cdn.crichd.cx Open in urlscan Pro
2606:4700:3037::6812:2d84  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set embed2.php Show response cdn.crichd.cx/	2 KB 2 KB	202ms 183ms	Document text/html	2606:4700:3037::6812:2d84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol HTTP/1.1 Server 2606:4700:3037::6812:2d84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e7aa7c38fa7599febbce4c9106158f1e0f3653bfcc7e2743e438eb3598149e1 Request headers Host cdn.crichd.cx Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 01 Dec 2020 06:16:16 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d8e8ddefd302c6810c50f25a9e5254a811606803376; expires=Thu, 31-Dec-20 06:16:16 GMT; path=/; domain=.crichd.cx; HttpOnly; SameSite=Lax X-Varnish 285899948 Age 0 Via 1.1 varnish-v4 CF-Cache-Status DYNAMIC cf-request-id 06be8ae2210000d725eb889000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfVd%2By9roo1pmIgAnPSqthheQw%2F4o9RCOHrGddNwiAi%2B3IBkp2qeKE0bzEp23uvr53OIFw1J%2B61tFFZf5wzEszvlEW9TMCWMHnzD0UYXls0Ns0wmPYJsZTYr"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5faaadb03f3ed725-FRA Content-Encoding gzip
GET H/1.1	403 Forbidden	10d55c5ec4f27c63e34ee6a3569f10fa.js padsimz.com/10/d5/5c/	0 0	306ms 107ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://padsimz.com/10/d5/5c/10d55c5ec4f27c63e34ee6a3569f10fa.js Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 01 Dec 2020 06:16:17 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	crichd.js Show response cdn.crichd.cx/	1002 B 1 KB	11ms 11ms	Script application/javascript	2606:4700:3037::6812:2d84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdn.crichd.cx/crichd.js?v=1.33 Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol HTTP/1.1 Server 2606:4700:3037::6812:2d84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6789a5751485d851e2ee01c7e312e69028a0978723801e9f14a5c6bff8754f1 Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 01 Dec 2020 06:16:16 GMT Via 1.1 varnish-v4 CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 1951506 Cf-Polished origSize=1239 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip cf-request-id 06be8ae2dc0000d7254d0ec000000001 CF-RAY 5faaadb1691bd725-FRA Last-Modified Thu, 15 Oct 2020 22:48:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s2%2F7WjsHdybLjsFVrx2e0fGC2n0yRVy3M8CZHk4NAqwbtWqRPShty4PeVU8AeOj0%2FXMHGImF4IC2y2muRA0ETu8d2vHJQxBCEhFSHZBQ4e1Zlffj45v%2B2lZW"}],"group":"cf-nel","max_age":604800} X-Varnish 9001640 Cache-Control max-age=1800 Content-Type application/javascript Cf-Bgj minify
GET H2	200	k9valni.png i.imgur.com/	185 B 501 B	69ms 22ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/k9valni.png Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 3dfc4b8e850c26cdff67ff4d6ecc09122fa4de71a24aa9ca761308fba76b7c97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 06:16:16 GMT x-content-type-options nosniff age 2025716 x-cache MISS, HIT content-length 185 x-served-by cache-bwi5135-BWI, cache-hhn4032-HHN last-modified Wed, 08 Feb 2017 12:53:01 GMT server cat factory 1.0 x-timer S1606803377.927726,VS0,VE0 etag "22de763e0b7b5538f89245d78cf41edb" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 21
GET H2	200	AW6QOE1.png i.imgur.com/	1 KB 1 KB	22ms 22ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/AW6QOE1.png Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash f8f6cffc0c6fc6e0b8883ada74bfe1711a0298ae8559087b93ab9fd39a014349 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 06:16:16 GMT x-content-type-options nosniff age 3363795 x-cache HIT, HIT content-length 1171 x-served-by cache-bwi5132-BWI, cache-hhn4032-HHN last-modified Fri, 10 Jan 2014 05:05:50 GMT server cat factory 1.0 x-timer S1606803377.950863,VS0,VE0 etag "6e305ad6a7b8bba734125c50cd691d67" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 8
GET H/1.1	200 OK	Cookie set crichd.php mixcasthd.com/ Frame 53B1	0 0	242ms 223ms	Document text/html	2606:4700:3034::681b:8d3e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mixcasthd.com/crichd.php?player=desktop&live=sonysixind&vw=640&vh=490 Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/crichd.js?v=1.33 Protocol HTTP/1.1 Server 2606:4700:3034::681b:8d3e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash Request headers Host mixcasthd.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Response headers Date Tue, 01 Dec 2020 06:16:17 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dd6bee03e0d98c44793425281815120c01606803377; expires=Thu, 31-Dec-20 06:16:17 GMT; path=/; domain=.mixcasthd.com; HttpOnly; SameSite=Lax X-Powered-By PHP/5.4.16 Access-Control-Allow-Origin * CF-Cache-Status DYNAMIC cf-request-id 06be8ae426000097a8c50d7000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jAj9OlcycYgrfzVLvXoOKtnmlHDxlfO%2Fx3muo8xtxqjaJvEPQQRaYfkNh25BGKyTa3XfTHJA3ZcDrIYw7H4ANwCpCekYB%2BOFQ4eAmqD9QISwpq0amIQBDg3v"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5faaadb3694897a8-FRA Content-Encoding gzip
GET H2	200	js15.js Show response s10.histats.com/	11 KB 4 KB	77ms 25ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15.js Requested by Host: cdn.crichd.cx URL: http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 01 Dec 2020 06:14:59 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.32/27 etag "980881274" x-cacheable Matched cache content-type text/javascript x-cdn-pop sbg accept-ranges bytes content-length 4214 x-request-id 862068760
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	52 B 323 B	343ms 114ms	Script text/html	158.69.248.123 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?2162255&@f16&@g1&@h1&@i1&@j1606803377249&@k0&@l1&@mSony%20Six%20Live%20Streaming&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:199314746&@b3:1606803377&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fcdn.crichd.cx%2Fembed2.php%3Fid%3Dsonysix%26q%3DSony%20Six&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.69.248.123 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns542881.ip-158-69-248.net Software / Resource Hash 9919d9186e2acb663bf583d264b66dc566090606126f17b1704973a5a6121ed5 Request headers Referer http://cdn.crichd.cx/embed2.php?id=sonysix&q=Sony%20Six User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 01 Dec 2020 06:16:17 GMT Connection close Content-Length 52 Content-Type text/html;charset=UTF-8

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| fid number| v_width number| v_height object| isMobile string| embedded function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstCns2162255 Value: 1
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstPn2162255 Value: 1
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstCmu2162255 Value: 1606803377249
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstCnv2162255 Value: 1
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstPt2162255 Value: 1
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstCfa2162255 Value: 1606803377249
			.creativecdn.com/	1970-01-19 23:05:39	Name: u Value: i1VwExyItpMo8ePLwV56
			cdn.crichd.cx/	1970-01-19 23:05:39	Name: HstCla2162255 Value: 1606803377249
			.creativecdn.com/	1970-01-19 23:05:39	Name: ts Value: 1606803392
			.crichd.cx/	1970-01-19 15:03:15	Name: __cfduid Value: d8e8ddefd302c6810c50f25a9e5254a811606803376

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.crichd.cx
i.imgur.com
mixcasthd.com
padsimz.com
s10.histats.com
s4.histats.com
151.101.112.193
158.69.248.123
192.243.59.12
2606:4700:3034::681b:8d3e
2606:4700:3037::6812:2d84
46.105.201.240
0e7aa7c38fa7599febbce4c9106158f1e0f3653bfcc7e2743e438eb3598149e1
3dfc4b8e850c26cdff67ff4d6ecc09122fa4de71a24aa9ca761308fba76b7c97
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
9919d9186e2acb663bf583d264b66dc566090606126f17b1704973a5a6121ed5
e6789a5751485d851e2ee01c7e312e69028a0978723801e9f14a5c6bff8754f1
f8f6cffc0c6fc6e0b8883ada74bfe1711a0298ae8559087b93ab9fd39a014349