live.cima4u.ws Open in urlscan Pro
2606:4700:20::ac43:47f8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Submission: On July 27 via manual (July 27th 2021, 3:13:45 pm UTC) from EG

Summary HTTP 75 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 19 domains to perform 75 HTTP transactions. The main IP is 2606:4700:20::ac43:47f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is live.cima4u.ws.
TLS certificate: Issued by R3 on June 30th 2021. Valid for: 3 months.

This is the only time live.cima4u.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:20:... 2606:4700:20::ac43:47f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.104.26.196 172.104.26.196	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3035::ac43:c241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	195.154.207.68 195.154.207.68	12876 (Online SAS) (Online SAS)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	139.45.197.247 139.45.197.247	9002 (RETN-AS) (RETN-AS)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
5	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
75	21

25 2606:4700:20::ac43:47f8 (United States)

ASN13335 (CLOUDFLARENET, US)

live.cima4u.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cima4u.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.104.26.196 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1845-196.members.linode.com

b.m2track.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::ac43:c241 (United States)

ASN13335 (CLOUDFLARENET, US)

myviid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.154.207.68 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-207-68.rev.poneytelecom.eu

psn26.myviid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

provensequencerepetition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.247 (United Kingdom)

ASN9002 (RETN-AS, GB)

zuphaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	cima4u.ws live.cima4u.ws cima4u.ws	356 KB
10	myviid.net myviid.net psn26.myviid.net	228 KB
5	google.com www.google.com	35 KB
5	toglooman.com toglooman.com	124 KB
5	gstatic.com fonts.gstatic.com	50 KB
4	m2track.co b.m2track.co	8 KB
3	dozubatan.com dozubatan.com	30 KB
2	wowreality.info o.wowreality.info	402 B
2	rtmark.net my.rtmark.net	1 KB
2	onmarshtompor.com onmarshtompor.com	3 KB
2	zuphaims.com zuphaims.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	857 B
1	lalaping.com static.lalaping.com	34 KB
1	provensequencerepetition.com provensequencerepetition.com
1	doubleclick.net stats.g.doubleclick.net	90 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
75	19

	Domain	Requested by
24	live.cima4u.ws	live.cima4u.ws ajax.cloudflare.com static.cloudflareinsights.com
8	myviid.net	live.cima4u.ws myviid.net
5	www.google.com	myviid.net
5	toglooman.com	zuphaims.com toglooman.com
5	fonts.gstatic.com	fonts.googleapis.com live.cima4u.ws
4	b.m2track.co	ajax.cloudflare.com live.cima4u.ws
3	dozubatan.com	zuphaims.com dozubatan.com
2	o.wowreality.info	static.lalaping.com
2	my.rtmark.net	onmarshtompor.com dozubatan.com
2	onmarshtompor.com	zuphaims.com
2	zuphaims.com	myviid.net
2	psn26.myviid.net	myviid.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	live.cima4u.ws
1	static.lalaping.com	toglooman.com
1	provensequencerepetition.com	myviid.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	static.cloudflareinsights.com	live.cima4u.ws
1	ajax.cloudflare.com	live.cima4u.ws
1	cima4u.ws	live.cima4u.ws
75	21

This site contains links to these domains. Also see Links.

Domain
cima4u.ws
www.facebook.com
twitter.com
myviid.com
upbom.live
yourcolor.net
hi2day.info
elkingphp.org
cima4u.tv

Subject Issuer	Validity	Valid
*.cima4u.ws R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
m2track.co R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.myviid.net Sectigo RSA Domain Validation Secure Server CA	`2021-05-09` - `2022-05-09`	a year	crt.sh
provensequencerepetition.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
zuphaims.com R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
dozubatan.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
toglooman.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
onmarshtompor.com R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
wowreality.info R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Frame ID: 10712D250A76DF9BE017699C9C0CDE0C
Requests: 43 HTTP requests in this frame

Frame: https://myviid.net:2053/embed-222xyxeojwbp.html
Frame ID: E90207F6F34DBBD76F8993F489ED5C0D
Requests: 28 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=27756c056fda41d3b88c8f88eff5eb71&oaidts=1627398810
Frame ID: 1CBB67D8AA101AC655D975E6346F1CEE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /owl\.carousel.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /owl\.carousel.*\.js/i

Page Statistics

75
Requests

100 %
HTTPS

55 %
IPv6

19
Domains

21
Subdomains

21
IPs

5
Countries

960 kB
Transfer

10119 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://cima4u.ws:2053/
Title: CIMA4Uالسينما للجميع

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cima4U.Official

Search URL Search Domain Scan URL

URL: https://twitter.com/Cima4uO

Search URL Search Domain Scan URL

URL: https://myviid.com:2053/222xyxeojwbp.html
Title: Myvid

Search URL Search Domain Scan URL

URL: http://upbom.live/epmvc3ciw80w/I.Hear.Your.Voice.E14.HDTV.Cima4U.mp4.html
Title: UpBom

Search URL Search Domain Scan URL

URL: https://yourcolor.net/

Search URL Search Domain Scan URL

URL: https://cima4u.ws:2053/home5/
Title: cima4u

Search URL Search Domain Scan URL

URL: http://hi2day.info/
Title: Hi2Day!

Search URL Search Domain Scan URL

URL: http://elkingphp.org/
Title: elkingphp

Search URL Search Domain Scan URL

URL: http://cima4u.tv/
Title: Cima4u

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html Show response
live.cima4u.ws/Episode/ 17 KB
4 KB 107ms
81ms Document
text/html 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f4296b8aa22662ad731bff0074de04433b2a37d4cd180b7bd3f6d604c40cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: live.cima4u.ws:2053
:scheme: https
:path: /Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9; path=/
content-language: en-us
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: ISeveNiT.CoM
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvdXbmsU7sRyTW2lkQhNY4IgM6MHM43bKmOmkQumlVtjv%2FKjtzX0s796WVWI0wSpw6p6xmDjM62UvJ0Y%2FUQ%2FeuImhqsGQwnXVSa7CffYjaHkZKIzbH5Kv03K4SY1RXQSPDn%2FnUdpulkcTUBLGYnYRSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6756cfcde9232c22-FRA
content-encoding: br
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400

GET
H2 200 main.css
live.cima4u.ws/styles/ 122 KB
20 KB 379ms
74ms Stylesheet
text/css 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/main.css?729546953

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c27f3825a852bdcb4af96c3e9d53cd3bfea9da31dc653711b6648f634553df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/main.css?729546953
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/css
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeiGWQIOgROjKAhHWOHhAC%2Bv%2BSy649ZgF5dbSxNXGRRKZgZp3uhjueNouDD9dT8mkX8BOuJfOX%2F2yc3I01tGSqSIr6oAJZmkLBJbbW6vfkI0dgNBL39jrZ1PtYftlVnvB96cnrqivAWMcfBg97FwD2M%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd06f212c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 responsive.css
live.cima4u.ws/styles/ 10 KB
3 KB 371ms
65ms Stylesheet
text/css 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/responsive.css?597959415

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff065c06adcf72bcf54af51fdd5d7883ea0c70be39b7a1e8c829eefee138d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/responsive.css?597959415
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/css
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3dE7mPwAj7kWrtelam20kSPKIrDclgICV8ma7uLwsmcQB2SUtdiCteFceVpo8AsfDtUaG%2BSiw7sCQfeDtG67W00iRm2Dv9UzPlHli%2F%2Fa09oDnnc8raOg2cNGj2DbZHvXTue6IPGDVoPTXk%2BzYWr2kc%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd07f242c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 1543505218_0.jpg
live.cima4u.ws/template/images_video/ 26 KB
27 KB 361ms
55ms Image
image/jpeg 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/images_video/1543505218_0.jpg

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cea3e9ce7445feef365b9a9d25f88959b1e671b7915554aa4931d2801e731c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/images_video/1543505218_0.jpg
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 27046
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 13 Jan 2021 21:55:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWXuFH5NZ4O2LK6Xk6vWvlfdPELtKkW4BA22eNN2e4Ek8clKAb9j5v3bTAUhUng2I8XseansuO2FFWcjkdyNew50tSldfxOFGocrnukztRUr3kAV5PN%2BWcRpKilx7nIwMsafEC%2BP4NUscNhsHqmD55s%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f262c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1610501408_icon.jpg
live.cima4u.ws/template/logo_server/ 3 KB
4 KB 365ms
60ms Image
image/jpeg 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1610501408_icon.jpg

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40eba5c6f1fa17643edd6fdff1bd43bcb698931966aaa8c0265bc89b9a9678c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1610501408_icon.jpg
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 3380
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2ji0Pin%2BzultHBn1yzy0RLv07hsVB0C9BKClKohDoYIud%2FPs7Nor247dYHLhrEFFL%2F7qSMVgnA2kBLEIc45HrRhfZtz93J%2BAfgP0kq%2BTQB7u12kYqPR4iC76Mp1M608znEvuwYrPWV0nlr3tgH6gCQ%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f272c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1593279625_333.jpg
live.cima4u.ws/template/logo_server/ 4 KB
5 KB 355ms
49ms Image
image/jpeg 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1593279625_333.jpg

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a79378547115542a301a64a4d9485dc7f0ffadf1a263ce44071c6a32e3074b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1593279625_333.jpg
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 4547
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU0UnKlbh%2FUkeVxN594t4LjHUIFRAyNIwkNn%2BnL7k5gMcPq4P50kpDoR30kq3E9oLYROZvnD9SL8OJl7CowWhQPozMrrcaKNfFxpmWk4UgoD133duYiIBmJSrG8vIxXXlo%2B4J5XjpH%2Bf1pksdUW1pK0%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f282c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1593280124_333.jpg
live.cima4u.ws/template/logo_server/ 2 KB
3 KB 365ms
59ms Image
image/jpeg 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1593280124_333.jpg

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b76a2bf0ed8274f35a74a267f06c5f684c9d332c07df1fc49bd36da29c6f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1593280124_333.jpg
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 2535
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMPft2TP5DtmXnyHlbwV5QoJnczSuTFycFh6BXWplk%2Fj6E5HyHjC4sa4ZRVjaFVQAKh5Glea5zFnWIVwjUcV%2FSzgqYpDTzmxzEWa1M2evBC8vXU6a2GI2iXybC2t7WD%2FrUs39y%2B2XIDDjbwfyqzZEsQ%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f292c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1614283692_ok.png
live.cima4u.ws/template/logo_server/ 5 KB
6 KB 364ms
58ms Image
image/png 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1614283692_ok.png

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a24596308cca21ca71ed9aa31d0a6af0079de3c6a3af766e33fcb099fe40e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1614283692_ok.png
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/png
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 5205
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 25 Feb 2021 20:08:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5Y39%2BJ4vZSss6gndEWd%2FqoQ1XmpJACL7DMCud%2Bwm3%2B%2Bo6ZCQ%2FURbNSpKVef77ZrAqJj87hm5wgFZWYvCpyNeoQ7ND9cOG3dxbcT46%2ByQqUCuMN%2Fu%2BpJgwS4ZPkOaf6wgofvZc18CPhlg4dQITvkaBM%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f2a2c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1529474904_11.jpg
live.cima4u.ws/template/logo_server/ 5 KB
5 KB 363ms
58ms Image
image/jpeg 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1529474904_11.jpg

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577237d143c42a3101cac47e92ba0fb70a59b08775cef4cfc33849d58421f919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1529474904_11.jpg
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 4835
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXSuVP3ueR3hEPtk0xndWjiMoh0VZUf0MVOevrePPe5bB1Q%2FX3eYpaSgvXJjLbywnsDWyvfoQp373LjGtB8AsuIam6sbOQdVvS6jhzxPZWzoZzOf%2FSxGGP%2FUgBfWRwgGhNTANtireZfAcMGMFOXzvT4%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f2b2c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1610501503_down.png
live.cima4u.ws/template/logo_server/ 613 B
914 B 359ms
54ms Image
image/png 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1610501503_down.png

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36cc658651a733386be2b6ab7ed95911ea4cc61ecbb7c94d7c60dc92ede7d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1610501503_down.png
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/png
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 613
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j1Odux7X22zLx%2BLJW0HFvYHKHZDp0zefBN%2B4lZxaCaynOMUFLXnOLxbCs4ND291Fe0WYabSbWME%2BvMv9n3JZ%2BEX5UxOacMaJuBsiiuH0yXCXCXVmqi%2BLSFTZiJhvE3p7K8SZsmttyDzS3GGKBVKPNU%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f2c2c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 1614339672_offk.png
live.cima4u.ws/template/logo_server/ 74 KB
74 KB 370ms
66ms Image
image/png 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.cima4u.ws:2053/template/logo_server/1614339672_offk.png

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c4d7355728991f3601b83724ef139725ffc59566c3335e91eac4d6858f6a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/logo_server/1614339672_offk.png
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: image/png
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 75557
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 26 Feb 2021 11:41:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIY3q7WZ6rH8sPgstU%2F%2FMSii5%2B12rKWDfpTxf3tvjcoKz7idLnWEiD5O9ZXEGulBX9p%2Fa%2FyX1%2BsY2RVjDy9rcUXLvX%2FWalZ1F6Uu1sJb20b%2B61U6L8CyExQUAVk53h0s9nM0TUBUmMgUw3OhMzNXkgk%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd07f2d2c22-FRA
expires: Sat, 25 Sep 2021 15:13:27 GMT

GET
H2 200 yourcolor.png
cima4u.ws/wp-content/themes/YourColor/components/packs/%23footer/ 5 KB
6 KB 62ms
52ms Image
image/png 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cima4u.ws:2053/wp-content/themes/YourColor/components/packs/%23footer/yourcolor.png

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbc42dc224420a18976ae944e5475555d91b2897052955afbda0a50fdc4f19cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:26 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 5338
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 20 May 2020 15:24:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8Z9bdIgKTMa6KuPFzLrrGDlOwM6A3rBe8b7%2FFZFsgg7zr%2Fw1mt1GhPhFWapKxfbSXV10ETglfm7eB2nBwF9PxEIuoOk%2FnvvGMElycTZDWxMeAGEsCj%2Bx3NktKrD0c9WXf16wixf98AupXCp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfce9ae92c22-FRA
expires: Sat, 25 Sep 2021 15:13:26 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 46ms
14ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b8a20353a00004a85653b1000000001
last-modified: Mon, 19 Jul 2021 18:19:39 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60f5c23b-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLtaHG4DnDEvtB6skXr6gEQNplWyR6KluCvTZ2fOR%2FBoMGkbJ17Rm%2BhhLJ%2BgeHXO9AA%2FgbloQiC%2FpSJUuOj8ykx6tzw1rJSa9NnGD3pB82Lzu6CaJJlBTEA4vUOlGJTSs%2Bzp8OBIDy%2BgSDuOBfzrkxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6756cfcecc8b4a85-FRA
expires: Thu, 29 Jul 2021 15:13:26 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 43ms
13ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:26 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6756cfcebd155364-FRA

GET
H2 200 run_elkingphp.js Show response
live.cima4u.ws/template/elkingphp_style/default/js/ 5 KB
2 KB 416ms
113ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/template/elkingphp_style/default/js/run_elkingphp.js?v=1.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebcc27cde5bff769a38f554f9b08c54143afccacb19e2a8db585b602fde410f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/elkingphp_style/default/js/run_elkingphp.js?v=1.0
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kxHkohC1H51KMKByAXawiB2NiN3HHKnMb3arKRRxxSa5BNwWwg1gxMwit84QnUjGztB229JRNUgniP0%2BWcxCBYs30upZHdGJ6Ni%2BHAe0n%2FryMDorxbNvIMSp148Fs2jbw9ibxIq6DEPu4auVQfthXc%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d8052c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 jMenu.jquery.js Show response
live.cima4u.ws/template/elkingphp_style/default/js/ 6 KB
2 KB 356ms
52ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/template/elkingphp_style/default/js/jMenu.jquery.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d01cfadbc7eaac146a1d1f46ae21cab666b5ed610b573f90b54c0cf3e313e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/elkingphp_style/default/js/jMenu.jquery.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abO42udbBpV90f70yNMG50tz0ki1UM%2FhBe9422FT8pTVELB7DAf6Be%2BfhCgunMZWUOpqP2l5rRgdUBxmJ6Unmyk855JUy%2BeAKhGrek%2FE5Q7N%2BHU%2Fe%2FHnQQ1YhEmzCMjiCcAK1Low5c9cNpiflab0Emo%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d80a2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 bootstrap.js Show response
live.cima4u.ws/template/elkingphp_style/default/js/ 67 KB
15 KB 371ms
66ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/template/elkingphp_style/default/js/bootstrap.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/elkingphp_style/default/js/bootstrap.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9EGLRKHPzCjnv5Ch9m7lSt39PTQDaDCV%2FJBPdEvm%2FWgTmPtgAMlE15pSQrtOSAGcmiKGtR02r%2BopLYplOnLf1fUpgn3b%2BDSlvlztIR8%2FKtdqyxZwNeKQLczCZ%2BtZl32l%2FTsn0rxFQhH985Z1yS5a4M%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d80e2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 jquery-ui.js Show response
live.cima4u.ws/template/elkingphp_style/default/js/ 8 KB
2 KB 354ms
53ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/template/elkingphp_style/default/js/jquery-ui.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a15561d434b0e710f1c4a575561d7e9dd1f5109d7fc36a535bf14597dc905ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/elkingphp_style/default/js/jquery-ui.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8QFXoc3qtcWxtrXOrTOwFyc%2F%2Bq0O0ivDAZJjk6%2Fu45pcdcivrEzGSknnTlIf2RyST1x%2FxNqxvbfk6fX%2FSZ94lixbP8dZOCnSFU1Yi5SdrGsbDE%2BvLLmuGFhSkv4uf8YGdySAkhL785%2BXyxRwS0fwLo%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d80f2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 jquery.js Show response
live.cima4u.ws/template/elkingphp_style/default/js/ 239 KB
73 KB 387ms
86ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/template/elkingphp_style/default/js/jquery.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc4bbd524b5a4fc27cb7f2efbb8596a93c7088075bc1b2152c6fa2e7b96072b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /template/elkingphp_style/default/js/jquery.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxNoWLfcq4dCgYuyc1XgIzVrtaPs2zNcJsWQN%2BDgs40tJrEW67vbukY%2FHANsRZVk8Jxq8%2FPSJP%2BslWA7z8cNJFTGrSoMJk0%2Fjtw1C8Q7LZjs3QWaC5BucUsXIwplN0m4uYHUuQZMxoA3P6Jru7Ho95o%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d8102c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 368.js Show response
b.m2track.co/adb/zone/ 10 KB
2 KB 300ms
95ms Script
application/javascript 172.104.26.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://b.m2track.co/adb/zone/368.js?v=1.22
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.26.196 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1845-196.members.linode.com
Software: nginx /
Resource Hash: 46ef48864e37ea81f5eb6ac0e46bd02b9bceb61ac2f98a37dab9ebd2b52420a7

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by: mads-webserver
date: Tue, 27 Jul 2021 15:13:27 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62776787-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c78dbd96e08c9a701062e3517f363dac23b8dcbd0e02bff92aafecaf2a44ac22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40058
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:26 GMT

GET
H2 200 setup.js Show response
live.cima4u.ws/styles/js/ 16 KB
4 KB 385ms
82ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/js/setup.js?448986467

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdb07b4559f8a15e010bf3e67a1746487ee5b83ca8e20cb2cc9d75867a67fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/js/setup.js?448986467
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww3Rs9G3dj9449cBtjow3esLXF6SbRZRfInz3yIFjLiPN%2F8igmrh8G%2Fn1Ei89RH7vojaB5Rj9wmea%2BE8rVpJ0rUBvjwTWXr7n8WifDtc%2F4g7ioZCY9P9wTCX6CDQbm4ZDlyuqFPz4DS1%2Ba51CJcCnuY%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d8182c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 owl.carousel.min.js Show response
live.cima4u.ws/styles/js/ 42 KB
11 KB 378ms
76ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/js/owl.carousel.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff4256c59677a7467b619afe4ecdedb81b780ede42fb6579b8cc6d77178b26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/js/owl.carousel.min.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P1j4%2B86YowLHUSO953SwYh78yOGPIqW2JSk49cCLjZHrJSHp2ASwVSGbrJoxx9kbklBj93868VNm1LS4UaPKUHHHw1tg1CV1AU520DtYjH7oM5%2FbfprukpyCdpxmz8YDHSad53OXFzl3tdBB6Aox2A%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d81b2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
live.cima4u.ws/styles/js/ 86 KB
31 KB 377ms
75ms Script
application/javascript 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/js/jquery-3.4.1.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/js/jquery-3.4.1.min.js
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q32q0cB%2FEKD%2BW3eXvxAydXXsqPUqkQs3eUWJvxUziqm8vwOBdgHCkNntreOuSwCoC18Te7j4Quq%2FCr3UU2c0b0bMshJ1%2BxFIJ8yT44mVQ3fQGv2ui0CDW4xDzW8V%2FzDjCBa8wIrsIW5nTaSa1pqUPCo%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd0d81d2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 fonts.css
live.cima4u.ws/styles/ 1 KB
758 B 380ms
78ms Stylesheet
text/css 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/fonts.css

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/main.css?729546953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10bf3911b4b140af1833f131614d476d4083349c7cb7e6fa76f13b5ff8d5535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/fonts.css
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/styles/main.css?729546953
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/styles/main.css?729546953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/css
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lk%2FFU%2BKRuHThexdRQksTLAB7j4jokkABroX2ptes0el9Z9zFuisyVyTXUx3MOc1N45TQHVKx4FRCXpukDWo9QqYIv9NjbYkgFEgAOjCLGr%2FO0rZ2RRtIDHVbwym3BlvaxsMZnIrDYzJ4yqqzPCK%2Fnfg%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd2dd302c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 ionicons.min.css
live.cima4u.ws/styles/Font/Ionicons/ 44 KB
7 KB 354ms
52ms Stylesheet
text/css 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/Font/Ionicons/ionicons.min.css

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c912aa817df149ee42ec55bf975e71af03944afd22b9fdd5475d02397c55d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/Font/Ionicons/ionicons.min.css
pragma: no-cache
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/styles/fonts.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://live.cima4u.ws:2053/styles/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/css
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QMIQ5dX5F395hx%2BFvyIbTxwWOstXvk7Ubkt8IouuDscbN9O6mHFG4ui95A%2FLjdHZTT%2BwCNGZtGRaOhoWzLNuV7N5sWrm1K%2BWi3fnw3G0OgNJJ0zHkx7Pp4DtVBQK3UECKbJMatDmicgYYBC9IcT4Jw%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=2592000
cf-ray: 6756cfd53a9e2c22-FRA
expires: Thu, 26 Aug 2021 15:13:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 399 B
409 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f49a3460d02695e4d95596206144506779462fbda9875dc45b7ac46ab645606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 14:51:25 GMT
server: ESF
date: Tue, 27 Jul 2021 15:13:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jul 2021 15:13:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
448 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

414551f001a38adea76d53819b2447aa0f1c5f6187ffa1a66ca43c66b576f132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 15:00:10 GMT
server: ESF
date: Tue, 27 Jul 2021 15:13:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jul 2021 15:13:27 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v4/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://live.cima4u.ws:2053
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 16:35:56 GMT
x-content-type-options: nosniff
age: 599851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9864
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 16:35:56 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e897c82660d07f683639eab5b285c61a3ea372c0880b76146804c27c1663f251

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v4/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://live.cima4u.ws:2053
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 09:47:15 GMT
x-content-type-options: nosniff
age: 19572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10580
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 09:47:15 GMT

GET
H3-29 200 1cXxaUPXBpj2rGoU7C9WiHGF.woff2
fonts.gstatic.com/s/righteous/v8/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/righteous/v8/1cXxaUPXBpj2rGoU7C9WiHGF.woff2

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/fonts.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://live.cima4u.ws:2053
Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:32:58 GMT
x-content-type-options: nosniff
age: 49229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12608
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 23:53:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:32:58 GMT

GET
H2 200 ionicons.woff2
live.cima4u.ws/styles/Font/Ionicons/ 49 KB
50 KB 369ms
62ms Font
font/woff2 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/styles/Font/Ionicons/ionicons.woff2?v=4.5.9-1

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/styles/Font/Ionicons/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://live.cima4u.ws:2053
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9
:path: /styles/Font/Ionicons/ionicons.woff2?v=4.5.9-1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/styles/Font/Ionicons/ionicons.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://live.cima4u.ws:2053
Referer: https://live.cima4u.ws:2053/styles/Font/Ionicons/ionicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: font/woff2
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 50556
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 13 Jan 2021 21:55:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVOdFSVwXT9waT5W38SBpgVleXKaon2k889F6ACIuLYT9GgEI%2FW2z0%2BARLJfsVELvIjwFOspZTdN7vk9lXa7BzierSrXJTk83Bpaqyl3jyIejVS9kkaQQu4B96%2FleqgGNKg4zXUN5GjxvobnRHzs3rY%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6756cfd7c80c2c22-FRA
expires: Sat, 25 Sep 2021 15:13:28 GMT

GET
H3-29 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v4/ 8 KB
8 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://live.cima4u.ws:2053
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 09:32:40 GMT
x-content-type-options: nosniff
age: 20447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8488
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 09:32:40 GMT

GET
H3-29 200 Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v4/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://live.cima4u.ws:2053
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 03:10:40 GMT
x-content-type-options: nosniff
age: 43368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8948
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 03:10:40 GMT

GET
H2 200 368.js Show response
b.m2track.co/adb/za/ 28 KB
6 KB 243ms
243ms Script
application/javascript 172.104.26.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://b.m2track.co/adb/za/368.js?v=1&v=1.22&t=6100229858d4fc.95353114&mv=1&referer=https://live.cima4u.ws:2053/Episode/27605-%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584+I+Hear+Your+Voice-127621.html
Requested by: Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.26.196 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1845-196.members.linode.com
Software: nginx /
Resource Hash: c12630cd149d6a320fa961bff2a9d2f6dda458fdc4e9fe74bf374248a722748c

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by: mads-webserver
date: Tue, 27 Jul 2021 15:13:28 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62776787-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1349
date: Tue, 27 Jul 2021 14:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 27 Jul 2021 16:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
17ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=788642479&t=pageview&_s=1&dl=https%3A%2F%2Flive.cima4u.ws%2FEpisode%2F27605-%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584%2BI%2BHear%2BYour%2BVoice-127621.html&ul=en-us&de=UTF-8&dt=%D9%85%D8%B3%D9%84%D8%B3%D9%84%20I%20Hear%20Your%20Voice%20-%20%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9%20%D8%B1%D9%82%D9%85%2014&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1679754857&gjid=44316819&cid=231332853.1627398808&tid=UA-62776787-1&_gid=1964363677.1627398808&_r=1&gtm=2ou7l1&z=773304863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 15:13:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://live.cima4u.ws:2053
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 server.php Show response
live.cima4u.ws/structure/ 145 B
508 B 508ms
33ms XHR
text/html 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/structure/server.php?id=2234957

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/template/elkingphp_style/default/js/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52191c827c06ebbca6224ced107d07cb07ce78a6a20c49f575a1cdaaa8256c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://live.cima4u.ws:2053
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9; mvltokenv2-368=1; _ga=GA1.2.231332853.1627398808; _gid=GA1.2.1964363677.1627398808; _gat_gtag_UA_62776787_1=1
content-length: 10
:path: /structure/server.php?id=2234957
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 27 Jul 2021 15:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-server-powered-by: ISeveNiT.CoM
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7Oq0%2BK2Ey2okE4OkJU62HS78b6SB8R5V0sOEwRtBJ1qYdsGyikFqVhs9G63gS0do2dRqNcMb1J0dolwyVZWnuqbkZedOoX%2FifRsVXno%2FE81PyX%2Bp6Jc9TyTw2YcNNTP%2Fxofi6S%2BJ2MZePmSRAMV9j4%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-us
cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
cf-ray: 6756cfdbc8a62c22-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-62776787-1&cid=231332853.1627398808&jid=1679754857&gjid=44316819&_gid=1964363677.1627398808&_u=YEBAAUAAAAAAAC~&z=1962124580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Jul 2021 15:13:28 GMT
content-type: text/plain
access-control-allow-origin: https://live.cima4u.ws:2053
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
live.cima4u.ws/cdn-cgi/ 0
210 B 490ms
31ms XHR
text/plain 2606:4700:20::ac43:47f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.cima4u.ws:2053/cdn-cgi/rum?req_id=6756cfcde9232c22

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://live.cima4u.ws:2053
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=ac6e2021e5228e16064f3a7f98f7a3a9; mvltokenv2-368=1; _ga=GA1.2.231332853.1627398808; _gid=GA1.2.1964363677.1627398808; _gat_gtag_UA_62776787_1=1
content-length: 10949
:path: /cdn-cgi/rum?req_id=6756cfcde9232c22
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: live.cima4u.ws:2053
referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 27 Jul 2021 15:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://live.cima4u.ws
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6756cfdbc8a82c22-FRA
vary: Origin

GET
H2 200 aHdES013Q3BRaEVZaEdEZlBiZVVlVXpwZHpZeC9adlhLeHRaaGthcXQ0SkxhelkwM2d3dmJVdFlFcjJxRjhRQ0JqMlBZdngyalFka25oNldYSmVOMnhBdGdyV0ZZcGloQ1JFVy9UUVpKUGZCUjRtOW1VYlp3cCtCVHZjd3pjc3FQZnJYcmF1N3I1aDdmSVBjSG5OS... Show response
b.m2track.co/adb/zi/ 14 B
218 B 233ms
230ms Script
application/javascript 172.104.26.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://b.m2track.co/adb/zi/aHdES013Q3BRaEVZaEdEZlBiZVVlVXpwZHpZeC9adlhLeHRaaGthcXQ0SkxhelkwM2d3dmJVdFlFcjJxRjhRQ0JqMlBZdngyalFka25oNldYSmVOMnhBdGdyV0ZZcGloQ1JFVy9UUVpKUGZCUjRtOW1VYlp3cCtCVHZjd3pjc3FQZnJYcmF1N3I1aDdmSVBjSG5OSFNGWGdSdi9USzdZUlYzaFZ3cVV4VTVXWWNWWmlZamx6dzVUOW1YNmRQRmRYcEtHQWxDd2UyTHI4U3hXYjlLNGYvR1kyTTRBcWRJb0hLVDVwaEdyMXV5LzVpUjkzRlRqRUZqSnN2T2dYeC9kdQ==.js
Requested by: Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.26.196 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1845-196.members.linode.com
Software: nginx /
Resource Hash: 717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by: mads-webserver
date: Tue, 27 Jul 2021 15:13:28 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 aHdES013Q3BRaEVZaEdEZlBiZVVlVXpwZHpZeC9adlhLeHRaaGthcXQ0SkxhelkwM2d3dmJVdFlFcjJxRjhRQ0JqMlBZdngyalFka25oNldYSmVOMnhBdGdyV0ZZcGloQ1JFVy9UUVpKUGZCUjRtOW1VYlp3cCtCVHZjd3pjc3FQZnJYcmF1N3I1aDdmSVBjSG5OS... Show response
b.m2track.co/adb/zui/ 14 B
214 B 233ms
231ms Script
application/javascript 172.104.26.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://b.m2track.co/adb/zui/aHdES013Q3BRaEVZaEdEZlBiZVVlVXpwZHpZeC9adlhLeHRaaGthcXQ0SkxhelkwM2d3dmJVdFlFcjJxRjhRQ0JqMlBZdngyalFka25oNldYSmVOMnhBdGdyV0ZZcGloQ1JFVy9UUVpKUGZCUjRtOW1VYlp3cCtCVHZjd3pjc3FQZnJYcmF1N3I1aDdmSVBjSG5OSFNGWGdSdi9USzdZUlYzaFZ3cVV4VTVXWWNWWmlZamx6dzVUOW1YNmRQRmRYcEtHQWxDd2UyTHI4U3hXYjlLNGYvR1kyTTRBcWRJb0hLVDVwaEdyMXV5LzVpUjkzRlRqRUZqSnN2T2dYeC9kdQ==.js
Requested by: Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/Episode/27605-%D9%85%D8%B3%D9%84%D8%B3%D9%84+I+Hear+Your+Voice-127621.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.26.196 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1845-196.members.linode.com
Software: nginx /
Resource Hash: 717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

Request headers

Referer: https://live.cima4u.ws:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by: mads-webserver
date: Tue, 27 Jul 2021 15:13:28 GMT
cache-control: max-age=86400, public
server: nginx
content-encoding: gzip
content-type: application/javascript; charset=utf-8

GET
H2 200 embed-222xyxeojwbp.html Show response
myviid.net/ Frame E902 58 KB
19 KB 390ms
362ms Document
text/html 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/embed-222xyxeojwbp.html

Requested by

Host: live.cima4u.ws
URL: https://live.cima4u.ws:2053/template/elkingphp_style/default/js/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33e33cbb579bb8cb15b77adb3c261d54766d4c0d1f7d1e7d5757bb6a0f4d174

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	1
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myviid.net:2053
:scheme: https
:path: /embed-222xyxeojwbp.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://live.cima4u.ws:2053/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://live.cima4u.ws:2053/

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 2021 15:13:29 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.myviid.net; path=/; HttpOnly
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t43GKc7eglZLIfFvHGh27gowsJ4YmXMWTEO6kImJCb5vqBl8om2Mjn4pxnnoHWc7OlkF6TDXT%2BijSnHcUoT5JgS34OstYqclViMC64%2FaTQeF8cEQWnH8QgiEdC1U9ML8o47ReK0hNZ7zy6flD70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6756cfdc7a5e2b35-FRA
content-encoding: br
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400

GET
H2 200 main.css
myviid.net/css/ Frame E902 48 KB
12 KB 414ms
111ms Stylesheet
text/css 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/css/main.css

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d193e94f2cb8f5e155ab5b9358bc3eab6e458ad1968117261ba29121ef442e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 09:56:24 GMT
server: cloudflare
etag: W/"5f50bdc8-be6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Phj8CBxD5fyha7i%2B6UF380picej%2FVB6STTQZOTDCjL414MsVsE0gE5t7aICNWqC1sIONI5FAx3CSgHTWjShL8VQIE92F0tkEIuFui19RltLkB8risEpmzqiywQsefuGgl1Yrb59ssYcM4sajSkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6756cfe0bba82b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H2 200 jquery.min.js Show response
myviid.net/js/ Frame E902 87 KB
32 KB 352ms
49ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/js/jquery.min.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 05 May 2020 04:02:38 GMT
server: cloudflare
etag: W/"5eb0e55e-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3skbGYgtXfnf8dmVVkRrC%2FRy%2FCsXNfU8VFC7JI0LIsiETJ9l6AGv7I8RqWBlRhbRPtfMezjmcPs3dsZlOyUUeQMpj0q3GNhy64d6b2LlBxyeHt9oF7CZ6LdFKTwFkbAwDW3%2BgZ4KIzHjLXdbZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6756cfe0bbae2b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H2 200 xupload.js Show response
myviid.net/js/ Frame E902 10 KB
4 KB 414ms
112ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/js/xupload.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612b13c71643177e4b33c59175d7da0ff5fe1013d99cfb0a0586632461137e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Sep 2020 14:54:38 GMT
server: cloudflare
etag: W/"5f734aae-26a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s2LGG6SI8RI1VG5wqXuUuL1JZCycndJJM7wrCLoyA6LqxrbzvRqNgeCnjUcLtEwSrPpYe%2F%2FLnzdSb6ncKodVeBo1h8xpt03pIheXIlVTVzKdk9vssLojZ3RJmqhr9ZqLPJKARg%2FDhTxTPzVw10%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6756cfe0bbb32b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H2 200 jquery.cookie.js Show response
myviid.net/js/ Frame E902 4 KB
2 KB 393ms
91ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/js/jquery.cookie.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 May 2011 10:53:56 GMT
server: cloudflare
etag: W/"4de4c8c4-10eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVA4cvZ5GsLnj8y8FejTySYYXg95iuLxRA23ClgCdzDsD7S044Nt3f71vStaYfx3kk5R97oM5EiD51dNSvMbZSqWO76rQ8cmyZYhP33EW7hxgjqESeDcL8D1bDkYL6p3t0eAkt1wzG%2FmRE%2Fj2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6756cfe0bbb62b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H2 200 jwplayer.js Show response
myviid.net/player8/ Frame E902 111 KB
37 KB 410ms
108ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/player8/jwplayer.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078391c348115ab329413fc0d2495130d7fdc530d3b148f6308461080458838d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2020 12:45:25 GMT
server: cloudflare
etag: W/"5fda0165-1bcc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbsye1ddrNRgd1NClt28nt6Z4VECQK95oJTJ284TPrsKlDG1BnMpBOEbDRhTTEHB%2BT2jqeeZm63KlEyJQ8%2FPmbak3%2BjP3FuogGdy9mMSnUSbxwy9cNS8tVkoV85FZbc4g68YY6F0eHyXDMgrUds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6756cfe0bbb92b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H2 200 googima.js Show response
myviid.net/js/ Frame E902 36 B
368 B 396ms
94ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/js/googima.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:29 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
content-length: 36
x-xss-protection: 1; mode=block
last-modified: Thu, 14 May 2015 17:57:56 GMT
server: cloudflare
etag: "5554e224-24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp4MxIwO6yb%2FseoS9bJpCNso5r4TGVFQzUJSH9kFljSStzYKgeE7ivKDR0pU%2BAqvlR4LlD6IUaFdG9mXKX1MXmgLp224prit8T9R6TXfd5qI%2BZHIfYoG1jK5Q4SHorr6J0LJO3TMgOBApR6cg3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6756cfe0bbbd2b35-FRA
expires: Tue, 03 Aug 2021 15:13:29 GMT

GET
H/1.1 200
OK 222xyxeojwbp.jpg
psn26.myviid.net/i/01/00019/ Frame E902 31 KB
31 KB 200ms
47ms Image
image/jpeg 195.154.207.68
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://psn26.myviid.net:2053/i/01/00019/222xyxeojwbp.jpg

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

195.154.207.68 , France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-207-68.rev.poneytelecom.eu

Software

nginx /

Resource Hash

36898e78f432f1825ed7f272bc65da2cf1828f4655cfad56620c449b2d4be2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 15:13:30 GMT
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sat, 26 Dec 2020 13:28:13 GMT
Server: nginx
ETag: "5fe73a6d-7a58"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31320
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Aug 2021 15:13:30 GMT

GET
H2 403 a9543b08c0cf630c247d0a831f66d144.js
provensequencerepetition.com/a9/54/3b/ Frame E902 0
0 948ms
599ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://provensequencerepetition.com/a9/54/3b/a9543b08c0cf630c247d0a831f66d144.js
Requested by: Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jul 2021 15:13:30 GMT
server: nginx/1.17.9
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jwplayer.core.controls.html5.js Show response
myviid.net/player8/ Frame E902 335 KB
91 KB 460ms
101ms Script
application/javascript 2606:4700:3035::ac43:c241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myviid.net:2053/player8/jwplayer.core.controls.html5.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c241 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97c18b1faf18cc1e6b0273c7d1398612ad7b1c9e5c3ab2b386e78908599e83fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/embed-222xyxeojwbp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:30 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":2053"; ma=86400, h3-28=":2053"; ma=86400, h3-29=":2053"; ma=86400, h3=":2053"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Dec 2020 15:30:28 GMT
server: cloudflare
etag: W/"5fd23f14-53dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTiNZXNLkZ6vXVFDlT63ba21FPPanPIRiZ03zxLbh9g8Qg1OdEHSaVzloVuqRaTWd7KUssZ8VMHc%2BNo3bySVktolp9MuAyvvAdvPR6Bgl8awup%2BmWu2MM5FV8SobU%2FwPPMwOQQDk8bKxNy1quhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6756cfe4edcd2b35-FRA
expires: Tue, 03 Aug 2021 15:13:30 GMT

GET
H/1.1 206
Partial Content v.mp4
psn26.myviid.net/sn3kp7tqga6nuyc5wklodrsdqvjcyyvsfynkhml6vseadvgtqimmrzki4lyq/ Frame E902 8 MB
0 93ms
88ms Media
video/mp4 195.154.207.68
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://psn26.myviid.net:2053/sn3kp7tqga6nuyc5wklodrsdqvjcyyvsfynkhml6vseadvgtqimmrzki4lyq/v.mp4

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

195.154.207.68 , France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-207-68.rev.poneytelecom.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myviid.net:2053/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 27 Jul 2021 15:13:30 GMT
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sat, 26 Dec 2020 13:28:12 GMT
Server: nginx
ETag: "5fe73a6c-12a19f1b"
Content-Type: video/mp4
Content-Range: bytes 0-312581914/312581915
Connection: keep-alive
Content-Length: 312581915
X-XSS-Protection: 1; mode=block

GET
H2 200 apu.php Show response
zuphaims.com/ Frame E902 3 KB
2 KB 127ms
36ms XHR
application/json 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zuphaims.com/apu.php?zoneid=3030994&oo=1

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a7eddec105339d52f73a164efd1090ddc00242c9b7f3ed606b4b5711762789c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: f65da6fc2c9b5de1d6fe39812cecfe73
pragma: no-cache
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://myviid.net:2053
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
zuphaims.com/ Frame E902 62 KB
20 KB 132ms
42ms Script
text/javascript 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zuphaims.com/tag.min.js

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b0bc667bf2ba4f533bacdbf38f6c5f0287a0ed567feb69ff960b0c286b497485

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20249
x-trace-id: 69c387aa8fd3341013f782fc5f80c270
pragma: no-cache
last-modified: Tue, 27 Jul 2021 13:53:13 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 3535099 Show response
dozubatan.com/400/ Frame E902 83 KB
30 KB 232ms
150ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/3535099

Requested by

Host: zuphaims.com
URL: https://zuphaims.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1517f3a0e00bfedb0682a4b11becc0a244180883a59cc4c86c711eb171257117

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: fdcc820d9aa15bbba762cac1a946a8dc
pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 1 Show response
toglooman.com/ Frame E902 7 KB
4 KB 117ms
36ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3056507
Requested by: Host: zuphaims.com
URL: https://zuphaims.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: facf4f53d757b7fb7db483846b3146c3b48940e6e11bfd67910cf26c7c0ea32d

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
content-encoding: gzip
x-sc: Q3LnJ_ugsFYj-fSGR9dg0dHrKekJHzo_mPsrIT3-XGaWPy_6dW4HyuECMhMsuZ1iMhMKcJ8vZijMsQPNuDEHjqJwa_s=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 1CBB 203 B
833 B 114ms
33ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=27756c056fda41d3b88c8f88eff5eb71&oaidts=1627398810

Requested by

Host: zuphaims.com
URL: https://zuphaims.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ee296636064708832393112bf03550562628e26d5696c292e14fb6dfd8e61c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=27756c056fda41d3b88c8f88eff5eb71&oaidts=1627398810
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myviid.net:2053/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myviid.net:2053/

Response headers

server: nginx
date: Tue, 27 Jul 2021 15:13:31 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: c95c04d84ed0541622815e3a7a5dceef
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=27756c056fda41d3b88c8f88eff5eb71; expires=Wed, 27 Jul 2022 15:13:31 GMT; path=/; secure; SameSite=None oaidts=1627398810; expires=Wed, 27 Jul 2022 15:13:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 22d39097d2e1433f438b352b21281f7d Show response
toglooman.com/27/ Frame E902 363 KB
119 KB 107ms
105ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/22d39097d2e1433f438b352b21281f7d

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3056507

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

336c8310e0eed4376374e6610f1b4299523eb7ff789069aeb653b6b163ba064b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 04:05:31 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Tue, 26 Aug 2081 04:05:31 GMT

GET
H2 200 38 Show response
toglooman.com/42/ Frame E902 0
495 B 150ms
148ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3056507
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3056507
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 1CBB 43 B
492 B 112ms
33ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=27756c056fda41d3b88c8f88eff5eb71

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=27756c056fda41d3b88c8f88eff5eb71&oaidts=1627398810

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
onmarshtompor.com/ Frame E902 2 KB
2 KB 52ms
47ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=jvFPvbZYumigfMHgjf8lcIfdK0-dWnHxaxydk31ibwl6jt39LI-j2xpgunUneLou4Hhy2XBnvvg8z4xHo3W_7yheMJ0DSd6LEv3S6AWvD5Cc4COpuPaxCax26EZVnzOgZqBkwGMOWXdtTuBJfpz85M1cE0hBxTRTTlu4Toa-8AbAxjgdZpri6SB4mwU3-m53lSsbo50D8OyZ1MK8QRY1vQQcsl2Rguu6UVOcdRpzr_L1FfkwrWyEYLRFoXISpJ-jKVUCtTTGDvJt2ZAvAUyOOczBmzk%3D&zoneid=3030994&request_ab2=24103&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=788&wiw=788&wih=385&wfc=1&pl=https%3A%2F%2Fmyviid.net%3A2053%2Fembed-222xyxeojwbp.html&drf=https%3A%2F%2Flive.cima4u.ws%3A2053%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=1&m=link

Requested by

Host: zuphaims.com
URL: https://zuphaims.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

884a09d8f8d709259df6811cf3d46e532e6e79ccb1edc557b08b24359a05341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://myviid.net:2053
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ Frame E902 84 KB
34 KB 48ms
21ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/22d39097d2e1433f438b352b21281f7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 1420
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1nA8hvf118UxBEeYIyEg4oldVbZEDgAhVWpOC7PDa2mV0RTE2Dh5R6c2OQPDHrWbfqR6h72qK4hORYxpiyCn2hBpUfhw69uUQSdB4mrrN2oM07vBQTsfGg0VEWC3YiYUi%2BJv657puOJ0yBHjJq4%2FGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6756cfec5dfb16e6-FRA

POST
H2 204 9 Show response
toglooman.com/ Frame E902 0
509 B 34ms
33ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3056507&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fmyviid.net%3A2053%2Fembed-222xyxeojwbp.html&wy=0&wx=0&ww=1600&wh=1200&cw=788&wiw=788&wih=385&wfc=2&sah=1200&drf=https%3A%2F%2Flive.cima4u.ws%3A2053%2F&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/22d39097d2e1433f438b352b21281f7d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://myviid.net:2053
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 93ms
31ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3056507&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fmyviid.net%3A2053%2Fembed-222xyxeojwbp.html&wy=0&wx=0&ww=1600&wh=1200&cw=788&wiw=788&wih=385&wfc=2&sah=1200&drf=https%3A%2F%2Flive.cima4u.ws%3A2053%2F&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://myviid.net:2053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 15:13:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://myviid.net:2053
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ Frame E902 5 KB
5 KB 24ms
23ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:31 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ Frame E902 6 KB
6 KB 17ms
15ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:31 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ Frame E902 13 KB
13 KB 16ms
14ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:31 GMT

GET
H3-29 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ Frame E902 7 KB
7 KB 25ms
24ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:31 GMT

GET
H3-29 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ Frame E902 4 KB
4 KB 25ms
24ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: myviid.net
URL: https://myviid.net:2053/embed-222xyxeojwbp.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Tue, 27 Jul 2021 15:13:31 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame E902 65 B
544 B 39ms
36ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/3535099

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

35bcd685dc0b97f0b05b9698961bb94958e633c152f8b9c78eba2721b85353ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myviid.net:2053
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 204 3535099 Show response
dozubatan.com/500/ Frame E902 0
444 B 40ms
37ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/500/3535099?excludes=&oaid=27756c056fda41d3b88c8f88eff5eb71&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=788&wiw=788&wih=385&wfc=1&pl=https%3A%2F%2Fmyviid.net%3A2053%2Fembed-222xyxeojwbp.html&drf=https%3A%2F%2Flive.cima4u.ws%3A2053%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/3535099

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 0454933aaed169c5a264648d1d60e443
pragma: no-cache
date: Tue, 27 Jul 2021 15:13:31 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://myviid.net:2053
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3535099
dozubatan.com/500/ Frame 0
0 113ms
34ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://myviid.net:2053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 15:13:31 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://myviid.net:2053
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ Frame E902 0
402 B 118ms
55ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myviid.net:2053/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 27 Jul 2021 15:13:33 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://myviid.net:2053
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 177ms
32ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://myviid.net:2053
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 27 Jul 2021 15:13:33 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://myviid.net:2053

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			live.cima4u.ws/	1969-12-31 23:59:59	Name: PHPSESSID Value: ac6e2021e5228e16064f3a7f98f7a3a9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
b.m2track.co
cima4u.ws
dozubatan.com
fonts.googleapis.com
fonts.gstatic.com
live.cima4u.ws
my.rtmark.net
myviid.net
o.wowreality.info
onmarshtompor.com
provensequencerepetition.com
psn26.myviid.net
static.cloudflareinsights.com
static.lalaping.com
stats.g.doubleclick.net
toglooman.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
zuphaims.com
139.45.195.254
139.45.195.8
139.45.197.237
139.45.197.239
139.45.197.243
139.45.197.247
172.104.26.196
192.243.59.20
195.154.207.68
2606:4700:20::681a:87b
2606:4700:20::ac43:47f8
2606:4700:3035::ac43:c241
2606:4700::6810:5e41
2606:4700::6810:a823
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9b
078391c348115ab329413fc0d2495130d7fdc530d3b148f6308461080458838d
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
1517f3a0e00bfedb0682a4b11becc0a244180883a59cc4c86c711eb171257117
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0
336c8310e0eed4376374e6610f1b4299523eb7ff789069aeb653b6b163ba064b
35bcd685dc0b97f0b05b9698961bb94958e633c152f8b9c78eba2721b85353ca
35c4d7355728991f3601b83724ef139725ffc59566c3335e91eac4d6858f6a62
36898e78f432f1825ed7f272bc65da2cf1828f4655cfad56620c449b2d4be2d7
3a15561d434b0e710f1c4a575561d7e9dd1f5109d7fc36a535bf14597dc905ae
3c912aa817df149ee42ec55bf975e71af03944afd22b9fdd5475d02397c55d4b
40c27f3825a852bdcb4af96c3e9d53cd3bfea9da31dc653711b6648f634553df
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
414551f001a38adea76d53819b2447aa0f1c5f6187ffa1a66ca43c66b576f132
44f4296b8aa22662ad731bff0074de04433b2a37d4cd180b7bd3f6d604c40cdc
46ef48864e37ea81f5eb6ac0e46bd02b9bceb61ac2f98a37dab9ebd2b52420a7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52191c827c06ebbca6224ced107d07cb07ce78a6a20c49f575a1cdaaa8256c56
577237d143c42a3101cac47e92ba0fb70a59b08775cef4cfc33849d58421f919
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
612b13c71643177e4b33c59175d7da0ff5fe1013d99cfb0a0586632461137e17
64a24596308cca21ca71ed9aa31d0a6af0079de3c6a3af766e33fcb099fe40e0
6a79378547115542a301a64a4d9485dc7f0ffadf1a263ce44071c6a32e3074b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f49a3460d02695e4d95596206144506779462fbda9875dc45b7ac46ab645606
6ff4256c59677a7467b619afe4ecdedb81b780ede42fb6579b8cc6d77178b26c
717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
884a09d8f8d709259df6811cf3d46e532e6e79ccb1edc557b08b24359a05341c
8ff065c06adcf72bcf54af51fdd5d7883ea0c70be39b7a1e8c829eefee138d69
97c18b1faf18cc1e6b0273c7d1398612ad7b1c9e5c3ab2b386e78908599e83fa
99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
9cc4bbd524b5a4fc27cb7f2efbb8596a93c7088075bc1b2152c6fa2e7b96072b
9d01cfadbc7eaac146a1d1f46ae21cab666b5ed610b573f90b54c0cf3e313e2d
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a36cc658651a733386be2b6ab7ed95911ea4cc61ecbb7c94d7c60dc92ede7d21
a7eddec105339d52f73a164efd1090ddc00242c9b7f3ed606b4b5711762789c1
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b0bc667bf2ba4f533bacdbf38f6c5f0287a0ed567feb69ff960b0c286b497485
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
c12630cd149d6a320fa961bff2a9d2f6dda458fdc4e9fe74bf374248a722748c
c78dbd96e08c9a701062e3517f363dac23b8dcbd0e02bff92aafecaf2a44ac22
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d10bf3911b4b140af1833f131614d476d4083349c7cb7e6fa76f13b5ff8d5535
d193e94f2cb8f5e155ab5b9358bc3eab6e458ad1968117261ba29121ef442e16
d2b76a2bf0ed8274f35a74a267f06c5f684c9d332c07df1fc49bd36da29c6f78
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e33e33cbb579bb8cb15b77adb3c261d54766d4c0d1f7d1e7d5757bb6a0f4d174
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e897c82660d07f683639eab5b285c61a3ea372c0880b76146804c27c1663f251
ebcc27cde5bff769a38f554f9b08c54143afccacb19e2a8db585b602fde410f9
ee296636064708832393112bf03550562628e26d5696c292e14fb6dfd8e61c0f
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
f40eba5c6f1fa17643edd6fdff1bd43bcb698931966aaa8c0265bc89b9a9678c
f7cea3e9ce7445feef365b9a9d25f88959b1e671b7915554aa4931d2801e731c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
facf4f53d757b7fb7db483846b3146c3b48940e6e11bfd67910cf26c7c0ea32d
fbc42dc224420a18976ae944e5475555d91b2897052955afbda0a50fdc4f19cf
fdb07b4559f8a15e010bf3e67a1746487ee5b83ca8e20cb2cc9d75867a67fa91
ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba

live.cima4u.ws Open in urlscan Pro 2606:4700:20::ac43:47f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

55 %IPv6

19 Domains

21 Subdomains

21 IPs

5 Countries

960 kBTransfer

10119 kBSize

1 Cookies

10 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

live.cima4u.ws Open in urlscan Pro
2606:4700:20::ac43:47f8 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

55 %
IPv6

19
Domains

21
Subdomains

21
IPs

5
Countries

960 kB
Transfer

10119 kB
Size

1
Cookies

75 HTTP transactions
1 data transactions