 1026694 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36220 cf-request-id 09dbe0ee8f0000089ff83f4000000001 last-modified Wed, 10 Feb 2021 07:15:53 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90de47089f-CDG
GET H3-29	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp s-img.mgid.com/g/8164865/492x328/0x0x900x600/ Frame 818A	21 KB 22 KB	95ms 33ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1620180456-14rWVEbryHVEPr8XoDhcJIUN0hZhcTxouUXJTNZjR38 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 6076d8da-21b5-43f5-a52c-bfcdaa40ce58 age 1026732 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21892 cf-request-id 09dbe0ee8f0000089f29361000000001 last-modified Mon, 08 Feb 2021 10:20:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90de45089f-CDG
GET H3-29	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE3OWYxZDljMzEwNmUxNTE4ZjE4YWUzOTlhZWM1MWI2LnBuZw.webp s-img.mgid.com/g/8164851/492x328/117x304x680x453/ Frame 818A	23 KB 23 KB	127ms 65ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164851/492x328/117x304x680x453/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE3OWYxZDljMzEwNmUxNTE4ZjE4YWUzOTlhZWM1MWI2LnBuZw.webp?v=1620180456-BtWZZLWJR7wlhDX9swJcTaop7qgCul_x9uPBShvfhZ4 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da1a7b5ffccd6031eda5ee9d5452dd54942494f6d77dd51b0cc2febeccc4617a Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 6ddbd879-93f3-45e8-aff7-1d79c024c307 age 1026541 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23192 cf-request-id 09dbe0ee8f0000089ffc195000000001 last-modified Mon, 08 Feb 2021 10:20:30 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90de38089f-CDG
GET H3-29	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UwMDBkYjZkYmVhMDYyOGM2YzQwY2VjMjA4ZjQ2YjQ2LmpwZWc.webp s-img.mgid.com/g/8164906/492x328/73x0x821x547/ Frame 818A	24 KB 24 KB	171ms 108ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164906/492x328/73x0x821x547/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UwMDBkYjZkYmVhMDYyOGM2YzQwY2VjMjA4ZjQ2YjQ2LmpwZWc.webp?v=1620180456-tcLqb_ILvMtpgaRmf8hmVO9MIJna7A66Oym10HxLxqE Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd89af3e83639932a3436a1367a105a53cadf643ab95224ff2f351506187a64d Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid 955cc604-4938-433a-ac8f-42f848e7dede age 1026453 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24404 cf-request-id 09dbe0ee900000089ff4946000000001 last-modified Mon, 08 Feb 2021 10:20:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90de48089f-CDG
GET H3-29	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp s-img.mgid.com/g/8164909/492x328/16x0x492x328/ Frame 818A	10 KB 11 KB	175ms 113ms	Image image/webp	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/8164909/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1620180456-018nyu6_4b1oXndVQgYoemvNIAGZBOIcO2wFe9cWJMY Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT x-mg-request-uuid b39f18dc-e236-4c4c-890e-db57098ddbe6 age 1026732 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10278 cf-request-id 09dbe0ee920000089f150ab000000001 last-modified Mon, 08 Feb 2021 10:20:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 64a66a90ee4e089f-CDG
GET H/1.1	200 OK	/ Show response c.adsco.re/ Frame 4AD7	35 KB 14 KB	19ms 16ms	XHR text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:37 GMT Content-Encoding gzip CF-Cache-Status HIT Age 3733374 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ee3400002b89809e3000000001 Server cloudflare ETag W/"49M/vRKXL5pROhm5uOGH7A==" Vary Accept-Encoding Content-Type text/html Cache-Control public, max-age=2678400 CF-RAY 64a66a9058bd2b89-FRA Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Expires Sat, 05 Jun 2021 02:07:37 GMT
GET H3-29	200	ba.js Show response cdn.engine.spotscenered.info/scripts/ Frame 2CEF Redirect Chain http://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 https://cdn.engine.spotscenered.info/scripts/ba.js?z=51036	2 KB 1 KB	23ms 20ms	Script application/x-javascript	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 Requested by Host: bc.psntvs.me URL: http://bc.psntvs.me/publi.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c6b6062377a346a2369e2c6c66739388b46f98d2ab8f6f60f2f39d8f7c0d89b9 Request headers Referer http://bc.psntvs.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding br cf-cache-status HIT age 935 x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ee85000005bfd12ad000000001 last-modified Wed, 05 May 2021 01:49:40 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary *, Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1200 cf-ray 64a66a90dbab05bf-FRA expires Wed, 05 May 2021 02:27:37 GMT Redirect headers Date Wed, 05 May 2021 02:07:37 GMT Server cloudflare Vary Accept-Encoding Location https://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 Connection keep-alive CF-RAY 64a66a905cbd1f21-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 0 cf-request-id 09dbe0ee3400001f212a89b000000001
GET H/1.1	200 OK	/ Show response d4ngwggzm3w7j.cloudfront.net/ Frame 2CEF	150 KB 66 KB	335ms 319ms	Script text/plain	13.225.84.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d4ngwggzm3w7j.cloudfront.net/?gwgnd=622075 Requested by Host: bc.psntvs.me URL: http://bc.psntvs.me/publi.html Protocol HTTP/1.1 Server 13.225.84.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-61.fra2.r.cloudfront.net Software / Resource Hash 6782d3451830cc2e3dbb16e1558f2dcba038b3196fed5ecdcebaa7b28ea97fad Request headers Referer http://bc.psntvs.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 May 2021 02:07:37 GMT content-encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 67316 Via 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront) X-Amz-Cf-Id DT90AeBUYMCW2_1oLcgD3imJdffObtgWs-wsHKGSbQlH5YpLLeHLdw==
GET H/1.1	200 OK	bQ2JGGVzTpqfCfcTZWay1Q.json Show response e10.cdnfoxtv.me/ingestnb4s/ Frame 978B	305 B 695 B	199ms 81ms	XHR application/json	45.134.13.12 INT-NETWORK
General Check archive.org Show headers Download Go to Full URL https://e10.cdnfoxtv.me/ingestnb4s/bQ2JGGVzTpqfCfcTZWay1Q.json Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.134.13.12 , Russian Federation, ASN202425 (INT-NETWORK, SC), Reverse DNS Software nginx/1.17.9 / Resource Hash 7adb55e785b557c53f00fafb40db5a1cf84076074d55ccdf1488ffc81a555923 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:37 GMT Last-Modified Wed, 05 May 2021 02:07:12 GMT Server nginx/1.17.9 ETag "6091fdd0-131" Content-Type application/json Access-Control-Allow-Origin * Expires Wed, 05 May 2021 02:07:39 GMT Cache-Control max-age=2, public Connection keep-alive Accept-Ranges bytes Content-Length 305 X-Proxy-Cache EXPIRED
GET		15d6ce62d0f01528c7478f7446d71678.js smokingpetty.com/15/d6/ce/ Frame 978B	0 0
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9=	64 B 330 B	66ms 65ms	Image image/gif	13.224.111.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9= Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.111.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-111-48.mad50.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT via 1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront) x-amz-cf-pop MAD50-C1 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id vAi_t2kLi70eYPR_F3XLq_G-irIDDfOBrHYyNvuSOefDkfJ-qcZx1w== Redirect headers date Wed, 05 May 2021 02:07:37 GMT via 1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront) x-amz-cf-pop MAD50-C1 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1620180457100&ns_c=UTF-8&cv=3.5&c8=RivoRD&c7=http%3A%2F%2Fto.xrivonet.info%2Ftdn3.html&c9= content-length 178 x-amz-cf-id rAPRJPiZADUThTIjx97g7i2a3z9RiilzQewVYlEkEQ3eVrypdRRTLQ==
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 54D0 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu	281 B 554 B	64ms 18ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1620180456993135773616 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://to.xrivonet.info/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://to.xrivonet.info/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Wed, 05 May 2021 02:07:37 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Date Wed, 05 May 2021 02:07:37 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	m cm.mgid.com/ Redirect Chain https://creativecdn.com/cm-notify?pi=mgid https://creativecdn.com/cm-notify?pi=mgid&tc=1 https://cm.mgid.com/m?cdsp=501037&c=7CqB5IgWsmuX2E8o9H6P&pi=mgid&tc=1	43 B 629 B	84ms 83ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=501037&c=7CqB5IgWsmuX2E8o9H6P&pi=mgid&tc=1 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT cf-cache-status DYNAMIC x-mg-request-uuid 0cd43467-9623-424f-9690-88cb5559602d expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a916ee0089f-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0eee10000089fa8839000000001 server cloudflare Redirect headers location https://cm.mgid.com/m?cdsp=501037&c=7CqB5IgWsmuX2E8o9H6P&pi=mgid&tc=1 pragma no-cache date Wed, 05 May 2021 02:07:37 GMT, Wed, 05 May 2021 02:07:37 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ cm.idealmedia.io/setmuidn/	0 555 B	175ms 123ms	Image image/gif	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.idealmedia.io/setmuidn/?muidf=l44AsVVdLs7j Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 64a66a915d5a32bf-CDG p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif cf-request-id 09dbe0eed2000032bf4a0b5000000001
GET H2	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ0QXNWVmRMczdq&muidn=l44AsVVdLs7j https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQ0QXNWVmRMczdq&muidn=l44AsVVdLs7j&google_tc= https://cm.mgid.com/google?muidn=l44AsVVdLs7j&google_error=3	0 176 B	80ms 79ms	Image text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=l44AsVVdLs7j&google_error=3 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type text/plain cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a91cc72cdc3-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ef1e0000cdc3d78e0000000001 Redirect headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.mgid.com/google?muidn=l44AsVVdLs7j&google_error=3 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 261 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync x.bidswitch.net/ul_cb/ Redirect Chain https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid	43 B 145 B	29ms 21ms	Image image/gif	52.58.45.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?ssp=mgid Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.45.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-45-227.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?ssp=mgid date Wed, 05 May 2021 02:07:37 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	bidswitch.gif sync.admanmedia.com/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=l44AsVVdLs7j https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l44AsVVdLs7j https://sync.admanmedia.com/bidswitch.gif?puid=&redir=[RED]	42 B 431 B	302ms 101ms	Image image/gif	88.214.205.108 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://sync.admanmedia.com/bidswitch.gif?puid=&redir=[RED] Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.214.205.108 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 May 2021 02:07:37 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0 Redirect headers location //sync.admanmedia.com/bidswitch.gif?puid=&redir=[RED] date Wed, 05 May 2021 02:07:37 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3-29	200	m cm.mgid.com/ Redirect Chain https://rtb-usw.mfadsrvr.com/sync?ssp=mgid https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid https://cm.mgid.com/m?cdsp=287839&c=c90bacfb-3194-46f9-a4a8-265b12226b14	43 B 660 B	82ms 81ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=287839&c=c90bacfb-3194-46f9-a4a8-265b12226b14 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT cf-cache-status DYNAMIC x-mg-request-uuid bb14a061-cbb0-499f-b7bd-2a0e9c32f95f expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a955b09089f-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0f1580000089fdfa32000000001 server cloudflare Redirect headers location //cm.mgid.com/m?cdsp=287839&c=c90bacfb-3194-46f9-a4a8-265b12226b14 date Wed, 05 May 2021 02:07:37 GMT cache-control no-cache, no-store, must-revalidate alt-svc clear content-length 0 via 1.1 google
GET H3-29	200	m cm.mgid.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 https://cm.mgid.com/m?cdsp=371158&c=aac3fcd0-5725-4834-9c5c-a174967835df&ttl=1622772457	43 B 645 B	81ms 80ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=371158&c=aac3fcd0-5725-4834-9c5c-a174967835df&ttl=1622772457 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT cf-cache-status DYNAMIC x-mg-request-uuid fe9c995b-dd7c-4ca6-9154-e3df8d410697 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a929804089f-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0efa30000089fdfa1f000000001 server cloudflare Redirect headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.mgid.com/m?cdsp=371158&c=aac3fcd0-5725-4834-9c5c-a174967835df&ttl=1622772457 cache-control private,no-cache, must-revalidate content-type text/html content-length 205
GET H2	200	/ cm.lentainform.com/setmuidn/	0 623 B	129ms 83ms	Image image/gif	104.19.216.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.lentainform.com/setmuidn/?muidf=l44AsVVdLs7j Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:37 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 64a66a923be5b769-CDG p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0ef640000b7697d21d000000001
GET H3-29	200	analytics.js Show response www.google-analytics.com/ Frame 978B	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 2262 date Wed, 05 May 2021 01:29:55 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Wed, 05 May 2021 03:29:55 GMT
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response code.jquery.com/ Frame 2CEF	95 KB 33 KB	7ms 6ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.12.4.min.js Requested by Host: cdn.engine.spotscenered.info URL: http://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 Protocol HTTP/1.1 Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Referer http://bc.psntvs.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:37 GMT Content-Encoding gzip Last-Modified Fri, 20 May 2016 17:18:54 GMT Server nginx ETag W/"573f46fe-17b8b" Vary Accept-Encoding X-HW 1620180456.dop216.fr8.t,1620180457.cds167.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 33738
GET H3-29	200	banner.engine Show response engine.spotscenered.info/ Frame 2CEF	3 KB 5 KB	380ms 378ms	Script text/html	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://engine.spotscenered.info/banner.engine?id=0480c52b-5c68-4b25-963c-0861ecd966b7&z=51036&cid=b9c&rand=87125&ver=async&time=-120&referrerurl=http%3A%2F%2Fto.xrivonet.info%2F&abr=false&curl=http%3A%2F%2Fto.xrivonet.info%2F Requested by Host: cdn.engine.spotscenered.info URL: http://cdn.engine.spotscenered.info/scripts/ba.js?z=51036 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 64bd04c385922a80ddcd05c6ed3ca51072abf16e4d4e089b146aaee4004c5fc6 Request headers Referer http://bc.psntvs.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding gzip cf-cache-status DYNAMIC alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="CAO PSA OUR IND" access-control-allow-origin * cache-control private, no-transform cf-ray 64a66a914c1905bf-FRA content-type text/html; charset=utf-8 cf-request-id 09dbe0eeca000005bf01bef000000001
GET H2	200	m85243.png mediasply.com/ Frame 7D46	40 KB 41 KB	72ms 24ms	Image image/png	2606:4700::6811:e65b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mediasply.com/m85243.png Requested by Host: engine.spotscenered.info URL: https://engine.spotscenered.info/mediahosting.engine?MediaId=85243&AId=8924&CId=38981&PId=76297&SiteId=12147&ZoneId=51054&VolumeMetricId=6905fc6a-59fa-4265-9ab5-b1485d7732c6&PassBackUrl=&res=&dcid=1_ctx_995c1f95-d749-4f2c-9366-c6a74b474808&cu=&kw=&mw=728&mh=90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e65b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3ea20652919fa5cae19367b3aa6d5365c0134e7a78a7a04be4aa16aec997d3c Request headers Referer https://engine.spotscenered.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT via 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) cf-cache-status HIT age 75754 x-cache Miss from cloudfront x-amz-storage-class REDUCED_REDUNDANCY content-length 41026 cf-request-id 09dbe0eef5000005e49013b000000001 last-modified Tue, 19 Mar 2019 13:30:13 GMT server cloudflare etag "6f645ddd209b552665975f06c399e6eb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=86400 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 64a66a918b2105e4-FRA x-amz-cf-id LVXw1mIiEp7mPFes_jj_QHtgMHaSwGGO-Pc73bw7zVFhKUVH7Oc0mg==
GET H/1.1	200 OK	/ widgets.amung.us/colwid/	3 KB 4 KB	11ms 10ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://widgets.amung.us/colwid/?c=ffc20e000000 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol HTTP/1.1 Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 661c696659df6d576a75b9f65e11a05995760c8bc0e4aeec85e00a977bc7d2e7 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:37 GMT CF-Cache-Status HIT Server cloudflare Age 142509 Vary Accept-Encoding Content-Type image/png access-control-allow-origin * cache-control max-age=432000 Transfer-Encoding chunked content-disposition filename=wau-widget.png Connection keep-alive CF-RAY 64a66a9209cb2c4a-FRA cf-request-id 09dbe0ef4800002c4ac9815000000001 expires Tue, 04 May 2021 10:32:28 GMT
POST H/1.1	200 OK	p Show response adsco.re/	360 B 857 B	42ms 41ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 7e9ff9c32de62210d972f265efc8d061409dbe2df6a519f31a01e31679c4623e Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers AS-P-G OK Date Wed, 05 May 2021 02:07:37 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://to.xrivonet.info Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 54D0	30 KB 9 KB	21ms 20ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09 Request headers Referer https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 05 May 2021 02:07:37 GMT Content-Encoding gzip Last-Modified Wed, 28 Apr 2021 21:43:33 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=35214 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9235 Expires Wed, 05 May 2021 11:54:31 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 54D0	284 B 536 B	95ms 24ms	Image image/jpg	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d Content-Type image/jpg
GET H/1.1	403 Forbidden	master.m3u8 Show response unidfpclnlds141.akamaized.net/linear/hls/pa/event/bQ2JGGVzTpqfCfcTZWay1Q/stream/23999b5e-5fa6-4797-9006-42b38dffd987:BRU/ Frame 978B	437 B 926 B	43ms 7ms	XHR text/html	2a02:26f0:120::211:7ba0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://unidfpclnlds141.akamaized.net/linear/hls/pa/event/bQ2JGGVzTpqfCfcTZWay1Q/stream/23999b5e-5fa6-4797-9006-42b38dffd987:BRU/master.m3u8?hdnea=st=1620180432~exp=1620180732~acl=*~id=76698b7d-7488-4510-add0-11cf1e64b13f~hmac=56ba92cdb25c61c5b72cef4b0804922c613bd4219c8f716badfe1f2e832ac651 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:26f0:120::211:7ba0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiGHost / Resource Hash 9920d86aee39d30d39b346020caa365ecdb5f84563ebf19e41fb53ae6f35231b Request headers Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 May 2021 02:07:37 GMT Server AkamaiGHost Mime-Version 1.0 Connection keep-alive Content-Type text/html Access-Control-Allow-Origin https://freefeds.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Akamai-Mon-Iucid-Del 718646 Alt-Svc h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 437 Expires Wed, 05 May 2021 02:07:37 GMT
GET H2	200	38861cba61c66739c1452c3a71e39852.ttf cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 978B	32 KB 19 KB	20ms 6ms	Font font/ttf	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/clappr@latest/dist/38861cba61c66739c1452c3a71e39852.ttf Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://freefeds.com Referer https://freefeds.com/stream/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 11146 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 18775 etag W/"7f8c-Sx71jkdreJyXUhg0q996L9ZtbK8" x-served-by cache-fra19146-FRA, cache-hhn4030-HHN date Wed, 05 May 2021 02:07:37 GMT vary Accept-Encoding content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	71834.html Show response freefeds.com/stream/2/ Frame 978B	13 KB 5 KB	29ms 29ms	Document text/html	2606:4700:3038::6815:eb33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freefeds.com/stream/2/71834.html Requested by Host: freefeds.com URL: https://freefeds.com/stream/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90239e6b28ff5d88a5fc32d0ea4575badff3c30902853458195eac7f7a1b6d04 Request headers :method GET :authority freefeds.com :scheme https :path /stream/2/71834.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://freefeds.com/stream/71834.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://freefeds.com/stream/71834.html Response headers date Wed, 05 May 2021 02:07:37 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=df177edea8ff54b332dd21c106d6f96441620180457; expires=Fri, 04-Jun-21 02:07:37 GMT; path=/; domain=.freefeds.com; HttpOnly; SameSite=Lax; Secure vary Accept-Encoding x-proxy-cache HIT referrer-policy no-referrer-when-downgrade cf-cache-status DYNAMIC cf-request-id 09dbe0efb400004e2c6597e000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3g3PVi3tQEc4xFZ25wM%2Bqa8VzNga18v9tU9Ab2c8CI6Rz9VEvll%2Fp1p%2BHsrxH2eBQdydKKc%2FRl359oVcPoX3N%2BNb%2BDPa3OpVTxndYDceZ1YwDHAnphh%2FTrA%3D"}],"max_age":604800,"group":"cf-nel"} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 64a66a92bed44e2c-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	c Show response serve.popads.net/	44 B 245 B	138ms 126ms	Script text/javascript	216.21.13.16 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://serve.popads.net/c?_=BAoAYJH96QFgkf3pgAGBAsAAIHsoiI6R8-wzOkEdBZtrBOW5cE66wehYJCjU99hxImLGwQBGMEQCIDWrZvGfxciamTMFspxVZCIiM8eeP9umyNHYPXc0S14OAiBjMKwC-vYZHC2JtP-jZjnGu68lsSnrgbuL3QrSLC7BBcIAICio8PXLE3iELEfZL1l8q1DcHqozBgz9oeKMxY9LyaFpxAAQKgEE-AEhExoAAAAAAAAAAsUAEDPa0AMjHeePgXtzLzOipIvDAEYwRAIgIDqdyiPZnYpWxrO8vkUf7MDuPyjnZkleTrKXQ2ZG6HwCIBRL8my-3T4Vk9kDopkvSWr8YfY74xBIujftNmq7A_-F&v=4&siteId=2082502&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol HTTP/1.1 Server 216.21.13.16 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:37 GMT PopAds-EC ASB ASF 9 Connection Keep-Alive Content-Length 44 Content-Type text/javascript;charset=UTF-8
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 978B	85 KB 27 KB	13ms 12ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://freefeds.com Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3732918 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 cf-request-id 09dbe0efd700004ee69294b000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QSE6aGb7D372VqLogXR6L3silskGYyYMqAI9lR7fomhucUEo%2BbKT9fympGZxp9%2BWuXUqP1L4izK5IOaZbLn3Cx%2BbWtAY2ZoEIpSbjqmQrorsOsGbzePAJiyjM8WO4RujdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 64a66a92fca14ee6-FRA expires Mon, 25 Apr 2022 02:07:37 GMT
GET H2	404	showads.js foxcdn.life/ Frame 978B	0 0	13ms 13ms	Script text/html	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/showads.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	nwm-dbh.min3.js Show response foxcdn.life/ Frame 978B	9 KB 4 KB	12ms 11ms	Script application/javascript	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/nwm-dbh.min3.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9e39f3702418e1e21cc8cd0b858268d4b183fc53ee42aa7b319cd12641be6a3 Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 7069 cf-polished origSize=11016 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0efd700004e44c3823000000001 last-modified Fri, 19 Jun 2020 20:18:52 GMT server cloudflare etag W/"5eed1dac-2b08" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vMeWid131dDk2LRVSGYIvuVCOhb8K%2Fvm%2Fcv2Z2%2Bzhdjp2saza2S70dQvQ8bwXM6%2FC4DOJFIvZsoE%2BHMcgEIOSe7G8YTkh57lwQMuqUxfMWMUogaAvTAqWQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=14400 cf-ray 64a66a92f8ef4e44-FRA cf-bgj minify
GET H2	200	/ widgets.amung.us/draw/ Frame 978B Redirect Chain https://whos.amung.us/cwidget/freestreamon/000000ffffff.png https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=	1 KB 2 KB	13ms 13ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b16fae971d92ee4a467bee911ec79ed7f09707f669336d1403883d3d08726b1 Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT server cloudflare age 26788 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 content-disposition filename=wau-widget.png cf-ray 64a66a93eb482c32-FRA cf-request-id 09dbe0f07600002c3265069000000001 expires Wed, 05 May 2021 18:41:09 GMT Redirect headers location https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= date Wed, 05 May 2021 02:07:37 GMT cache-control max-age=295 content-type text/html; charset=UTF-8
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 978B	88 KB 35 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-187547947-2 Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 89321b9830eef37195479f9038ac263cc167b600f57d0f9f2833b40c5cc52266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35870 x-xss-protection 0 last-modified Wed, 05 May 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 05 May 2021 02:07:37 GMT
GET H3-29	404	showads.js foxcdn.life/ Frame 978B	0 0	12ms 12ms	Script text/html	2606:4700:3031::ac43:9205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foxcdn.life/showads.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	403 Forbidden	15d6ce62d0f01528c7478f7446d71678.js smokingpetty.com/15/d6/ce/ Frame 978B	0 0	103ms 103ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://smokingpetty.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 05 May 2021 02:07:37 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 978B	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-187547947-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 2262 date Wed, 05 May 2021 01:29:55 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Wed, 05 May 2021 03:29:55 GMT
GET H3-29	200	mediahosting.engine Show response engine.spotscenered.info/ Frame 672B Redirect Chain https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=56118&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=n5o1p59f1GFA... https://engine.spotscenered.info/mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=...	843 B 4 KB	161ms 159ms	Document text/html	2606:4700::6812:603c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://engine.spotscenered.info/mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&cu=&kw=&mw=300&mh=250 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.12.4.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:603c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ad17d9281178026a0950a2fc59616e38388cf383acf4d8bb09cf00cb609add48 Request headers :method GET :authority engine.spotscenered.info :scheme https :path /mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&cu=&kw=&mw=300&mh=250 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://bc.psntvs.me/ accept-encoding gzip, deflate, br accept-language en-US cookie IKSR={}; IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; ISSH=5B019B; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; ISH=#{}; ISH_Q=#[]; VMI=fbc840c8-a2c1-44ac-b7d5-ee3e39520743; IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"79660":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; IPLH_Q=#[76297,79660]; IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"51036":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; IZH_Q=#[51054,51036]; IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"90509":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; IMH_Q=#[85243,90509]; ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"},{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; ISPH_Q=#[12147,12147]; ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"40167":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; ICH_Q=#[38981,40167] Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://bc.psntvs.me/ Response headers date Wed, 05 May 2021 02:07:37 GMT content-type text/html; charset=utf-8 content-length 843 set-cookie __cfduid=d555b4d47a45e38d87627e6cb8c2083841620180457; expires=Fri, 04-Jun-21 02:07:37 GMT; path=/; domain=.spotscenered.info; HttpOnly; SameSite=Lax IKSR={}; path=/; SameSite=None; secure IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ISSH=5B019B; path=/; SameSite=None; secure VMI=fbc840c8-a2c1-44ac-b7d5-ee3e39520743; path=/; SameSite=None; secure IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"79660":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[76297,79660]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Wed, 05-May-2021 06:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"51036":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[51054,51036]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"90509":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[85243,90509]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"},{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[12147,12147]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"40167":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[38981,40167]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly cache-control private, no-transform access-control-allow-origin * x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" cf-cache-status DYNAMIC cf-request-id 09dbe0f0fa000005bfd6391000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 64a66a94cfda05bf-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Wed, 05 May 2021 02:07:37 GMT content-type text/html; charset=utf-8 content-length 424 set-cookie __cfduid=d555b4d47a45e38d87627e6cb8c2083841620180457; expires=Fri, 04-Jun-21 02:07:37 GMT; path=/; domain=.spotscenered.info; HttpOnly; SameSite=Lax IKSR={}; path=/; SameSite=None; secure IUID=5449711e-a555-40e4-bc6c-b92ae5df376e; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ISSH=5B019B; path=/; SameSite=None; secure VMI=fbc840c8-a2c1-44ac-b7d5-ee3e39520743; path=/; SameSite=None; secure IPLH=#{"76297":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"79660":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[76297,79660]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Wed, 05-May-2021 06:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{"51054":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"51036":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[51054,51036]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{"85243":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"90509":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[85243,90509]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{"12147":[{"SId":"5B019B","D":"2021-05-04T19:07:36"},{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[12147,12147]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{"38981":[{"SId":"5B019B","D":"2021-05-04T19:07:36"}],"40167":[{"SId":"5B019B","D":"2021-05-04T19:07:37"}]}; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[38981,40167]; expires=Mon, 05-May-2031 02:07:37 GMT; path=/; SameSite=None; secure; HttpOnly cache-control private, no-transform location //engine.spotscenered.info/mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&cu=&kw=&mw=300&mh=250 access-control-allow-origin * x-powered-by ASP.NET p3p CP="CAO PSA OUR IND" cf-cache-status DYNAMIC cf-request-id 09dbe0f04a000005bfc2872000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 64a66a93aec405bf-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	espnlo.htm Show response dcn.espncdn.shop/ Frame C20F	457 B 902 B	124ms 100ms	Document text/html	2606:4700:3036::6815:200b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dcn.espncdn.shop/espnlo.htm Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:200b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c2b817a1cc01386b7c489eb9c87c29c076ab3ae4c6b83c962832d0afc78617c Request headers :method GET :authority dcn.espncdn.shop :scheme https :path /espnlo.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://freefeds.com/stream/2/71834.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://freefeds.com/stream/2/71834.html Response headers date Wed, 05 May 2021 02:07:37 GMT content-type text/html set-cookie __cfduid=d29e7c264301c79c556d11d0fa5c5cec31620180457; expires=Fri, 04-Jun-21 02:07:37 GMT; path=/; domain=.espncdn.shop; HttpOnly; SameSite=Lax; Secure last-modified Tue, 04 May 2021 04:31:42 GMT cf-cache-status DYNAMIC cf-request-id 09dbe0f0890000e00b8d272000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJv7m0PVZ%2FoNw86MXOdEDKbdYrAmB%2B3yPlXRv62y1NxU5Mu3nAKdmksW%2BxiVA6ROhD7KQ%2FdLXMYJZMkayH1wn9E0eYDX%2FfrBN6cxNJYzquP0elAxpkF02zfJ3cAI"}],"group":"cf-nel","max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 64a66a940c68e00b-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ widgets.amung.us/draw/ Frame 978B Redirect Chain https://whos.amung.us/cwidget/freestreamon/000000ffffff.png?1620180457000 https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p=	1 KB 2 KB	12ms 12ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= Requested by Host: freefeds.com URL: https://freefeds.com/stream/2/71834.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b16fae971d92ee4a467bee911ec79ed7f09707f669336d1403883d3d08726b1 Request headers Referer https://freefeds.com/stream/2/71834.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT cf-cache-status HIT server cloudflare age 26788 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 content-disposition filename=wau-widget.png cf-ray 64a66a949bf12c32-FRA cf-request-id 09dbe0f0e300002c326c321000000001 expires Wed, 05 May 2021 18:41:09 GMT Redirect headers location https://widgets.amung.us/draw/?w=colored&n=91300&c=000000ffffff&p= date Wed, 05 May 2021 02:07:37 GMT cache-control max-age=295 content-type text/html; charset=UTF-8
GET		redirect samyarct.top/ Frame 8C15	0 0
GET H2	200	m90509.jpg mediasply.com/ Frame 672B	19 KB 19 KB	16ms 16ms	Image image/jpeg	2606:4700::6811:e65b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mediasply.com/m90509.jpg Requested by Host: engine.spotscenered.info URL: https://engine.spotscenered.info/mediahosting.engine?MediaId=90509&AId=8924&CId=40167&PId=79660&SiteId=12147&ZoneId=51036&VolumeMetricId=fbc840c8-a2c1-44ac-b7d5-ee3e39520743&PassBackUrl=&res=&dcid=1_ctx_7fafa104-ef58-4012-8e44-0bf6517aab81&cu=&kw=&mw=300&mh=250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e65b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26c0b906c1965168545d277078d4d8407bfba0ee4a019fd44de423a62f7254f9 Request headers Referer https://engine.spotscenered.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 05 May 2021 02:07:37 GMT via 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront) cf-cache-status HIT age 35038 x-cache RefreshHit from cloudfront x-amz-storage-class REDUCED_REDUNDANCY content-length 19271 cf-request-id 09dbe0f1a0000005e4df08f000000001 last-modified Mon, 22 Jul 2019 11:43:47 GMT server cloudflare etag "e61ff935f0e2537bbaffb2420714479a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 64a66a95cfe405e4-FRA x-amz-cf-id -P_wd96sQi9xqpsefLtTtKjvH7nhMT6UjlhdwpkSSdUkNKQd9VYHcg== cf-bgj h2pri
GET H2	200	c c.mgid.com/ Frame 818A	43 B 587 B	79ms 79ms	Image image/gif	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/c?f=1&pv=3&v=235|237|12|CIKWMDk4O2XJYS4mS_97MOXnmm5Q9Lv3jZG57x1OP0rbp99aRkJVNmV6bqDAx2pn&fw=1&extjs=66044&v=235|259|12|CIKWMDk4O2XJYS4mS_97MClVtsTJRPQcnp3f8BV1fEOV_hpQh3XuOW9fMtpxOrE7&v=235|237|12|CIKWMDk4O2XJYS4mS_97MOUjhAmL1ifEPjOJdKd_YtBiWBlnQrGtWuO7RNzK0McF&v=235|237|12|CIKWMDk4O2XJYS4mS_97MAdfn80mGP0DBIhTeVRumC4-POuI_cOoH2StUsIcHWv0&v=235|259|12|CIKWMDk4O2XJYS4mS_97MHyVa3Js0Lr6R_JXvaX1tv0YH9td12-mpJjlM1qm9PTx&v=235|259|12|CIKWMDk4O2XJYS4mS_97MFn-9MCY-5UJvOi5VsILfvrEVO4Q6kRj9NvnDzur4Bik&cid=266699&h2=T3PpgQ7NTzV6aU5o5Gj-0t0mvX6FnP6feFrnyrMA-M8*&rid=a97eb3cc-ad46-11eb-91aa-d094662c1c35&tt=Direct&iv=10&pageImp=1&cbuster=1620180458238120528499&tpl=0 Requested by Host: to.xrivonet.info URL: http://to.xrivonet.info/tdn3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://to.xrivonet.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 05 May 2021 02:07:38 GMT cf-cache-status DYNAMIC x-mg-request-uuid 854a9a7f-ae8f-4f9d-9e09-f9490d6871ce expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 64a66a980ae9ee58-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09dbe0f3060000ee58c805c000000001 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

st.chatango.com

URL

http://st.chatango.com/js/gz/emb.js

Domain

smokingpetty.com

URL

https://smokingpetty.com/15/d6/ce/15d6ce62d0f01528c7478f7446d71678.js

Domain

samyarct.top

URL

https://samyarct.top/redirect?tid=891581&file=Watch_Live