secure.crictime.com Open in urlscan Pro
185.112.157.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.crictime.com/
Submission: On December 01 via automatic, source certstream-suspicious (December 1st 2020, 9:19:32 am UTC)

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 35 HTTP transactions. The main IP is 185.112.157.130, located in Hungary and belongs to SERVERGARDEN-AS Servergarden Kft., HU. The main domain is secure.crictime.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2020. Valid for: 3 months.

This is the only time secure.crictime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.112.157.130 185.112.157.130	47381 (SERVERGAR...) (SERVERGARDEN-AS Servergarden Kft.)
1	35.190.39.246 35.190.39.246	15169 (GOOGLE) (GOOGLE)
4	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	139.45.196.198 139.45.196.198	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
9	104.19.138.80 104.19.138.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2 2	52.50.156.162 52.50.156.162	16509 (AMAZON-02) (AMAZON-02)
3	35.190.74.222 35.190.74.222	15169 (GOOGLE) (GOOGLE)
35	12

3 185.112.157.130 (Hungary)

ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU)

secure.crictime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.crictime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.246 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com

steadfastsound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

qfdn3gyfbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.196.198 (Ascension Island)

ASN9002 (RETN-AS, EU)

sendmepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.138.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.156.162 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-156-162.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.74.222 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 222.74.190.35.bc.googleusercontent.com

parcelcreature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	steepto.com cdn.steepto.com cm.steepto.com s-img.steepto.com	127 KB
9	sendmepush.com sendmepush.com	68 KB
4	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com c.mgid.com	57 KB
3	parcelcreature.com parcelcreature.com	1 KB
3	crictime.com secure.crictime.com cdn.crictime.com	11 KB
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googlesyndication.com tpc.googlesyndication.com
1	doubleclick.net ad.doubleclick.net	645 B
1	gstatic.com fonts.gstatic.com	19 KB
1	qfdn3gyfbs.com qfdn3gyfbs.com
1	steadfastsound.com steadfastsound.com	29 KB
35	12

	Domain	Requested by
9	sendmepush.com	secure.crictime.com sendmepush.com
6	s-img.steepto.com	secure.crictime.com
3	parcelcreature.com	steadfastsound.com
2	match.adsrvr.org	2 redirects
2	cm.steepto.com	jsc.mgid.com
2	www.google-analytics.com	secure.crictime.com www.google-analytics.com
2	secure.crictime.com	secure.crictime.com
1	c.mgid.com
1	cm.mgid.com	secure.crictime.com
1	tpc.googlesyndication.com	steadfastsound.com
1	ad.doubleclick.net	steadfastsound.com
1	servicer.mgid.com	jsc.mgid.com
1	fonts.gstatic.com	secure.crictime.com
1	cdn.steepto.com	secure.crictime.com
1	qfdn3gyfbs.com	secure.crictime.com
1	jsc.mgid.com	secure.crictime.com
1	steadfastsound.com	secure.crictime.com
1	cdn.crictime.com	secure.crictime.com
35	18

This site contains no links.

Subject Issuer	Validity	Valid
secure.crictime.com Let's Encrypt Authority X3	`2020-12-01` - `2021-03-01`	3 months	crt.sh
cdn.crictime.com Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
steadfastsound.com Let's Encrypt Authority X3	`2020-10-17` - `2021-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
qfdn3gyfbs.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
sendmepush.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
parcelcreature.com Let's Encrypt Authority X3	`2020-10-27` - `2021-01-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://secure.crictime.com/
Frame ID: A7424985C7CA4DE2D302B74249AA24F0
Requests: 25 HTTP requests in this frame

Frame: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119
Frame ID: 2E37C87733FD0B6E8C0727574EDCCE21
Requests: 5 HTTP requests in this frame

Frame: https://secure.crictime.com/upcoming-cricket-matches.htm
Frame ID: 6909CF5B7AA6626414E2D8D717DDC84F
Requests: 1 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1606814357103590095025
Frame ID: 6092E7D7DECE7872BE1A8C2331553F98
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 61755603C5EF706CC398C027F95844F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

35
Requests

100 %
HTTPS

25 %
IPv6

12
Domains

18
Subdomains

12
IPs

5
Countries

332 kB
Transfer

1233 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=0e03953f-9733-4a3c-a662-c25457223f1d&ttl=1609406357

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.crictime.com/ 497 KB
5 KB 277ms
73ms Document
text/html 185.112.157.130
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.112.157.130 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),

Reverse DNS

Software

nginx /

Resource Hash

0c9f3f1b8a496c8253453c8520af15bc456d402e96704747298f3c69e0bcd85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.crictime.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Tue, 01 Dec 2020 09:19:16 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 09:15:37 GMT
etag: W/"7c3a3-5b56391db2040"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br

GET
H2 200 cricket.gif
cdn.crictime.com/ 5 KB
5 KB 300ms
62ms Image
image/gif 185.112.157.130
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.crictime.com/cricket.gif

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.112.157.130 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),

Reverse DNS

Software

nginx /

Resource Hash

5d1c1fb5680670de7b89724456a5fb8ad361368ee75c21d60b31be1a52a42da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Oct 2018 10:50:25 GMT
server: nginx
etag: W/"5bd83771-1307"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2020 09:19:17 GMT

GET
H2 200 vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E Show response
steadfastsound.com/v2/0/ 96 KB
29 KB 295ms
225ms Script
text/javascript 35.190.39.246
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.39.246 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

246.39.190.35.bc.googleusercontent.com

Software

Resource Hash

5bfa741bf26df0f587379c836ef36fc6a92cea085d25f5bb0f80f7875f665770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "9e41baae41edac7a7a65cf34083b404c0140e63032d3f648e3b557c588c69468"
vary: Accept-Encoding, Accept-Language
x-hostname: 30624aca
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 01 Dec 2020 09:19:17 GMT
timing-allow-origin: *

GET
H2 200 crictime.com.253890.js Show response
jsc.mgid.com/c/r/ Frame 2E37 208 KB
55 KB 77ms
44ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda68dc41e9e8a669042cb3a18b206d72da1c19c69367567bd981fff445d2f57

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6896
cf-polished: origSize=213221
last-modified: Mon, 23 Nov 2020 10:18:10 GMT
x-amz-request-id: 7B5454F782A8371F
x-amz-id-2: NYztTEqTfQ2K6Stqz2pYD+x3UWtA04AI5H31rwUJ1x7c7YeIyObzqLQZURROlWSNIBeN4IlofQA=
cf-bgj: minify
server: cloudflare
etag: W/"920c82f49df45deb7a9f9f2afb4cfda6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06bf326d610000d8cdc528b000000001
cf-ray: 5fabb9c23d53d8cd-AMS
expires: Tue, 01 Dec 2020 12:19:16 GMT

GET
H/1.1 403
Forbidden a5695fd0f93182db0eae61890fc716b5.js
qfdn3gyfbs.com/a5/69/5f/ 0
0 316ms
110ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qfdn3gyfbs.com/a5/69/5f/a5695fd0f93182db0eae61890fc716b5.js
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 01 Dec 2020 09:19:17 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ntfc.php Show response
sendmepush.com/ 40 KB
12 KB 54ms
16ms Script
application/javascript 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmepush.com/ntfc.php?p=2397717
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: fe349619ccda0fc1bf257e45506955e1ade551dd5318afb732926c681a2e651b

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Dec 2020 09:19:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 11:53:57 GMT
Server: nginx
ETag: W/"5fb7ae55-9fdb"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 upcoming-cricket-matches.htm Show response
secure.crictime.com/ Frame 6909 5 KB
1 KB 66ms
65ms Document
text/html 185.112.157.130
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.crictime.com/upcoming-cricket-matches.htm

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.112.157.130 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),

Reverse DNS

Software

nginx /

Resource Hash

f46442e944075b75e2ec34e5d3045034d962ee0484b22ef126ab88428d98ad4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.crictime.com
:scheme: https
:path: /upcoming-cricket-matches.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.crictime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.crictime.com/

Response headers

server: nginx
date: Tue, 01 Dec 2020 09:19:16 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 09:15:37 GMT
etag: W/"1327-5b56391db2040"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5365
date: Tue, 01 Dec 2020 07:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 01 Dec 2020 09:49:51 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 14ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=721155508&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.crictime.com%2F&ul=en-us&de=windows-1252&dt=Live%20Cricket%20Streaming%20-%20Watch%20Live%20Cricket%20-%20Crictime.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1997112061&gjid=1172125488&cid=1572549184.1606814357&tid=UA-2414894-6&_gid=760116126.1606814357&_r=1&_slc=1&z=403453223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.crictime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 67ms
27ms Image
image/png 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
age: 1778
cf-ray: 5fabb9c35f02d8b5-AMS
content-length: 2745
x-amz-id-2: iM0s7uPrcyvzGlwSs+Rmjc+IIf3O15aXkpQGCv8QblmGx1AcCUSVOozJQjY3v1Q3jrcKK31tDFQ=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 966AE579BFE5F858
cache-control: public, max-age=14400
cf-request-id: 06bf326e130000d8b5ab037000000001
accept-ranges: bytes
content-type: image/png
expires: Tue, 01 Dec 2020 13:19:17 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secure.crictime.com
Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 09:58:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 84042
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19684
x-xss-protection: 0
expires: Tue, 30 Nov 2021 09:58:34 GMT

GET
H2 200 1 Show response
servicer.mgid.com/253890/ 3 KB
2 KB 72ms
69ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/253890/1?w=939&h=303&cols=3&pv=5&cbuster=1606814357012377714151&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fsecure.crictime.com%2F&lu=https%3A%2F%2Fsecure.crictime.com%2F&pageView=1&pvid=1761d995615b9fc5e37&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11b33954afae162fae078268d4d00d5f03d476c566e3c0b42ea855b79a26ead3

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fabb9c36faed8cd-AMS
cf-request-id: 06bf326e220000d8cd2e096000000001

GET
H2 200 i.js Show response
cm.steepto.com/ 130 B
280 B 255ms
254ms Script
application/javascript 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?&cbuster=1606814357099712776922
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: df9b9b37-8f97-4ab8-a3de-2c4a341d28de
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 5fabb9c3f851d8b5-AMS
cf-request-id: 06bf326e760000d8b5a29f3000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.steepto.com/ Frame 6092 19 B
238 B 483ms
483ms Script
application/javascript 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i-noref.js?cbuster=1606814357103590095025
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: MISS
x-mg-request-uuid: 7c67e0ef-223f-4bff-b068-eb6c3e6a8ff0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 5fabb9c3f85fd8b5-AMS
content-length: 19
cf-request-id: 06bf326e790000d8b5959ac000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.steepto.com/g/3859212/492x328/0x0x1001x667/ 33 KB
33 KB 57ms
54ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1606814357-cILqXVZN_dPTAIKkOqrKc0EOngfPborg-ICwT3BMInU
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:15:10 GMT
x-mg-request-uuid: 4b22d7ae-8567-4b50-813c-a0458e9af2dc
age: 2095490
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c40887d8b5-AMS
content-length: 33544
cf-request-id: 06bf326e840000d8b5af19e000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp
s-img.steepto.com/g/3805589/492x328/0x158x799x532/ 13 KB
13 KB 63ms
60ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3805589/492x328/0x158x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp?v=1606814357-WTfTi0xM9cfvlhborwQdQ2OV4wL6_mNhrCURNFrtn2g
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 05:49:48 GMT
x-mg-request-uuid: 37fcd942-d187-45dd-9102-8a1ec3e799cf
age: 2441571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c40883d8b5-AMS
content-length: 13220
cf-request-id: 06bf326e840000d8b5f43a9000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.steepto.com/g/4023144/492x328/278x0x828x552/ 16 KB
16 KB 28ms
25ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/4023144/492x328/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1606814357-4jXwMSnu3kI-YEc9F9I685mxuRJNuaNhU0zXgNL_Dkw
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e74bc65c8669dcae7675a0fcbc5b14e1e0f36fda529eb0603027e04baa4b8f

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 06:52:42 GMT
x-mg-request-uuid: be7bef4c-b115-43b3-9949-06ae8d6b1763
age: 2351672
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c40881d8b5-AMS
content-length: 15984
cf-request-id: 06bf326e830000d8b59e9c1000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.steepto.com/g/3859212/492x328/0x0x1001x667/ Frame 2E37 33 KB
33 KB 43ms
41ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1606814357-cILqXVZN_dPTAIKkOqrKc0EOngfPborg-ICwT3BMInU
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:15:10 GMT
x-mg-request-uuid: 4b22d7ae-8567-4b50-813c-a0458e9af2dc
age: 2095490
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c4088cd8b5-AMS
content-length: 33544
cf-request-id: 06bf326e850000d8b5b91c0000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp
s-img.steepto.com/g/3805589/492x328/0x158x799x532/ Frame 2E37 13 KB
13 KB 53ms
51ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3805589/492x328/0x158x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp?v=1606814357-WTfTi0xM9cfvlhborwQdQ2OV4wL6_mNhrCURNFrtn2g
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 05:49:48 GMT
x-mg-request-uuid: 37fcd942-d187-45dd-9102-8a1ec3e799cf
age: 2441571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c40888d8b5-AMS
content-length: 13220
cf-request-id: 06bf326e840000d8b5c6976000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.steepto.com/g/4023144/492x328/278x0x828x552/ Frame 2E37 16 KB
16 KB 30ms
28ms Image
image/webp 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/4023144/492x328/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1606814357-4jXwMSnu3kI-YEc9F9I685mxuRJNuaNhU0zXgNL_Dkw
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e74bc65c8669dcae7675a0fcbc5b14e1e0f36fda529eb0603027e04baa4b8f

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 06:52:42 GMT
x-mg-request-uuid: be7bef4c-b115-43b3-9949-06ae8d6b1763
age: 2351672
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fabb9c40889d8b5-AMS
content-length: 15984
cf-request-id: 06bf326e850000d8b5959ad000000001
server: cloudflare

GET
H/1.1 200
OK zone Show response
sendmepush.com/ 750 B
1 KB 33ms
32ms Fetch
application/json 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sendmepush.com/zone?pub=0&zone_id=2397717&is_mobile=false&domain=secure.crictime.com&var=&ymid=&var_3=

Requested by

Host: sendmepush.com
URL: https://sendmepush.com/ntfc.php?p=2397717

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

9b3f67c16c607ae97bd21fa58e53b5b477aa351f822f1fa85fba7bf654fcb623

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 2b27f7752394a4f8c4a5c86441aace5c
Date: Tue, 01 Dec 2020 09:19:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 750

GET
H/1.1 200
OK universal.min.js Show response
sendmepush.com/pfe/current/ 188 KB
54 KB 60ms
29ms Fetch
application/javascript 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmepush.com/pfe/current/universal.min.js?v=3.1.280
Requested by: Host: sendmepush.com
URL: https://sendmepush.com/ntfc.php?p=2397717
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Dec 2020 09:19:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 11:53:57 GMT
Server: nginx
ETag: W/"5fb7ae55-2f127"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://secure.crictime.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 Bqfexc Show response
ad.doubleclick.net/ddm/adj/Aafc/ 11 B
645 B 82ms
30ms Script
text/javascript 172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Aafc/Bqfexc

Requested by

Host: steadfastsound.com
URL: https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
sendmepush.com/ Frame 0
0 14ms
14ms Other
text/plain 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmepush.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secure.crictime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Dec 2020 09:19:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
sendmepush.com/ 39 B
494 B 16ms
15ms Fetch
application/json 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sendmepush.com/custom

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 5f1383a9225ee97302ffac61e08a8466
Date: Tue, 01 Dec 2020 09:19:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom Show response
sendmepush.com/ 39 B
494 B 16ms
15ms Fetch
application/json 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sendmepush.com/custom

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c0dbf63b8eafb7024a8cfe3f25fa512f
Date: Tue, 01 Dec 2020 09:19:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
sendmepush.com/ Frame 0
0 29ms
14ms Other
text/plain 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmepush.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secure.crictime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Dec 2020 09:19:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 6175 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: steadfastsound.com
URL: https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.crictime.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.crictime.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Mon, 30 Nov 2020 11:58:48 GMT
expires: Tue, 30 Nov 2021 11:58:48 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 76829
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=0e03953f-9733-4a3c-a662-c25457223f1d&ttl=1609406357

43 B
246 B

67ms
66ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=0e03953f-9733-4a3c-a662-c25457223f1d&ttl=1609406357
Requested by: Host: secure.crictime.com
URL: https://secure.crictime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6a0ee89c-c1ae-4ee8-817c-c1be6836f09a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fabb9c66d9cd8cd-AMS
cf-request-id: 06bf3270060000d8cde99c3000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=0e03953f-9733-4a3c-a662-c25457223f1d&ttl=1609406357
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

OPTIONS
H/1.1 200
OK custom
sendmepush.com/ Frame 0
0 14ms
14ms Other
text/plain 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmepush.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secure.crictime.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 01 Dec 2020 09:19:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
sendmepush.com/ 39 B
494 B 15ms
15ms Fetch
application/json 139.45.196.198
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sendmepush.com/custom

Requested by

Host: secure.crictime.com
URL: https://secure.crictime.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.198 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c9cae147550b0515d11e8d74e484b01f
Date: Tue, 01 Dec 2020 09:19:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.crictime.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H2 200 v2shbMQLFEZvzq9apPGvDs-baJw9kfuAYrF2BZ47q-R4VM_Zgj8Y8eXdpI65tbBBDln-HTatbE40tsA Show response
parcelcreature.com/ 216 B
615 B 99ms
32ms Fetch
application/json 35.190.74.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://parcelcreature.com/v2shbMQLFEZvzq9apPGvDs-baJw9kfuAYrF2BZ47q-R4VM_Zgj8Y8eXdpI65tbBBDln-HTatbE40tsA

Requested by

Host: steadfastsound.com
URL: https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.222 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

222.74.190.35.bc.googleusercontent.com

Software

Resource Hash

6a5e5d52142604d654b174c4e5eecbfa3bef006c5c8abc2d81e3362275436649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 01 Dec 2020 09:19:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.crictime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 30624aca
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 01 Dec 2020 09:19:16 GMT

POST
H2 200 v2fsjJ2bEd5lZRP2f0UXtvPW1BziRXQzFmgYbNBauLx_gZmfwXYA1vytC_3ZA541ct-erddHNTkDrFA Show response
parcelcreature.com/ 3 B
36 B 61ms
61ms Fetch
application/json 35.190.74.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://parcelcreature.com/v2fsjJ2bEd5lZRP2f0UXtvPW1BziRXQzFmgYbNBauLx_gZmfwXYA1vytC_3ZA541ct-erddHNTkDrFA

Requested by

Host: steadfastsound.com
URL: https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.222 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

222.74.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 01 Dec 2020 09:19:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.crictime.com
access-control-allow-credentials: true
x-hostname: 30624aca
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 c
c.mgid.com/ Frame 2E37 43 B
280 B 147ms
140ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=304|282|12|BBl_ThN-tfGISzieBZAmljPNovwjvySNG1HBbnLnJtmmDyZgS3YkioC6JOV2w_lj&fw=1&extjs=66044&v=304|282|12|BBl_ThN-tfGISzieBZAmlhIBhbiA5CLe0rwPDynVRqLFZOTes4P_SiPyRx4LTZIp&v=304|282|12|BBl_ThN-tfGISzieBZAmlg4QTN-4QHXQ_WvkMtnYg9kba_XsW-vIVKN0-U_goyhP&cid=253890&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=4939f13c-33b6-11eb-8e18-d094662c24f7&tt=Direct&pageImp=1&muid=kb1he6fakPj1&cbuster=1606814358269667167252&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 09:19:18 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9077ecaf-cc7c-49b0-8ec5-b23e047f9440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fabb9cb48c1d8cd-AMS
cf-request-id: 06bf32730e0000d8cd21ab8000000001
server: cloudflare

POST
H2 200 v2tzgxfzJm2TtLe5iHF7lsrtBjnBFntLokWVXSs1WEUAYTbO0EzqabMEA6uMcfZ8noIhOHIf4_4FUWaI
parcelcreature.com/ 2 B
400 B 82ms
29ms Other
application/json 35.190.74.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://parcelcreature.com/v2tzgxfzJm2TtLe5iHF7lsrtBjnBFntLokWVXSs1WEUAYTbO0EzqabMEA6uMcfZ8noIhOHIf4_4FUWaI

Requested by

Host: steadfastsound.com
URL: https://steadfastsound.com/v2/0/vihCdm0gaOLPpf18ajBR3tnwatjaEi5FWjqOdRyf-lCHH8KXudLnQjt8fanignCTZD3jW1UDUPqHF_h-4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.222 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

222.74.190.35.bc.googleusercontent.com

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://secure.crictime.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 01 Dec 2020 09:19:18 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.crictime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 30624aca
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 2
expires: Tue, 01 Dec 2020 09:19:17 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.crictime.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C253890%22%3A%7B%22page%22%3A1%2C%22time%22%3A1606814357094%7D%7D
.crictime.com/	1970-01-19 14:21:40	Name: _gid Value: GA1.2.760116126.1606814357
.crictime.com/	1970-01-19 14:20:14	Name: _gat Value: 1
.crictime.com/	1970-01-20 07:51:26	Name: _ga Value: GA1.2.1572549184.1606814357

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/c/r/crictime.com.253890.js?t=1201119(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.mgid.com
cdn.crictime.com
cdn.steepto.com
cm.mgid.com
cm.steepto.com
fonts.gstatic.com
jsc.mgid.com
match.adsrvr.org
parcelcreature.com
qfdn3gyfbs.com
s-img.steepto.com
secure.crictime.com
sendmepush.com
servicer.mgid.com
steadfastsound.com
tpc.googlesyndication.com
www.google-analytics.com
104.19.134.78
104.19.138.80
139.45.196.198
172.217.22.38
185.112.157.130
192.243.59.13
2a00:1450:4001:819::2003
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
35.190.39.246
35.190.74.222
52.50.156.162
0c9f3f1b8a496c8253453c8520af15bc456d402e96704747298f3c69e0bcd85a
10e74bc65c8669dcae7675a0fcbc5b14e1e0f36fda529eb0603027e04baa4b8f
11b33954afae162fae078268d4d00d5f03d476c566e3c0b42ea855b79a26ead3
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
5bfa741bf26df0f587379c836ef36fc6a92cea085d25f5bb0f80f7875f665770
5d1c1fb5680670de7b89724456a5fb8ad361368ee75c21d60b31be1a52a42da2
6a5e5d52142604d654b174c4e5eecbfa3bef006c5c8abc2d81e3362275436649
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95
9b3f67c16c607ae97bd21fa58e53b5b477aa351f822f1fa85fba7bf654fcb623
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f46442e944075b75e2ec34e5d3045034d962ee0484b22ef126ab88428d98ad4d
fda68dc41e9e8a669042cb3a18b206d72da1c19c69367567bd981fff445d2f57
fe349619ccda0fc1bf257e45506955e1ade551dd5318afb732926c681a2e651b
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

secure.crictime.com Open in urlscan Pro 185.112.157.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

25 %IPv6

12 Domains

18 Subdomains

12 IPs

5 Countries

332 kBTransfer

1233 kBSize

4 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.crictime.com Open in urlscan Pro
185.112.157.130 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

25 %
IPv6

12
Domains

18
Subdomains

12
IPs

5
Countries

332 kB
Transfer

1233 kB
Size

4
Cookies

35 HTTP transactions
1 data transactions