pahaplayers.click Open in urlscan Pro
2606:4700:3031::6815:1423 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pahaplayers.click/ch/pahe0145ch.php
Submission: On October 27 via manual (October 27th 2022, 5:34:08 pm UTC) from PT — Scanned from DE

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 20 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3031::6815:1423, located in United States and belongs to CLOUDFLARENET, US. The main domain is pahaplayers.click.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.

This is the only time pahaplayers.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3031::6815:1423	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	178.162.196.156 178.162.196.156	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
4	2606:4700::68... 2606:4700::6810:a710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:92e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.62 65.9.66.62	16509 (AMAZON-02) (AMAZON-02)
1	46.4.50.210 46.4.50.210	24940 (HETZNER-AS) (HETZNER-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
2	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
4	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
6	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.21.13.26 216.21.13.26	53334 (TUT-AS) (TUT-AS)
4 7	2606:4700:e4:... 2606:4700:e4::ac40:a103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	23

3 2606:4700:3031::6815:1423 (United States)

ASN13335 (CLOUDFLARENET, US)

pahaplayers.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.196.156 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)

vmuid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origunix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tartator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnondemand.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:92e1 (United States)

ASN13335 (CLOUDFLARENET, US)

negure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-62.fra56.r.cloudfront.net

rsationhesa.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.50.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.50.4.46.clients.your-server.de

nimrute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.intellipopup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

streamservicehd.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

betzapdoson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, RO)

kliwzss9dlcz.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Malaysia)

ASN9009 (M247, RO)
PTR: no-mans-land.m247.com

kliwzss9dlcz.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.26 (United States)

ASN53334 (TUT-AS, US)

intellipopup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e4::ac40:a103 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

webudi.openhd.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ddyx2.uknode29.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ddy1.uknode29.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	adsco.re c.adsco.re — Cisco Umbrella Rank: 24226 6.adsco.re — Cisco Umbrella Rank: 25759 4.adsco.re — Cisco Umbrella Rank: 27970 kliwzss9dlcz.l4.adsco.re Failed kliwzss9dlcz.n4.adsco.re kliwzss9dlcz.s4.adsco.re adsco.re — Cisco Umbrella Rank: 16887	51 KB
7	openhd.lol 4 redirects webudi.openhd.lol — Cisco Umbrella Rank: 375930	6 KB
5	histats.com s10.histats.com — Cisco Umbrella Rank: 17901 s4.histats.com — Cisco Umbrella Rank: 15235	5 KB
4	cdnondemand.org cdnondemand.org — Cisco Umbrella Rank: 503189	114 KB
3	uknode29.shop ddyx2.uknode29.shop ddy1.uknode29.shop	4 MB
3	tartator.com tartator.com — Cisco Umbrella Rank: 27018	136 KB
3	pahaplayers.click pahaplayers.click	26 KB
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 30636	2 KB
2	betzapdoson.com betzapdoson.com — Cisco Umbrella Rank: 146625	23 KB
2	streamservicehd.click streamservicehd.click — Cisco Umbrella Rank: 394812	36 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 278	17 KB
2	intellipopup.com www.intellipopup.com — Cisco Umbrella Rank: 219515 intellipopup.com — Cisco Umbrella Rank: 156258	10 KB
2	vmuid.com vmuid.com — Cisco Umbrella Rank: 107478	11 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	139 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	30 KB
1	nimrute.com nimrute.com — Cisco Umbrella Rank: 195028
1	rsationhesa.one rsationhesa.one — Cisco Umbrella Rank: 19770	386 B
1	negure.com negure.com	35 KB
1	origunix.com 1 redirects origunix.com — Cisco Umbrella Rank: 208809	373 B
0	profitablegatetocontent.com Failed pl15792189.profitablegatetocontent.com Failed
55	20

	Domain	Requested by
7	webudi.openhd.lol	4 redirects cdn.jsdelivr.net
4	s4.histats.com	s10.histats.com
4	cdnondemand.org	pahaplayers.click cdnondemand.org streamservicehd.click
3	4.adsco.re	pahaplayers.click c.adsco.re
3	6.adsco.re	pahaplayers.click c.adsco.re
3	c.adsco.re	www.intellipopup.com c.adsco.re
3	tartator.com	pahaplayers.click origunix.com
3	pahaplayers.click	pahaplayers.click
2	ddyx2.uknode29.shop
2	youradexchange.com	cdnondemand.org
2	betzapdoson.com	pahaplayers.click
2	streamservicehd.click	pahaplayers.click streamservicehd.click
2	ssl.google-analytics.com	pahaplayers.click
2	vmuid.com	pahaplayers.click vmuid.com
1	ddy1.uknode29.shop
1	intellipopup.com	www.intellipopup.com
1	adsco.re	c.adsco.re
1	cdn.jsdelivr.net	streamservicehd.click
1	code.jquery.com	streamservicehd.click
1	kliwzss9dlcz.s4.adsco.re	c.adsco.re
1	kliwzss9dlcz.n4.adsco.re	c.adsco.re
1	www.intellipopup.com	pahaplayers.click
1	s10.histats.com	pahaplayers.click
1	nimrute.com	pahaplayers.click
1	rsationhesa.one	pahaplayers.click
1	negure.com	pahaplayers.click
1	origunix.com	1 redirects
0	kliwzss9dlcz.l4.adsco.re Failed	c.adsco.re
0	pl15792189.profitablegatetocontent.com Failed	pahaplayers.click
55	29

This site contains links to these domains. Also see Links.

Domain
adsco.re
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-05` - `2023-07-04`	a year	crt.sh
vmuid.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.negure.com E1	`2022-10-23` - `2023-01-21`	3 months	crt.sh
rsationhesa.one Amazon	`2022-10-03` - `2023-11-01`	a year	crt.sh
waytobigs.com R3	`2022-10-13` - `2023-01-11`	3 months	crt.sh
tartator.com ZeroSSL RSA Domain Secure Site CA	`2022-08-07` - `2022-11-05`	3 months	crt.sh
histats.com R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
1012967761.rsc.cdn77.org R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.streamservicehd.click GTS CA 1P5	`2022-09-25` - `2022-12-24`	3 months	crt.sh
betzapdoson.com R3	`2022-10-21` - `2023-01-19`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2022-09-16` - `2023-09-29`	a year	crt.sh
*.n4.adsco.re R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
intellipopup.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-18` - `2023-08-18`	a year	crt.sh
*.openhd.lol GTS CA 1P5	`2022-10-08` - `2023-01-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pahaplayers.click/ch/pahe0145ch.php
Frame ID: C0E60BBA583A1504038F7EF986113C7C
Requests: 33 HTTP requests in this frame

Frame: https://rsationhesa.one/4/534398
Frame ID: 99415086B3A246540693DBEA08D347FE
Requests: 1 HTTP requests in this frame

Frame: https://nimrute.com/click?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Frame ID: 14527DD4DFAD70ED9816F6CC3D8EC539
Requests: 1 HTTP requests in this frame

Frame: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
Frame ID: 95778A769E9C73111A0B30B05AED6CA0
Requests: 14 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 01F93A0E99B199ED651FB11104A16A9A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HD-0145

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

82 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

23
IPs

7
Countries

5082 kB
Transfer

6187 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP 302
https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f

Request Chain 47

https://webudi.openhd.lol/lb/premium145/index.m3u8 HTTP 301
https://webudi.openhd.lol/ddy6/premium145/index.m3u8

Request Chain 49

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.ts HTTP 301
https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js

Request Chain 51

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.ts HTTP 301
https://ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js

Request Chain 52

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.ts HTTP 301
https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pahe0145ch.php Show response
pahaplayers.click/ch/ 72 KB
25 KB 391ms
314ms Document
text/html 2606:4700:3031::6815:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9bd03e91d632b8cec4f2eb27ac565423f8d35ef20c5d3e0d7dc62e687bd6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 760d2dfe5c60995c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 17:33:57 GMT
greydedi: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BZ96ue95s%2Fqv1N1g8W6l0Hoz0ia4JpXyVDXRt0yx5A0%2BNYFWhzteXWP2dSitGQgMNgNzaiYOg9R%2FgGP2Bc9SXrPonZ0%2FC3AhkgoEh9V7y7C1ByY6T0S7RYYE1YNpIuadrp1oy70jp%2FGgGw%2FcHfNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed

GET
H2 200 adcashdirect.php Show response
pahaplayers.click/ch/ 938 B
872 B 90ms
89ms Script
application/javascript 2606:4700:3031::6815:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pahaplayers.click/ch/adcashdirect.php

Requested by

Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71ce1264f7d042a7a90580f934fd4bb7582561bff8dbedbfbf1e5000bc74db54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
greydedi: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED8UX%2FX3swTKDPsb6689x3zaUKwa2fheFqKd%2FmxvKWFHOKCOX0RC4HZUP5rT94NLfVTZKOhuY3z574SLXvny1PhHj3AndX7%2B7OGle0XNGU70JFQwDMS6A4T%2F7JSG9vaaf39tlcM3O5h9y98l8ecKCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 760d2e005880995c-FRA
expires: Thu, 03 Nov 2022 17:33:16 GMT

GET 4bb6c01f430317c66005dc9729aaff49.js
pl15792189.profitablegatetocontent.com/4b/b6/c0/ 0
0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ 10 KB
10 KB 73ms
13ms Script
text/javascript 178.162.196.156
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:33:57 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10176

GET
H/1.1

200
OK

sdk.js Show response
tartator.com/
Redirect Chain

https://origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f

135 KB
135 KB

63ms
28ms

Script
text/javascript

178.162.196.156
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: HTTP/1.1
Server: 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 367785aa706067a25883333b2c802ca2218e082e55666351e7b3680e9ef4e106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:33:57 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 138151

Redirect headers

Date: Thu, 27 Oct 2022 17:33:57 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 bootstrap.js Show response
cdnondemand.org/script/ 98 KB
33 KB 83ms
43ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/bootstrap.js
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/adcashdirect.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:33:57 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1864
x-guploader-uploadid: ADPycduI37KEPlpa7dhAN4STX9m-ZBO4Y32gaR3L6T8kNSA9aGUTdsjejcQNb213CG0L3bKHfuueOJtQ0XijxlZrTxbkBD5eMsBy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626315119008
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 100523
cf-ray: 760d2e017b2b995c-FRA
expires: Thu, 27 Oct 2022 21:33:57 GMT

GET
H2 200 bootstrap.js Show response
negure.com/script/ 98 KB
35 KB 64ms
21ms Script
application/javascript 2606:4700:3037::ac43:92e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://negure.com/script/bootstrap.js
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/adcashdirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:92e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:33:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1123
x-guploader-uploadid: ADPycdvJG5nfvBphm8gqcwsP9xvpCTaG9SDN3CAnYS6Cj6XNgBti34NC6JXPHaLLbEKdnU5f6GwFbTYD2u_qsyrx37GhMJCMOCsU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626315119008
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IEFuzNVFBAJimMKQlBaM%2B9ErdtK4kaIjs8sGBUrzvOAUoY3rKtIwRHAyw1qeWQSShle%2BmEmVscEmNVD3ltEScenKpETB1zXGiCXB02fER15PFOKdjZc63D7J1dBB5xXR7b3d3Fmd1QD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100523
cf-ray: 760d2e022d51bb91-FRA
expires: Thu, 27 Oct 2022 17:35:40 GMT

GET
H2 404 534398 Show response
rsationhesa.one/4/ Frame 9941 0
386 B 150ms
103ms Document
text/plain 65.9.66.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rsationhesa.one/4/534398
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-62.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-length: 0
content-type: text/plain
date: Thu, 27 Oct 2022 17:34:00 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-id: -uSIV7OQyUFPqj2kTsizTviVpFsmYw-HNX3fKCMv0XCGNZX9pv4zrA==
x-amz-cf-pop: FRA56-C1
x-cache: Error from cloudfront

GET
H/1.1 204
No Content click
nimrute.com/ Frame 1452 0
0 41ms
8ms Document
text/plain 46.4.50.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nimrute.com/click?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.50.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.210.50.4.46.clients.your-server.de
Software: fasthttp /
Resource Hash

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Thu, 27 Oct 2022 17:33:59 GMT
server: fasthttp
x-app-id: 9
x-debug-stage: request-pre-validation
x-request-id: cddc223ih80b2lj4rigg

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ 65 B
704 B 15ms
15ms Fetch
application/json 178.162.196.156
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: d2dc3295d44225dba1862df95276184df472752e3f94368c79e04da27301ea69

Request headers

Accept: application/json
Referer: https://pahaplayers.click/ch/pahe0145ch.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary3qtmwFPiDUAzQjB5

Response headers

Date: Thu, 27 Oct 2022 17:33:59 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://pahaplayers.click
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
tartator.com/ 2 B
398 B 14ms
13ms Ping
text/plain 178.162.196.156
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://tartator.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary49kBdMgZRxeIENJA

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 57ms
10ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:33:49 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 749242140

GET
H2 200 dc.min.js Show response
www.intellipopup.com/ 30 KB
9 KB 68ms
16ms Script
application/x-javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intellipopup.com/dc.min.js
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5d50dea1709d83c598dce047030c137c9d71800ebe01b50ca9ef0dc47acb0c0a

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Origin: https://pahaplayers.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
x-cache: HIT
x-77-cache: HIT
x-age: 124550
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
x-77-nzt: AdRmOLQP+DX/huYBAA
x-accel-expires: @1667372290
server: CDN77-Turbo
x-77-nzt-ray: ThuxVM9CUz8
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://intellipopup.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Wed, 02 Nov 2022 06:58:10 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 16:50:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2587
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 27 Oct 2022 18:50:53 GMT

GET
H2 200 pahaplayer.php Show response
streamservicehd.click/premiumtv/ Frame 9577 84 KB
36 KB 315ms
276ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc94df7c3f52278631613b29d71fa0847a922c5d0f91eda5b533587a8d28b967

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800, immutable, no-transform
cf-cache-status: EXPIRED
cf-ray: 760d2e126a0e21ab-DUS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 17:34:00 GMT
last-modified: Thu, 27 Oct 2022 07:47:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
node: PHP
referrer-policy: unsafe-url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK4CLrT9kTZj1WtwY0wTXlrl0G2jxrXQhJJZQeTJYYUBubsxXsr4s%2BCs1RLSYAa7RzQEG5%2BkfMhk%2FSZ93vh4CJ01Nqn8Ke9lNp0A7W5xLo744Uss0S1MQopYzk440UlJ1QbXF6va6llnulAIfoujQiR0ua4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

HEAD
H3 200 pahe0145ch.php Show response
pahaplayers.click/ch/ 0
562 B 69ms
69ms XHR
text/html 2606:4700:3031::6815:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pahaplayers.click/ch/pahe0145ch.php

Requested by

Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syr%2Fr%2Fk45l9Myklq%2BWCbW1vudneaFMvxITKLsp0IX7PRlZlokL%2FAPWeh2TUaGQJHRKeGWzZ5kfD5aAbqkCym28Hg%2B4KrjuZeDOE%2FwvUF%2Fsy%2BJ%2F9fR7GSgnrn1slVr9h%2FFbxgC2mM%2B2SbdVFQpKQZnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
greydedi: HIT
x-turbo-charged-by: LiteSpeed
cf-ray: 760d2e1279efb73d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 / Show response
betzapdoson.com/5/4284414/ 0
437 B 61ms
26ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://betzapdoson.com/5/4284414/?oo=1&aab=1
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 27 Oct 2022 17:34:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pahaplayers.click
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
betzapdoson.com/ 71 KB
23 KB 60ms
25ms Script
text/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betzapdoson.com/tag.min.js

Requested by

Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f56c7f66782a6ab420edabc73c63a81f29696ee6207af023339746381fdd5a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 22985
x-trace-id: dbd4e69140cf477e052d27bf5042070d
pragma: no-cache
last-modified: Wed, 26 Oct 2022 15:25:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H/1.1 200
OK report
tartator.com/api/ 2 B
311 B 119ms
119ms Ping
text/plain 178.162.196.156
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://tartator.com/api/report
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXj2kbLa9HYEla6h7

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Server: nginx/1.14.1
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 ut.js Show response
cdnondemand.org/script/ 70 KB
24 KB 21ms
20ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/ut.js?cb=1666892037463
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1877
x-guploader-uploadid: ADPycduxBPe-xxn4RWgYhI8ZBbwGkkDW65tffK9iwT646mBzOol8wC088X1fbXvF85-KLQD9Syel9VjaPVj8rZDZIVkfbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 71356
cf-ray: 760d2e12796b995c-FRA
expires: Thu, 27 Oct 2022 21:34:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 31ms
15ms Image
image/gif 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=734507039&utmhn=pahaplayers.click&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=HD-0145&utmhid=9160678&utmr=-&utmp=%2Fch%2Fpahe0145ch.php&utmht=1666892040087&utmac=UA-124289831-4&utmcc=__utma%3D232660894.2031042126.1666892040.1666892040.1666892040.1%3B%2B__utmz%3D232660894.1666892040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=615127458&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 17:34:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ 1008 B
941 B 232ms
207ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6342122&cbur=0.8193784724455042&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=HD-0145&cbpage=https%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0&chmob=?0
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 5f7ebaa2a6644479c6971b4a34f54edf3765e29c369cff0c3e13d27b04eda922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 309ms
97ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4463797&@f16&@g1&@h1&@i1&@j1666892040090&@k0&@l1&@mHD-0145&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:102300218&@b3:1666892040&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: e616df8c81a56ec5a665a391243cc9dafd1f66e459c81be0a8b10f2d53606978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 309ms
97ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2162676&@f16&@g1&@h1&@i1&@j1666892040090&@k0&@l1&@mHD-0145&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-79566768&@b3:1666892040&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: b55693d061457eb9777ef4d530455c8bd851e03ee01da764a2d4caed82999f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 309ms
98ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4463797&@f16&@g0&@h2&@i1&@j1666892040093&@k3&@l2&@mHD-0145&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:33051692&@b3:1666892040&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: e616df8c81a56ec5a665a391243cc9dafd1f66e459c81be0a8b10f2d53606978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 318ms
96ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2162676&@f16&@g0&@h2&@i1&@j1666892040093&@k3&@l2&@mHD-0145&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:82403970&@b3:1666892040&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: b55693d061457eb9777ef4d530455c8bd851e03ee01da764a2d4caed82999f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
c.adsco.re/ 65 KB
24 KB 54ms
21ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.intellipopup.com
URL: https://www.intellipopup.com/dc.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server: cloudflare
age: 599143
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 760d2e137ed16955-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 27 Nov 2022 17:34:00 GMT

GET
H2 200 /
6.adsco.re/ 0
104 B 55ms
18ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Origin: https://pahaplayers.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
server: cloudflare
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://pahaplayers.click
cache-control: private, max-age=10
vary: Accept-Encoding
cf-ray: 760d2e13effabbfe-FRA
access-control-allow-headers: Content-Type
content-length: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
462 B 108ms
23ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Origin: https://pahaplayers.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://pahaplayers.click
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
4.adsco.re/ 43 B
462 B 65ms
24ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 3d11592a21153c1e9f43fa39310abd7f475ab2e3c245e4624593b8a375bbc382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://pahaplayers.click
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 47 B
344 B 35ms
16ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee6aec0df6c97587311f4820a77d3eb5e6c3de4389fa1b81407343f9c6484fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
server: cloudflare
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://pahaplayers.click
cache-control: private, max-age=10
vary: Accept-Encoding
cf-ray: 760d2e13eff6bbfe-FRA
access-control-allow-headers: Content-Type
content-length: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST /
kliwzss9dlcz.l4.adsco.re/ 0
0

POST
H/1.1 200
OK /
kliwzss9dlcz.n4.adsco.re/ 0
464 B 608ms
88ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://kliwzss9dlcz.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
kliwzss9dlcz.s4.adsco.re/ 0
464 B 976ms
167ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://kliwzss9dlcz.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Malaysia, ASN9009 (M247, RO),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Oct 2022 17:34:01 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 01F9 65 KB
24 KB 63ms
38ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

Referer: https://pahaplayers.click/ch/pahe0145ch.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 599142
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 760d2e13fab6bbb9-FRA
content-encoding: br
content-type: text/html
date: Thu, 27 Oct 2022 17:34:00 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
expires: Sun, 27 Nov 2022 17:34:00 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 9577 87 KB
30 KB 1664ms
662ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: streamservicehd.click
URL: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1666892041.dop223.fr8.t,1666892041.cds007.fr8.hn,1666892041.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H3 404 bldast.js
streamservicehd.click/ Frame 9577 0
0 60ms
21ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamservicehd.click/bldast.js
Requested by: Host: streamservicehd.click
URL: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
referrer-policy: unsafe-url
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNBJElifUf2j2ZrVw6k0IDjd8s1tYlK0kWOgVJDUWX7USHltOhRfg4Xdxjhxx24PV6fPMVb5h71E1axXCslTkJnaUtEdvC%2Bdfq7tO2bwNemFaVClPdWVndmGbN55w1gLhNOBl4pyQHqV2XJJCFwH0xrh%2Bw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 760d2e169bdb9b57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clappr@latest Show response
cdn.jsdelivr.net/npm/ Frame 9577 513 KB
139 KB 76ms
46ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest

Requested by

Host: streamservicehd.click
URL: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 19534
x-jsd-version: 0.3.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA, cache-hhn4070-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 760d2e168da6693a-FRA

GET
H3 200 /
6.adsco.re/ Frame 01F9 0
313 B 76ms
55ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
server: cloudflare
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://c.adsco.re
cache-control: private, max-age=10
vary: Accept-Encoding
cf-ray: 760d2e168de2bb7f-FRA
access-control-allow-headers: Content-Type
content-length: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame 01F9 0
455 B 24ms
24ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: pahaplayers.click
URL: https://pahaplayers.click/ch/pahe0145ch.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:00 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://c.adsco.re
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 /
c.adsco.re/ Frame 01F9 61 KB
0 26ms
26ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:00 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server: cloudflare
age: 599142
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 760d2e16a8dfbbb9-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 27 Nov 2022 17:34:00 GMT

GET /
6.adsco.re/ Frame 01F9 0
0

GET /
4.adsco.re/ Frame 01F9 0
0

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
697 B 174ms
84ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e77f6a018acdd7fd3fa501647eba9e17df5c42bfb8977a8cec497a3945ee5c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 17:34:01 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
AS-P-1: OK lon124
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://pahaplayers.click
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-P-2: OK
AS-P-3: OK

GET
H2 200 Y.asp Show response
intellipopup.com/ 44 B
140 B 408ms
126ms Script
text/javascript 216.21.13.26
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://intellipopup.com/Y.asp?_=BAoAY1rBCQFjWsEJgAGBAsAAIL0VYBQ54ubYKlmReZ0PGNf8kjYUbaYprj19G-3nQBhRwQBHMEUCIEauj5uUSxMzY00-BgiXHCAwj29KqveHcQP-6EF3iAPrAiEA6f_bJbyQS5r6TbtgdDwjX7oldP8iEc_GZJzFfHvymIrCACDFqDEEp4YyeG_F6Ky0Rn19Xvp_xvj7JsHKw1wKoE_WgcQAECoBBKAAKwAAAAAAAAAAAAPFABDErHuVeGruMztiYrjW_WYawwBHMEUCIQDyfzEzAYzcZFSQn_7HJhIj7-6zLjxv8HzFKvF00I5uLwIgTU875afWy33ftyY6ukplMqJAkHPdZBG1Dg7gIlTWncQ&v=4&zDKdAlGf=4792644&minBid=&tXUhGVAN=0,0&BtOFsTHE=&yvmtunwo=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.intellipopup.com
URL: https://www.intellipopup.com/dc.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.21.13.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pahaplayers.click/ch/pahe0145ch.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
popads-ec: ASB
date: Thu, 27 Oct 2022 17:34:01 GMT
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H2 200 bootstrap.js Show response
cdnondemand.org/script/ Frame 9577 98 KB
33 KB 23ms
23ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/bootstrap.js
Requested by: Host: streamservicehd.click
URL: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1869
x-guploader-uploadid: ADPycduI37KEPlpa7dhAN4STX9m-ZBO4Y32gaR3L6T8kNSA9aGUTdsjejcQNb213CG0L3bKHfuueOJtQ0XijxlZrTxbkBD5eMsBy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626315119008
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 100523
cf-ray: 760d2e20da8a995c-FRA
expires: Thu, 27 Oct 2022 21:34:02 GMT

GET
H2 200 ut.js Show response
cdnondemand.org/script/ Frame 9577 70 KB
24 KB 25ms
24ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/ut.js?cb=1666892042430
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1879
x-guploader-uploadid: ADPycduxBPe-xxn4RWgYhI8ZBbwGkkDW65tffK9iwT646mBzOol8wC088X1fbXvF85-KLQD9Syel9VjaPVj8rZDZIVkfbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 71356
cf-ray: 760d2e213b56995c-FRA
expires: Thu, 27 Oct 2022 21:34:02 GMT

GET
H3 200 suurl4.php Show response
youradexchange.com/script/ Frame 9577 1015 B
833 B 203ms
184ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6112890&cbur=0.4839749003166418&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fpahaplayers.click%2Fch%2Fpahe0145ch.php&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0&chmob=?0
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: cd5b949f32a29bb80b41c4ae7df4dd904b360a33cb7aa1ab4c784df1ec733245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 17:34:02 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H3

200

index.m3u8 Show response
webudi.openhd.lol/ddy6/premium145/ Frame 9577
Redirect Chain

https://webudi.openhd.lol/lb/premium145/index.m3u8
https://webudi.openhd.lol/ddy6/premium145/index.m3u8

182 B
925 B

356ms
306ms

XHR
text/html

2606:4700:e4::ac40:a103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webudi.openhd.lol/ddy6/premium145/index.m3u8
Protocol: H3
Server: 2606:4700:e4::ac40:a103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a70d4cefbdfbfeefbb40233f9e9550634a7666d7808b2385c8ba080df71203b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-run-time: 197
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vcdn-node: nmb, dfsd
pragma: no-cache
last-modified: Thu, 27 Oct 2022 17:33:59 GMT
max-age: 0
server: cloudflare
node: 1
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHNOsaDWEemQx5qEJNNDGOMl1vmF8K%2FfNlryGiwfyc31pySzw2jWzl9N3Y%2BPZSJXTjZQT%2F%2Fm3VbmGeLPVtAROPAH6EeJs0kj2t2daEDCre9YbaxWP6MYYvrt0Adlnl02iso37q4uIn%2BRCTe44mkskg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 720
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 760d2e222dc268fd-FRA
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
expires: Thu, 27 Oct 2022 17:34:03 GMT

Redirect headers

date: Thu, 27 Oct 2022 17:34:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
max-age: 0
server: cloudflare
node: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E79wKU1xRtUUkKaPbzwEnZKQJX5dc2wRCX8xSqnveJGnQBg0ONUBaaFp4iOaXQJxb8KGtAFpQevgnE5Jff76jG%2FWoFohLtrzoruQVSN38a8yTPUIlyyWyupOCMU5jgDfdbi3ik79aggf7zi5Gkjy%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /ddy6/premium145/index.m3u8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
videocdn: HIT
cf-ray: 760d2e21989a414a-HAM

GET
H3 200 mono.m3u8 Show response
webudi.openhd.lol/ddy6/premium145/tracks-v1a1/ Frame 9577 299 B
872 B 56ms
55ms XHR
text/html 2606:4700:e4::ac40:a103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/mono.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb31e1779bd97f590caf1c73facfed4c27aac52d74999781ea4d86797a1f631f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
x-run-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vcdn-node: nmb, dfsd
pragma: no-cache
last-modified: Thu, 27 Oct 2022 17:34:01 GMT
max-age: 0
server: cloudflare
node: 1
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgjQX23SP5n4p6rgg82Ti%2BBnV0ZzSC6zAd5QSYkhGtwvatrI79No1LdsdBnxb94AIS2qsQQ1ZeQbtBGIqxiPbEfYxGE%2B6dPqRldIZeoC3zj2YGFOhnS1DHtUA3Fmb4AxVsT6bllhS4mVzsizv65T%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 616
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 760d2e2409f668fd-FRA
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
expires: Thu, 27 Oct 2022 17:34:02 GMT

GET
H2

200

53-04000.js Show response
ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/ Frame 9577
Redirect Chain

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.ts
https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js

2 MB
2 MB

97ms
52ms

XHR
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46cd6fa6a728b55bd5a52b6a2bba17a6e23ef3318fecc614283ff1a83299d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-run-time: 2242
x-mpegts-time: 1625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1645376
x-vcdn-node: nmb, dfsd
last-modified: Thu, 27 Oct 2022 17:33:55 GMT
server: cloudflare
x-memory: yes
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWDzVshW%2BcC%2FcQR9hY%2FKi2N0fMa%2BtaErcy5Cd5Hgkw57ZYUIv1oIDzShP1cCmbiT1EEStrglV5p9a8GGmd%2FKRHVlv2nbUulgBtPCgx%2BXjdIEcK%2BY%2BRROD3XzMn0feSkQ2TyGqaSYGxqIN2efofBx%2FW07"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 124
cache-control: public, max-age=14400, immutable, no-transform
node: 1
accept-ranges: bytes
cf-ray: 760d2e258aa2b770-AMS
x-duration: 4.0e3
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
a-cache-status: HIT

Redirect headers

date: Thu, 27 Oct 2022 17:34:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11
cf-ddccc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
from: memcache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cddddcc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
pragma: no-cache
cf-ccddc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
cf-ccc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
max-age: 0
server: cloudflare
node: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUidBC6%2F0taq7SkP%2FLoqbuw47hqwfZ8lbgMspciPL6ei0dFBBI%2BeF3hGXK4t2x9bkqfe6DlO1cFMTwgma6clLFSC8Lz1B25bUweM8eLmzGVDi78wP%2Bf9E9YJgMgEBRxDpUC0rkhMDUKvUUTcpUhQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ccddddc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/53-04000.js
vary: Accept-Encoding
videocdn: MISS
access-control-allow-headers: *
cf-ray: 760d2e24dbf668fd-FRA

GET
BLOB 200
OK 349de169-e21e-4e7a-9962-5b799d66c8db
https://streamservicehd.click/ Frame 9577 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://streamservicehd.click/349de169-e21e-4e7a-9962-5b799d66c8db
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H2

200

57-04000.js Show response
ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/ Frame 9577
Redirect Chain

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.ts
https://ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js

1 MB
1 MB

67ms
57ms

XHR
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f330c8b0b488bbbf64c7fe3a5fd58004d8000fcc79ec2dec53be9139d2c8623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-run-time: 1875
x-mpegts-time: 1149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1458880
x-vcdn-node: nmb, dfsd
last-modified: Thu, 27 Oct 2022 17:33:59 GMT
server: cloudflare
x-memory: yes
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipt%2BtohcrlOEMq9KFk79ZISKO5eZc0edEoyXntySj9PoKztUBxVG%2FUBShUDcP4l1XQh2BsaxjLP2b0pmaw%2F5IROV%2FZJdj1Aw6EystCM2r17BTwDGjNsh2bf8gxS1as9dMDAuamRX9q5%2Bw%2F25A%2Bv53DE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 171
cache-control: public, max-age=14400, immutable, no-transform
node: 1
accept-ranges: bytes
cf-ray: 760d2e27ddecb770-AMS
x-duration: 4.0e3
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
a-cache-status: HIT

Redirect headers

date: Thu, 27 Oct 2022 17:34:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8
cf-ddccc: ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
from: memcache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cddddcc: ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
pragma: no-cache
cf-ccddc: ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
cf-ccc: ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
max-age: 0
server: cloudflare
node: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnclt8lQuy%2FWVzgXgSPLFpkVB3t2LIzuJDkDGZ%2BenOYeo%2BeuUsETMJ5OH6cJiVN4KkK7%2B3V0h0dQdZBi%2FqNZMVIFf%2FD5RLqc%2FaR5MwX%2FhAUClJr1Z0lTVoA3gShKXwrGZTUvDiFiPHPXZrcL0H7SIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ccddddc: ddy1.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/33/57-04000.js
vary: Accept-Encoding
videocdn: MISS
access-control-allow-headers: *
cf-ray: 760d2e27698e68fd-FRA

GET
H3

200

01-04000.js Show response
ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/ Frame 9577
Redirect Chain

https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.ts
https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js

1 MB
1 MB

91ms
67ms

XHR
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe52265f3b8c22fbb740d73d580145129f2bd5824a9ec6dd9a3ac5cc17ffd59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-run-time: 2848
x-mpegts-time: 1980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1440832
x-vcdn-node: nmb, dfsd
last-modified: Thu, 27 Oct 2022 17:34:03 GMT
server: cloudflare
x-memory: yes
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SinMHZqkIXeIyD3%2B28Uk02cRvyHFXRlGQ4qiZYaZQiAWcmJ3jwk3CE1uCYO%2BY2DJzjYGUtj1ELgDxEP9%2Bh4E7SqbR71tFalDEbvVAyxJYM1AY%2Bi39RnzP9mXOLzNgYYAnAti92mjRdHtyHtTyznkya2"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 212
cache-control: public, max-age=14400, immutable, no-transform
node: 1
accept-ranges: bytes
cf-ray: 760d2e2e59b69bf5-FRA
x-duration: 4.0e3
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
a-cache-status: HIT

Redirect headers

date: Thu, 27 Oct 2022 17:34:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
cf-ddccc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
from: memcache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cddddcc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
pragma: no-cache
cf-ccddc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
cf-ccc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
max-age: 0
server: cloudflare
node: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQCQOZHrdsEM2tGu6%2BIVn9r42Wfpg7tG1N7fzAljZkRPzt4xhAUIe38Ch%2BiMoLoAzR7favdI9T5x0IGN%2BJzDhaTpftkEzjLmz%2BPqiAd12zuP4fMq58uzr%2FxUvxzAasrCRClASMRIliAS94hyO1qoSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ccddddc: ddyx2.uknode29.shop/ddy6/premium145/tracks-v1a1/2022/10/27/17/34/01-04000.js
vary: Accept-Encoding
videocdn: MISS
access-control-allow-headers: *
cf-ray: 760d2e2e08fb68fd-FRA

GET
H3 200 mono.m3u8 Show response
webudi.openhd.lol/ddy6/premium145/tracks-v1a1/ Frame 9577 299 B
873 B 42ms
42ms XHR
text/html 2606:4700:e4::ac40:a103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webudi.openhd.lol/ddy6/premium145/tracks-v1a1/mono.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb31e1779bd97f590caf1c73facfed4c27aac52d74999781ea4d86797a1f631f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamservicehd.click/premiumtv/pahaplayer.php?id=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:34:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
x-run-time: 52
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vcdn-node: nmb, dfsd
pragma: no-cache
last-modified: Thu, 27 Oct 2022 17:34:05 GMT
max-age: 0
server: cloudflare
node: 1
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVnbfWKcXK0zmadDMVN3%2BCWHV%2B5T4drom8l6FglTayFbkGwFKVwfgKo3ej5ByA6%2FVbnK2bR2Huvg4DzVQ18y8nngI0bxjIy4P2fEBmEVgfwIwsNENoF8phUKIWigZ0QPJXHaRebFIt0ZdWyH5gBp6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 153
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 760d2e3d1a4d68fd-FRA
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, x-real-ip, accept, range
expires: Thu, 27 Oct 2022 17:34:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pl15792189.profitablegatetocontent.com
URL: https://pl15792189.profitablegatetocontent.com/4b/b6/c0/4bb6c01f430317c66005dc9729aaff49.js

Domain: kliwzss9dlcz.l4.adsco.re
URL: https://kliwzss9dlcz.l4.adsco.re/

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vmuid.com/	1970-01-20 16:37:32	Name: guid Value: 222e8166-b568-4139-8d15-dc4549d15156
tartator.com/	1970-01-20 07:02:58	Name: av_sw_hit Value: 1
.pahaplayers.click/	1970-01-20 16:37:32	Name: __utma Value: 232660894.2031042126.1666892040.1666892040.1666892040.1
.pahaplayers.click/	1969-12-31 23:59:59	Name: __utmc Value: 232660894
.pahaplayers.click/	1970-01-20 11:24:20	Name: __utmz Value: 232660894.1666892040.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.pahaplayers.click/	1970-01-20 07:01:32	Name: __utmt Value: 1
.pahaplayers.click/	1970-01-20 07:01:33	Name: __utmb Value: 232660894.1.10.1666892040
pahaplayers.click/	1970-01-20 15:47:08	Name: HstCfa4463797 Value: 1666892040090
pahaplayers.click/	1970-01-20 15:47:08	Name: HstCmu4463797 Value: 1666892040090
pahaplayers.click/	1970-01-20 15:47:08	Name: HstCnv4463797 Value: 1
pahaplayers.click/	1970-01-20 15:47:08	Name: HstCns4463797 Value: 1
pahaplayers.click/	1970-01-20 15:47:08	Name: HstCla4463797 Value: 1666892040093
pahaplayers.click/	1970-01-20 15:47:08	Name: HstPn4463797 Value: 2
pahaplayers.click/	1970-01-20 15:47:08	Name: HstPt4463797 Value: 2
pahaplayers.click/	1970-01-20 07:01:57	Name: a Value: DbMci9IBJAhEsX2FtXAWwIuRREEAOFk2
pahaplayers.click/	1970-01-20 07:01:53	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAY1rBCQFjWsEJgAGBAsAAIL0VYBQ54ubYKlmReZ0PGNf8kjYUbaYprj19G-3nQBhRwQBHMEUCIEauj5uUSxMzY00-BgiXHCAwj29KqveHcQP-6EF3iAPrAiEA6f_bJbyQS5r6TbtgdDwjX7oldP8iEc_GZJzFfHvymIrCACDFqDEEp4YyeG_F6Ky0Rn19Xvp_xvj7JsHKw1wKoE_WgcQAECoBBKAAKwAAAAAAAAAAAAPFABDErHuVeGruMztiYrjW_WYawwBHMEUCIQDyfzEzAYzcZFSQn_7HJhIj7-6zLjxv8HzFKvF00I5uLwIgTU875afWy33ftyY6ukplMqJAkHPdZBG1Dg7gIlTWncQ
pahaplayers.click/	1970-01-20 07:01:53	Name: _popprepop Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pl15792189.profitablegatetocontent.com/4b/b6/c0/4bb6c01f430317c66005dc9729aaff49.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://rsationhesa.one/4/534398 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://streamservicehd.click/bldast.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kliwzss9dlcz.l4.adsco.re/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
betzapdoson.com
c.adsco.re
cdn.jsdelivr.net
cdnondemand.org
code.jquery.com
ddy1.uknode29.shop
ddyx2.uknode29.shop
intellipopup.com
kliwzss9dlcz.l4.adsco.re
kliwzss9dlcz.n4.adsco.re
kliwzss9dlcz.s4.adsco.re
negure.com
nimrute.com
origunix.com
pahaplayers.click
pl15792189.profitablegatetocontent.com
rsationhesa.one
s10.histats.com
s4.histats.com
ssl.google-analytics.com
streamservicehd.click
tartator.com
vmuid.com
webudi.openhd.lol
www.intellipopup.com
youradexchange.com
4.adsco.re
6.adsco.re
kliwzss9dlcz.l4.adsco.re
pl15792189.profitablegatetocontent.com
139.45.197.236
162.252.214.5
178.162.196.156
185.200.116.90
192.99.8.28
2001:4de0:ac18::1:a:3a
216.21.13.26
2606:4700:3031::6815:1423
2606:4700:3037::ac43:92e1
2606:4700::6810:5614
2606:4700::6810:a710
2606:4700::6811:a7ba
2606:4700:e4::ac40:a103
2a00:1450:4001:830::2008
2a02:6ea0:c700::22
2a06:98c1:3120::3
2a06:98c1:3121::3
35.190.41.116
38.132.109.186
46.105.201.240
46.4.50.210
65.9.66.62
0e46cd6fa6a728b55bd5a52b6a2bba17a6e23ef3318fecc614283ff1a83299d5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f330c8b0b488bbbf64c7fe3a5fd58004d8000fcc79ec2dec53be9139d2c8623
367785aa706067a25883333b2c802ca2218e082e55666351e7b3680e9ef4e106
3d11592a21153c1e9f43fa39310abd7f475ab2e3c245e4624593b8a375bbc382
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d50dea1709d83c598dce047030c137c9d71800ebe01b50ca9ef0dc47acb0c0a
5f7ebaa2a6644479c6971b4a34f54edf3765e29c369cff0c3e13d27b04eda922
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
71ce1264f7d042a7a90580f934fd4bb7582561bff8dbedbfbf1e5000bc74db54
7a70d4cefbdfbfeefbb40233f9e9550634a7666d7808b2385c8ba080df71203b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
abe52265f3b8c22fbb740d73d580145129f2bd5824a9ec6dd9a3ac5cc17ffd59
b55693d061457eb9777ef4d530455c8bd851e03ee01da764a2d4caed82999f38
bc94df7c3f52278631613b29d71fa0847a922c5d0f91eda5b533587a8d28b967
cd5b949f32a29bb80b41c4ae7df4dd904b360a33cb7aa1ab4c784df1ec733245
cee6aec0df6c97587311f4820a77d3eb5e6c3de4389fa1b81407343f9c6484fe
d2dc3295d44225dba1862df95276184df472752e3f94368c79e04da27301ea69
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e616df8c81a56ec5a665a391243cc9dafd1f66e459c81be0a8b10f2d53606978
e77f6a018acdd7fd3fa501647eba9e17df5c42bfb8977a8cec497a3945ee5c60
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f56c7f66782a6ab420edabc73c63a81f29696ee6207af023339746381fdd5a0e
fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6
fb31e1779bd97f590caf1c73facfed4c27aac52d74999781ea4d86797a1f631f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff9bd03e91d632b8cec4f2eb27ac565423f8d35ef20c5d3e0d7dc62e687bd6eb

pahaplayers.click Open in urlscan Pro 2606:4700:3031::6815:1423 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

82 %HTTPS

50 %IPv6

20 Domains

29 Subdomains

23 IPs

7 Countries

5082 kBTransfer

6187 kBSize

17 Cookies

2 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pahaplayers.click Open in urlscan Pro
2606:4700:3031::6815:1423 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

82 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

23
IPs

7
Countries

5082 kB
Transfer

6187 kB
Size

17
Cookies

55 HTTP transactions
0 data transactions