urlscan.io logo urlscan.io
SecurityTrails logo

cut.do Open in urlscan Pro
222.122.205.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ertu.streamlink.to/dk5k
Effective URL: http://cut.do/b1F?ckattempt=1
Submission: On June 03 via api from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 34 HTTP transactions. The main IP is 222.122.205.147, located in Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is cut.do.
This is the only time cut.do was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.9.53.212 16509 (AMAZON-02)
1 1 2606:2800:234... 15133 (EDGECAST)
1 151.101.12.157 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 151.101.194.132 54113 (FASTLY)
1 142.250.185.162 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.161.164 16509 (AMAZON-02)
4 52.9.10.184 16509 (AMAZON-02)
2 52.52.95.5 16509 (AMAZON-02)
3 2a03:2880:f12... 32934 (FACEBOOK)
3 222.122.205.147 4766 (KIXS-AS-K...)
34 13
1    52.9.53.212 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-53-212.us-west-1.compute.amazonaws.com
ertu.streamlink.to
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
4    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
st.toneden.io
sd.toneden.io
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.161.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-161-164.cdg52.r.cloudfront.net
cdn.amplitude.com
4    52.9.10.184 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-10-184.us-west-1.compute.amazonaws.com
www.toneden.io
2    52.52.95.5 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-95-5.us-west-1.compute.amazonaws.com
fanlink.to
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    222.122.205.147 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
cut.do
Domain Requested by
4 www.toneden.io st.toneden.io
4 connect.facebook.net ertu.streamlink.to
st.toneden.io
connect.facebook.net
4 ka-p.fontawesome.com kit.fontawesome.com
3 cut.do st.toneden.io
cut.do
3 www.facebook.com ertu.streamlink.to
2 fanlink.to st.toneden.io
2 www.google-analytics.com st.toneden.io
www.google-analytics.com
2 sd.toneden.io ertu.streamlink.to
sd.toneden.io
2 st.toneden.io ertu.streamlink.to
1 cdn.amplitude.com st.toneden.io
1 www.googleadservices.com ertu.streamlink.to
1 kit.fontawesome.com ertu.streamlink.to
1 static.ads-twitter.com ertu.streamlink.to
1 platform.twitter.com 1 redirects
1 ertu.streamlink.to
0 img.tenping.kr Failed cut.do
34 16

This site contains no links.

Subject Issuer Validity Valid
*.streamlink.to
R3		 2021-06-03 -
2021-09-01		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.toneden.io
R3		 2021-05-14 -
2021-08-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
cdn.amplitude.com
Amazon		 2020-11-18 -
2021-12-17		 a year crt.sh
*.fanlink.to
R3		 2021-06-03 -
2021-09-01		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://cut.do/b1F?ckattempt=1
Frame ID: 6A33B79A26A5B51B3BE6A032773B514C
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ertu.streamlink.to/dk5k Page URL
  2. http://cut.do/b1F Page URL
  3. http://cut.do/b1F?ckattempt=1 Page URL

Page Statistics

34
Requests

82 %
HTTPS

38 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

1483 kB
Transfer

6127 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ertu.streamlink.to/dk5k Page URL
  2. http://cut.do/b1F Page URL
  3. http://cut.do/b1F?ckattempt=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set dk5k
ertu.streamlink.to/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ertu.streamlink.to/dk5k
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.53.212 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-53-212.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
37b56fc926bde6c6269bcb65f63ced03e7ae104c46787a5376070ea2e9e28cc3
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Host
ertu.streamlink.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By
Express
X-Nerd-Alert
Hacking us? Why not work for us instead? toneden.io/jobs
Strict-Transport-Security
max-age=604800000; includeSubDomains
Content-Type
text/html; charset=utf-8
Set-Cookie
connect.sid=s%3A%3AeAwzv4MIifVqDzs__XG1j1BRhCwLEACb.vwUqUlpekaquH6Pyoz9bJ9kwMJdUf0oB8MFpVjaKIFw; Domain=.streamlink.to; Path=/; Expires=Thu, 10 Jun 2021 20:40:48 GMT; HttpOnly; Secure; SameSite=None
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 03 Jun 2021 20:40:48 GMT
Connection
keep-alive
Transfer-Encoding
chunked
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
73771
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1622752850.071404,VS0,VE0
x-served-by
cache-fra19179-FRA

Redirect headers

x-tw-cdn
VZ
Date
Thu, 03 Jun 2021 20:40:50 GMT
Server
ECS (frb/6776)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Content-Length
0
113e3af7c4.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/113e3af7c4.js
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1787c158c15b3bfb665ed634db4b5a785a00977963584d25855d4ed84730e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Origin
https://ertu.streamlink.to
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
MISS
strict-transport-security
max-age=31536000; preload
cf-request-id
0a7534886500004de83c9e0000000001
x-request-id
FoUtHpEXg3SIFFyh09oB
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
659bbd2099c24de8-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
fan-link.css
st.toneden.io/production/stylesheets/ 		2 MB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/stylesheets/fan-link.css?v=f8cbcd96a1
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a56e899711ed79aeac2c132f63e8312c786142ddbe95f974e5c2f7b75c63a9a

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
age
1589
via
1.1 varnish
x-cache
HIT
content-length
188332
x-amz-id-2
JxENoj9VGV1Qqd08VapL79di6apAQh+YlEN9Cn9CMAEp/tkIP5y+gE3owoLKb/nGlKot5ZCk0ss=
x-served-by
cache-hhn4026-HHN
last-modified
Wed, 02 Jun 2021 19:30:11 GMT
server
AmazonS3
x-timer
S1622752850.042668,VS0,VE0
etag
"a2199deff71bcb70266092fb571f82dd"
vary
Accept-Encoding
x-amz-request-id
DMCDMXT8YDZYMXMP
access-control-allow-origin
*
cache-control
max-age= 31556952
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
3
conversion.js
www.googleadservices.com/pagead/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
578ab6c83b4bf4279219e3d4d81986c8d3d0ca0422149d462f317ce85fc8c9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16585
x-xss-protection
0
server
cafe
etag
18411464993204572073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 20:40:50 GMT
fan-link.js
st.toneden.io/production/javascripts/ 		3 MB
875 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a6fc5bde04c38767f26117bff6014468b617c7108e3c056c0f2173f630e1b1a

Request headers

Origin
https://ertu.streamlink.to
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
age
716
via
1.1 varnish
x-cache
HIT
content-length
895111
x-amz-id-2
OCrCb2TwloyW3TrOT1EUidmibmK/6CT8XN008GCOiO1eWp8dGWnKXaNzBbK6ehYGxApVEc8vNiA=
x-served-by
cache-hhn4071-HHN
last-modified
Wed, 02 Jun 2021 19:29:55 GMT
server
AmazonS3
x-timer
S1622752850.041505,VS0,VE0
etag
"fcf9e2c77954259da5962fce2dca7a20"
vary
Accept-Encoding
x-amz-request-id
GNHGJNDH5NGJFGM5
access-control-allow-origin
*
cache-control
max-age= 31556952
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
2
toneden.loader.js
sd.toneden.io/production/v2/ 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.loader.js
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
age
432
via
1.1 varnish
x-cache
HIT
content-length
645
x-amz-id-2
vzliplxgx6+bs3UOanuWY4uRuYL+SYMsDSV81Vy6kqm7ieGcSzyMJfZzw/cxPXUoDeA2ZK9o1Uc=
x-served-by
cache-hhn4026-HHN
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
x-timer
S1622752850.142385,VS0,VE0
etag
"01cdccc32ce4455a13916531784c396a"
vary
Accept-Encoding
x-amz-request-id
T212FKW7VCKC6MJ7
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
7995
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.3/js/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/js/pro-v4-shims.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cf1a5bc45df4a59c4fa26420f1fba436e5ec380022060c4a0962827613163b

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
etag
"6051683e-100b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
659bbd20faaf4de8-FRA
content-length
4107
cf-request-id
0a7534889800004de852ada000000001
pro.min.js
ka-p.fontawesome.com/releases/v5.15.3/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/js/pro.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00aacf9210fa9f31ae7b06a13a5f8229eafe96cbab5f9125d6397bff477fe5ea

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
etag
"6051683e-37b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
659bbd20faa94de8-FRA
content-length
14263
cf-request-id
0a7534889700004de85c8d0000000001
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24155
x-fb-rlafr
0
pragma
public
x-fb-debug
33waA0wKx0Xq5gDxqR4wuN/c5t1yvtlZpf/tsKcz6jyzEam4k145+CjfXCm1Nmb7lCbSeQk/K10QRrpZldwxGA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 03 Jun 2021 20:40:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.3/js/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/js/pro-v4-shims.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cf1a5bc45df4a59c4fa26420f1fba436e5ec380022060c4a0962827613163b

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
0
content-length
4107
cf-request-id
0a7534890900004de80cba0000000001
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
etag
"6051683e-100b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
659bbd21acc34de8-FRA
pro.min.js
ka-p.fontawesome.com/releases/v5.15.3/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.3/js/pro.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00aacf9210fa9f31ae7b06a13a5f8229eafe96cbab5f9125d6397bff477fe5ea

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
0
content-length
14263
cf-request-id
0a7534890900004de82597e000000001
last-modified
Wed, 17 Mar 2021 02:23:58 GMT
server
cloudflare
etag
"6051683e-37b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
659bbd21acc44de8-FRA
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5367
date
Thu, 03 Jun 2021 19:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 03 Jun 2021 21:11:23 GMT
amplitude-8.1.0-min.gz.js
cdn.amplitude.com/libs/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.1.0-min.gz.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.161.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-161-164.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17862aa3e9849968032a3b5ff35ae96d55f77c024c8964bb277c073c6ccfc6b5

Request headers

Origin
https://ertu.streamlink.to
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 10:55:28 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
639922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20794
access-control-allow-origin
*
last-modified
Fri, 19 Mar 2021 16:52:50 GMT
server
AmazonS3
etag
"52d13b3f149cd71cdc2ace1f983fb635"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Y3JfLSTGzoWjquuu6XiQpg1VwRbVcxA7
via
1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
08lCfKfQJBlSpOd_gv0YHeGAMjtsr9sTUBsHIZzHWqeIwzdYRFrBIA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2433c3c87a8107ab83a365777bdd4f4e47f988b90c23c26f29d2270873a6f838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
S/AbMeqwk2eY2LpmKZrRnw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
mVTpurWgkzk0bL1uyseyf3O/XVuDxn+jyLZ/hFwPiakMCiU3boOAdGoVbbAUalrrDK/nLsX3BGInWO+37tvwBQ==
x-fb-trip-id
917726464
x-fb-content-md5
ff55617fa16e0cd7426d8792a5e337c0
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Jun 2021 20:40:50 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3504da1f19145694795c9fcdaa132532"
timing-allow-origin
*
expires
Thu, 03 Jun 2021 20:49:13 GMT
events
www.toneden.io/api/v1/analytics/ 		16 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.10.184 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-10-184.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
application/json
csrf-token
wbZfZVE2-vo_pceOO3xvuFdpFVbq8ryljNAA
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
Content-Length
16
Date
Thu, 03 Jun 2021 20:40:51 GMT
record
fanlink.to/ 		16 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fanlink.to/record
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.95.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-95-5.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

csrf-token
wbZfZVE2-vo_pceOO3xvuFdpFVbq8ryljNAA
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Hacking us? Why not work for us instead? toneden.io/jobs
Content-Length
16
Date
Thu, 03 Jun 2021 20:40:52 GMT
events
www.toneden.io/api/v1/analytics/ 		16 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.10.184 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-10-184.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
application/json
csrf-token
wbZfZVE2-vo_pceOO3xvuFdpFVbq8ryljNAA
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Hacking us? Why not work for us instead? toneden.io/jobs
Content-Length
16
Date
Thu, 03 Jun 2021 20:40:50 GMT
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Server
52.9.10.184 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-10-184.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,csrf-token
Origin
https://ertu.streamlink.to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Powered-By
Express
X-Nerd-Alert
Like React.js? Flux? Node? We want you! toneden.io/jobs
Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers
content-type,csrf-token
Date
Thu, 03 Jun 2021 20:40:51 GMT
Connection
keep-alive
Transfer-Encoding
chunked
record
fanlink.to/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fanlink.to/record
Protocol
HTTP/1.1
Server
52.52.95.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-95-5.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,csrf-token
Origin
https://ertu.streamlink.to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Powered-By
Express
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers
content-type,csrf-token
Date
Thu, 03 Jun 2021 20:40:50 GMT
Connection
keep-alive
Transfer-Encoding
chunked
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Server
52.9.10.184 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-10-184.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,csrf-token
Origin
https://ertu.streamlink.to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Powered-By
Express
X-Nerd-Alert
Hacking us? Why not work for us instead? toneden.io/jobs
Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Origin
https://ertu.streamlink.to
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers
content-type,csrf-token
Date
Thu, 03 Jun 2021 20:40:50 GMT
Connection
keep-alive
Transfer-Encoding
chunked
toneden.js
sd.toneden.io/production/v2/ 		422 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.js
Requested by
Host: sd.toneden.io
URL: https://sd.toneden.io/production/v2/toneden.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
810a381036eaf8362a14241ef8dc40eaf48b25888d6c01b16667785d16f51a4b

Request headers

Origin
https://ertu.streamlink.to
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:50 GMT
content-encoding
gzip
age
3337
via
1.1 varnish
x-cache
HIT
content-length
144884
x-amz-id-2
Qksm5YUwRMmzNhlaO7C+zuKSSZQqog+AtiPLeRORYpNip8NQB1EFl4eVm1r+B7gVDgCqYASzSdE=
x-served-by
cache-hhn4071-HHN
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
x-timer
S1622752851.790602,VS0,VE1
etag
"da4bf68ea0f8cffa6ea439d7608d52cf"
vary
Accept-Encoding
x-amz-request-id
E5SWMB6Y7FKNX6NV
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
1711912442390284
connect.facebook.net/signals/config/ 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1711912442390284?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e5adbb0aeff9201c756833cc34e064aa268657836ee308feb09e9f884013aff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74695
x-fb-rlafr
0
pragma
public
x-fb-debug
YLizNcTPnK03r3Se7zsJUbBGIM1ASqDJw+qYolTUTF6UwepdOMWVs++pVtFSkhDo6iBWPiP6ojLXu2HIQ4hs+g==
x-frame-options
DENY
date
Thu, 03 Jun 2021 20:40:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=17fdf6e444e736e61c80e12ed32f8783&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9b33ca70799f0ac0c2dc3fe71f45c05f746875acf5621fe1fb17651376805e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://ertu.streamlink.to
Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5FzzM3SWPWHpe3HdCd+y1g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65765
x-fb-rlafr
0
x-fb-debug
lZ6SnvkdYNNju/1ZTPav+fGOBfYH1ivvIVzyIv8voM4rOghxn9jXds2URwcfkZ20snb7wffuqnKpu5S9/lCX1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3cee28acfa9139476dba574a888c7dd4
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 03 Jun 2021 20:40:50 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d9094e6b440224d077b50091bc447102"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Jun 2022 18:24:42 GMT
collect
www.google-analytics.com/j/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=331994488&t=event&_s=1&dl=https%3A%2F%2Fertu.streamlink.to%2Fdk5k&ul=en-us&de=UTF-8&dt=qs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sdk&ea=loaded&el=https%3A%2F%2Fertu.streamlink.to%2Fdk5k&_u=qGhAAAABAAAAAC~&jid=175503325&gjid=102588756&cid=1319148353.1622752851&tid=UA-55279667-1&_gid=677093746.1622752851&_r=1&_slc=1&z=1093607027
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 20:40:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ertu.streamlink.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=PageView&dl=https%3A%2F%2Fertu.streamlink.to%2Fdk5k&rl=&if=false&ts=1622752851141&cd[link_id]=546865&cd[owner]=39139899&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622752851124.371838782&it=1622752850798&coo=false&exp=l1&rqm=GET
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 03 Jun 2021 20:40:51 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=ViewContent&dl=https%3A%2F%2Fertu.streamlink.to%2Fdk5k&rl=&if=false&ts=1622752851153&cd[content_type]=product&cd[link_id]=546865&cd[owner]=39139899&cd[viewer]=&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622752851124.371838782&it=1622752850798&coo=false&exp=l1&rqm=GET
Requested by
Host: ertu.streamlink.to
URL: https://ertu.streamlink.to/dk5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 03 Jun 2021 20:40:51 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=Microdata&dl=https%3A%2F%2Fertu.streamlink.to%2Fdk5k&rl=&if=false&ts=1622752851645&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22qs%22%2C%22meta%3Adescription%22%3A%22s%22%2C%22meta%3Akeywords%22%3A%22qs%2Cs%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fertu.streamlink.to%2Fdk5k%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Ftoneden-misc%2Fmeta.png%22%2C%22og%3Asite_name%22%3A%22ToneDen%22%2C%22og%3Atitle%22%3A%22qs%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22s%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=2&o=30&fbp=fb.1.1622752851124.371838782&it=1622752850798&coo=false&es=automatic&tm=3&exp=l1&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ertu.streamlink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 20:40:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 03 Jun 2021 20:40:51 GMT
b1F
cut.do/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cut.do/b1F
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1
Protocol
HTTP/1.1
Server
222.122.205.147 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
808fe616afa0f2d9507425ce2950c1d3a90650cc0b1607494da113e6bcbc086b

Request headers

Host
cut.do
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 20:40:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Encoding
gzip
cupid.js
cut.do/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cut.do/cupid.js
Requested by
Host: cut.do
URL: http://cut.do/b1F
Protocol
HTTP/1.1
Server
222.122.205.147 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
abde06ab5b40e44bbd6dc2842d61420e0e54b2d24705760402b7675d2668d1e8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cut.do
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://cut.do/b1F
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cut.do/b1F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 20:40:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Jul 2014 06:42:53 GMT
Server
nginx
ETag
W/"53c61eed-79c6"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Primary Request Cookie set b1F
cut.do/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cut.do/b1F?ckattempt=1
Requested by
Host: cut.do
URL: http://cut.do/b1F
Protocol
HTTP/1.1
Server
222.122.205.147 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx / PHP/5.3.13p1
Resource Hash
1e3ddd019c868f63634eea6b4378fd641ea2114b4877992b5219ec7d7037fe8d

Request headers

Host
cut.do
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://cut.do/b1F
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
CUPID=508a3ccc9e292bf88143acde26b7da85
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://cut.do/b1F

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 20:41:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
P3P
CP='NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE'
X-Powered-By
PHP/5.3.13p1
Set-Cookie
S6L_LANG=en; expires=Sat, 12-Apr-2031 20:40:52 GMT; path=/; domain=.cut.do S6L_LANG=en; expires=Sat, 12-Apr-2031 20:40:52 GMT; path=/; domain=.cut.do S6L_LANG=en; expires=Sat, 12-Apr-2031 20:40:52 GMT; path=/; domain=.cut.do S6L_LANG=en; expires=Sat, 12-Apr-2031 20:40:52 GMT; path=/; domain=.cut.do S6L_LANG=en; expires=Sat, 12-Apr-2031 20:40:52 GMT; path=/; domain=.cut.do
Content-Encoding
gzip
cutdot.png
cut.do/template/silver/ 		0
0
2021030313170001_Dis_20210303131723.jpg
img.tenping.kr/Content/Upload/Images/ 		0
0
style.css
cut.do/template/silver/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cut.do
URL
http://cut.do/template/silver/cutdot.png
Domain
img.tenping.kr
URL
https://img.tenping.kr/Content/Upload/Images/2021030313170001_Dis_20210303131723.jpg?RS=580x400
Domain
cut.do
URL
http://cut.do/template/silver/style.css

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

5 Cookies

Domain/Path Name / Value
ertu.streamlink.to/ Name: _gat_ToneDenTracker
Value: 1
ertu.streamlink.to/ Name: _gid
Value: GA1.1.677093746.1622752851
.streamlink.to/ Name: _fbp
Value: fb.1.1622752851124.371838782
ertu.streamlink.to/ Name: _ga
Value: GA1.1.1319148353.1622752851
.streamlink.to/ Name: amp_cc1dfb
Value: moHGWsbPushFw60QIoaKsh...1f79pmstu.1f79pmstu.0.0.0

3 Console Messages

Source Level URL
Text
console-api log URL: https://st.toneden.io/production/javascripts/fan-link.js?v=f8cbcd96a1(Line 167)
Message:
Redirecting to target URL. true
console-api debug URL: https://sd.toneden.io/production/v2/toneden.js(Line 42)
Message:
Download the React DevTools for a better development experience: https://fb.me/react-devtools
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 1711912442390284.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
connect.facebook.net
cut.do
ertu.streamlink.to
fanlink.to
img.tenping.kr
ka-p.fontawesome.com
kit.fontawesome.com
platform.twitter.com
sd.toneden.io
st.toneden.io
static.ads-twitter.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.toneden.io
cut.do
img.tenping.kr
142.250.185.162
151.101.12.157
151.101.194.132
222.122.205.147
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:1734
2a00:1450:4001:827::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.222.161.164
52.52.95.5
52.9.10.184
52.9.53.212
00aacf9210fa9f31ae7b06a13a5f8229eafe96cbab5f9125d6397bff477fe5ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17862aa3e9849968032a3b5ff35ae96d55f77c024c8964bb277c073c6ccfc6b5
1e3ddd019c868f63634eea6b4378fd641ea2114b4877992b5219ec7d7037fe8d
1e5adbb0aeff9201c756833cc34e064aa268657836ee308feb09e9f884013aff
2433c3c87a8107ab83a365777bdd4f4e47f988b90c23c26f29d2270873a6f838
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
37b56fc926bde6c6269bcb65f63ced03e7ae104c46787a5376070ea2e9e28cc3
3a56e899711ed79aeac2c132f63e8312c786142ddbe95f974e5c2f7b75c63a9a
3a6fc5bde04c38767f26117bff6014468b617c7108e3c056c0f2173f630e1b1a
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
578ab6c83b4bf4279219e3d4d81986c8d3d0ca0422149d462f317ce85fc8c9c1
808fe616afa0f2d9507425ce2950c1d3a90650cc0b1607494da113e6bcbc086b
810a381036eaf8362a14241ef8dc40eaf48b25888d6c01b16667785d16f51a4b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1787c158c15b3bfb665ed634db4b5a785a00977963584d25855d4ed84730e86
abde06ab5b40e44bbd6dc2842d61420e0e54b2d24705760402b7675d2668d1e8
b6cf1a5bc45df4a59c4fa26420f1fba436e5ec380022060c4a0962827613163b
b9b33ca70799f0ac0c2dc3fe71f45c05f746875acf5621fe1fb17651376805e9
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9