urlscan.io logo urlscan.io
SecurityTrails logo

new1.gdflix.cfd Open in urlscan Pro
172.67.215.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gdflix.live/file/8q06fvoydm
Effective URL: https://new1.gdflix.cfd/file/8q06fvoydm
Submission: On April 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 30 HTTP transactions. The main IP is 172.67.215.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is new1.gdflix.cfd.
TLS certificate: Issued by E1 on March 23rd 2024. Valid for: 3 months.
This is the only time new1.gdflix.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
4 172.67.215.76 13335 (CLOUDFLAR...)
4 104.17.25.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 104.17.2.184 13335 (CLOUDFLAR...)
4 5.45.74.150 58061 (SCALAXY-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 172.67.220.231 13335 (CLOUDFLAR...)
1 50.7.24.35 174 (COGENT-174)
1 172.67.190.65 13335 (CLOUDFLAR...)
2 139.45.197.157 9002 (RETN-AS)
1 2001:4860:480... 15169 (GOOGLE)
2 139.45.197.245 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 172.66.41.45 13335 (CLOUDFLAR...)
30 15
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
gdflix.live
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ddflix.xyz
4    172.67.215.76 (United States)

ASN13335 (CLOUDFLARENET, US)
new1.gdflix.cfd
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
4    5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com
greenfox.ink
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.67.220.231 (United States)

ASN13335 (CLOUDFLARENET, US)
revive.stats.rip
1    50.7.24.35 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)
amd-cdn-1.custacin-crowlexing-i-283.site
1    172.67.190.65 (United States)

ASN13335 (CLOUDFLARENET, US)
px.greenfox.ink
2    139.45.197.157 (United Kingdom)

ASN9002 (RETN-AS, GB)
lqdjtqyryuofw.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
waisheph.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    172.66.41.45 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.iconfinder.com
Apex Domain
Subdomains		 Transfer
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
challenges.cloudflare.com — Cisco Umbrella Rank: 4647
195 KB
5 greenfox.ink
greenfox.ink — Cisco Umbrella Rank: 350325
px.greenfox.ink — Cisco Umbrella Rank: 495775
8 KB
4 gdflix.cfd
new1.gdflix.cfd
356 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
2 waisheph.com
waisheph.com — Cisco Umbrella Rank: 40073
35 KB
2 lqdjtqyryuofw.com
lqdjtqyryuofw.com
509 B
2 gstatic.com
fonts.gstatic.com
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
157 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 iconfinder.com
cdn2.iconfinder.com — Cisco Umbrella Rank: 98431
5 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
545 B
1 custacin-crowlexing-i-283.site
amd-cdn-1.custacin-crowlexing-i-283.site — Cisco Umbrella Rank: 231830
46 KB
1 stats.rip
revive.stats.rip — Cisco Umbrella Rank: 219514
603 B
1 ddflix.xyz
ddflix.xyz
490 B
1 gdflix.live
gdflix.live
493 B
30 15
Domain Requested by
4 greenfox.ink new1.gdflix.cfd
greenfox.ink
4 cdnjs.cloudflare.com new1.gdflix.cfd
cdnjs.cloudflare.com
4 new1.gdflix.cfd new1.gdflix.cfd
2 waisheph.com new1.gdflix.cfd
waisheph.com
2 lqdjtqyryuofw.com new1.gdflix.cfd
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com new1.gdflix.cfd
www.googletagmanager.com
2 challenges.cloudflare.com 1 redirects new1.gdflix.cfd
2 fonts.googleapis.com new1.gdflix.cfd
1 cdn2.iconfinder.com
1 my.rtmark.net waisheph.com
1 region1.google-analytics.com www.googletagmanager.com
1 px.greenfox.ink new1.gdflix.cfd
1 amd-cdn-1.custacin-crowlexing-i-283.site new1.gdflix.cfd
1 revive.stats.rip 1 redirects
1 ddflix.xyz 1 redirects
1 gdflix.live 1 redirects
30 18

This site contains links to these domains. Also see Links.

Domain
greenfox.ink
multiup.io
drivebot.pages.dev
direct.zencloud.lol
filesgram.store
t.me
Subject Issuer Validity Valid
gdflix.cfd
E1		 2024-03-23 -
2024-06-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
greenfox.ink
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
lqdjtqyryuofw.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
waisheph.com
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
iconfinder.com
E1		 2024-03-30 -
2024-06-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://new1.gdflix.cfd/file/8q06fvoydm
Frame ID: 0A62AA41BB0A6E258EC0310A8D078188
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GDFlix | Mastaney.2023.Indofilmxxi.info.mp4

Page URL History Show full URLs

  1. http://gdflix.live/file/8q06fvoydm HTTP 307
    https://gdflix.live/file/8q06fvoydm HTTP 301
    https://ddflix.xyz/file/8q06fvoydm HTTP 301
    https://new1.gdflix.cfd/file/8q06fvoydm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

28 %
IPv6

15
Domains

18
Subdomains

15
IPs

5
Countries

856 kB
Transfer

2634 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gdflix.live/file/8q06fvoydm HTTP 307
    https://gdflix.live/file/8q06fvoydm HTTP 301
    https://ddflix.xyz/file/8q06fvoydm HTTP 301
    https://new1.gdflix.cfd/file/8q06fvoydm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
Request Chain 17
  • https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP 302
  • https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8q06fvoydm
new1.gdflix.cfd/file/
Redirect Chain
  • http://gdflix.live/file/8q06fvoydm
  • https://gdflix.live/file/8q06fvoydm
  • https://ddflix.xyz/file/8q06fvoydm
  • https://new1.gdflix.cfd/file/8q06fvoydm
85 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc457df653d5690d123924e3839e91dd169774321a4452c739d5f1ccaec628bb

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
877818ab8ab4663e-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Apr 2024 21:06:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOicIYC%2F2oIGvyx5lGQ4PABaeyjBMNUM5kXCrcubNKkWyMnra0okoKW6zoo48vCjjEIAjmJT%2Fg8J8h74A1MEyomb9Prnm%2BaVeiAewoEmArLOMdhNcherMQHiWvy1L01LkZ8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
877818ab2db996f1-AMS
content-length
167
content-type
text/html
date
Sat, 20 Apr 2024 21:06:07 GMT
expires
Sat, 20 Apr 2024 22:06:07 GMT
location
https://new1.gdflix.cfd/file/8q06fvoydm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTGF1wf%2BjZGBocMIVldHbXro2zBuhPqs00Kb92TP6bjkJ9WEExPmrIas9R%2BZ15j2VJYzRxpi4SJWS0JjQ4SZnAfMDfTlErYSM8kKbTaVC6qqx%2Ffe09MxHOWqe9tg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
mdb.dark.min.css
new1.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/ 		445 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://new1.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af69b44f9772cbccf9012e1fdb22e7d7351572caa28b81c1536eba0b5de320fa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/file/8q06fvoydm
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWtHhtsmS2Zs8DlR3k05aZvMmYqZyWPqUzTbObrTwPoGJqLdThYPAuOhzs%2F8ltT3GbUMV%2BYcSdsGULHaKU4wo02WzDE28YA0D71yHdl2FBS%2BJhfEggBDzmTlh%2FQcYDCXHO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
877818ac8b66663e-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Apr 2024 15:35:25 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
161944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9XJVRC7tKAP91qLUh1xJylraZPitXiJAKYjsbpmnQa4nLR7FmkD%2FM5EcPqFnCdnUAy5zFg%2FrXuaZGvPQzK%2BjPqeGgO9RtOgjlv%2BRVjY43Wrl2M3uPFw%2FmHmqqxJKegN6QD90dLi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877818aca993b7de-AMS
expires
Thu, 10 Apr 2025 21:06:07 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 21:06:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 21:06:07 GMT
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ff25e8bd5fa3581780ef508ad129d6a9140ee5a72fb46360957da629dfb493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 21:06:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 21:06:07 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://new1.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
877818ad8e489f66-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 20 Apr 2024 21:06:07 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/471dc2adc340/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
877818ad4e099f66-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
asyncjs.php
greenfox.ink/d/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncjs.php
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 21:06:07 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
ETag
1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Expire
Sat, 20 Apr 2024 22:06:07 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98b8934335d5819cb93b91aaa4fe2939b64f7de940916d10b325922a6c5e2933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73277
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Apr 2024 21:06:07 GMT
mdb.min.js
new1.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/ 		1 MB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new1.gdflix.cfd/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/file/8q06fvoydm
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 13:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8Y8f1%2FtEPJS41zHsKM0XF6EwyyEzTpjicDSQrsZKr5U%2FvwYok5mMDW%2BxkkbPERX6cTSv0tLq1tL0AiUy7L42de%2FtTEqRNHjmIiIpczJ%2F0R1zrvI18h%2BbnC6px2BlEBG9Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
877818ad1bb7663e-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Apr 2024 15:35:25 GMT
8q06fvoydm
new1.gdflix.cfd/file/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new1.gdflix.cfd/file/8q06fvoydm
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/file/8q06fvoydm
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yYskYJZrGpiQ9g7jB35UP23SyRt2sETIAO3CN%2FPk6VmWiH4wGNMJgFYbQohKmgWmeGphBYbTCLi2RwFrJni2%2BuAgHTpSY6l29pdsM2zazEMxA8Mgmvs19WqeBTK9%2FlH4bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
877818ad6bec663e-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new1.gdflix.cfd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
771390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2Fqy3cLIXZnZ%2FeJ4sBHVYwiFz36t4ldSCG2LpWkT4txNZF%2Bgot2QZzHs10vttVCD3biaFhCvltwcmMun7HONBv1EqvoqFz8eBAjzk3dRO0ymnbuEeLY8oCIGrQFp8eaXXqLLHhNY"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877818adba016561-AMS
expires
Thu, 10 Apr 2025 21:06:07 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://new1.gdflix.cfd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:39:20 GMT
x-content-type-options
nosniff
age
336407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 23:39:20 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://new1.gdflix.cfd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 23:13:23 GMT
x-content-type-options
nosniff
age
78764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 23:13:23 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new1.gdflix.cfd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
153741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78460
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XeXEDwvYPWCRbaTHEiew%2FLNwuTkEj6GZPa%2Ft6AmiRMVXYTjfziET1rIAlbS2RHTHjyeuQ79y2TYuCKtMszJcYwounDyYC9CMPFxopr%2Fh1Z%2FPK3BqY8WTJnRZUdHsP5L14Rs5dMZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877818adba046561-AMS
expires
Thu, 10 Apr 2025 21:06:07 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://new1.gdflix.cfd
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
259562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13548
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-34ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzvXJqDOL9AVqPtzOBL90kZiergvhK%2BMU8ASthRTnfzxOraasSCLLHb6sCKYbPg%2BMDoHpAzHioIGvUUyhj01Iw78Zghp73512FddgXDVmzPMrmy7UuYt6pF2xG3XDf5xM2BuMGBE"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877818adb9fe6561-AMS
expires
Thu, 10 Apr 2025 21:06:07 GMT
asyncspc.php
greenfox.ink/d/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew.gdflix.cfd&loc=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm
Requested by
Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
e6136e22f52a94a16606b24ec4885dd0faf07e9567892ce492ea99a9dcff307c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 20 Apr 2024 21:06:07 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://new1.gdflix.cfd
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZYPDHMSKVK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb89bb02670edef37c548a3c230e4e0640996b7447aa244d33fa786e35ab9d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86555
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Apr 2024 21:06:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156019198-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Apr 2024 19:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5205
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 20 Apr 2024 21:39:22 GMT
500x200_ipl_2024_22_march.jpg
amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/
Redirect Chain
  • https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custa...
  • https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Server
50.7.24.35 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://new1.gdflix.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
last-modified
Sun, 24 Mar 2024 14:06:40 GMT
server
nginx
etag
"66003370-b823"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length
47139

Redirect headers

date
Sat, 20 Apr 2024 21:06:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQvjZu%2FbtJE%2FhKxjKa1vghgUVb8OBH7IQbfS33jo9ZzZOYjC%2Fe8jzI%2FUALTg5g%2BWyFh8rSA47FgDY8u%2BhFgWZ6qOfJduCiQzvjYcLAenG0D3NrleW2pp6lUO6Ws2%2FuV6Npwu"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
cf-ray
877818ae8b2b669c-AMS
alt-svc
h3=":443"; ma=86400
pixel.gif
px.greenfox.ink/ 		42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new.gdflix.cfd&event_type=1&rand=5942a840da
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRrtc844JPIXOxoAGwgjHBdHnthwmt3gJ2yOSu83wdCk%2BVv3TN4oA811onAMHVpcYHXtjaeEJ1drS0ioe2yvbJqVUR41F9lXfjGWp1%2Bl0rAHEHVq4bchU4hbDUb2so%2BJfhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
877818ae8e9d66ae-AMS
alt-svc
h3=":443"; ma=86400
content-length
42
lg.php
greenfox.ink/d/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm&cb=5942a840da
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 20 Apr 2024 21:06:07 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lg.php
greenfox.ink/d/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm&cb=6e93b06d95
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 20 Apr 2024 21:06:07 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
lqdjtqyryuofw.com/ 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lqdjtqyryuofw.com/
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.157 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Type
text/html
Referer
https://new1.gdflix.cfd/
Accept-Language
en
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-application-key
2jo4g411FixsD5738uk5cwss
x-trace-id
e085572b43dc0d22c5a9aa251fa88be1
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html
access-control-allow-origin
https://new1.gdflix.cfd
access-control-expose-headers
Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
lqdjtqyryuofw.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lqdjtqyryuofw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.157 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
HEAD
Origin
https://new1.gdflix.cfd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://new1.gdflix.cfd
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 20 Apr 2024 21:06:07 GMT
server
nginx
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZYPDHMSKVK&gtm=45je44h0v9116605141za200&_p=1713647167603&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=845567463.1713647168&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713647167&sct=1&seg=0&dl=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm&dt=GDFlix%20%7C%20Mastaney.2023.Indofilmxxi.info.mp4&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=949
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZYPDHMSKVK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 21:06:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new1.gdflix.cfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=886354935&t=pageview&_s=1&dl=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm&ul=nl-nl&de=UTF-8&dt=GDFlix%20%7C%20Mastaney.2023.Indofilmxxi.info.mp4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1474088764&gjid=554187652&cid=845567463.1713647168&tid=UA-156019198-1&_gid=1936168126.1713647168&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=962247708
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 21:06:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new1.gdflix.cfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
7336173
waisheph.com/5/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/5/7336173
Requested by
Host: new1.gdflix.cfd
URL: https://new1.gdflix.cfd/file/8q06fvoydm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
07047e10e7b97da11bdf8f8f61005e7baeb8e571c15abfc5ca56e8ac7039cb68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:07 GMT
content-encoding
gzip
x-trace-id
3e04cd2ee4a0a0bf7ddce7089a5649d1
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=008044a3936a4029f574988d77bb3f41
Requested by
Host: waisheph.com
URL: https://waisheph.com/5/7336173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
10162fc960ea7e4edc5129b1b9d9bc30bf1cbbf0e1432f7b532b45186cb50a32
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://new1.gdflix.cfd
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
drive.png
cdn2.iconfinder.com/data/icons/squareplex/128/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.iconfinder.com/data/icons/squareplex/128/drive.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c895f9f1b5990e901eaceeecd8944b39c85894b74c9de87b796c127e54a728f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
615845
cf-polished
origFmt=png, origSize=5541
content-disposition
inline; filename="drive.webp"
alt-svc
h3=":443"; ma=86400
content-length
4174
x-request-id
2a7c13ca-8f49-48f7-a109-bd0521522169
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1710426740&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=eM3fBNLkADTY6kj31cXX1KCWrKDwsLghEuJ2mHBrgNo%3D
cf-bgj
imgq:100,h2pri
last-modified
Thu, 14 Mar 2024 14:32:20 GMT
server
cloudflare
vary
Accept
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710426740&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=eM3fBNLkADTY6kj31cXX1KCWrKDwsLghEuJ2mHBrgNo%3D"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
877818b04f1f0a70-AMS
expires
Sun, 20 Apr 2025 21:06:08 GMT
/
waisheph.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/?rb=3D3ZGPkt4DCKYFBWUTUmFWdBF15AbB2RM2LzlXlCNaS1xE0QlOAfaPLZtq2VjgLwd0WkzDLkUvw0g1xptJAFlwlj7nYivuQfQGssNXTihx9De1JSKfUY8oJfCzsEImSnILhupSWT3oyfRfpZqdsaA98YPAOvViwvjXgva4J8rKCTKRpVFQ0rzSsjuA__rrQJWhRUdtsLwbRNInv6n4QUIhB0CxNkUD_s3JRdyZsZU5ENUmv0w0fURx3AyxiuFwZsxtf_cX_Iv3i12kplomILqoafNzJLwa4Zqu7NOBopImapZxT1dYnweLp8Ugkw98h7F2qK5Sp4hqI%3D&request_ab2=0&zoneid=7336173&js_build=iclick-v1.776.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=1570&wy=1170&cw=1600&wfc=1&pl=https%3A%2F%2Fnew1.gdflix.cfd%2Ffile%2F8q06fvoydm&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.776.0&navlng=nl-NL&pnt=0&pnrc=0&wasm=-1&bs=32abd113-7f11-4a08-80e2-004bbb860e6d&userId=008044a3936a4029f574988d77bb3f41&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.60&m=link
Requested by
Host: waisheph.com
URL: https://waisheph.com/5/7336173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
65ee84f19950f04aefcd620e735cb20dee92e535f671e2dcfbe309136c989d2a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://new1.gdflix.cfd/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 21:06:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
e5dbb55cf88eb76e98b7f908b303fec4
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://new1.gdflix.cfd
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| k object| _l53z262kf98 function| setImmediate function| clearImmediate object| vbvmw08bbpa object| zfgformats object| zfgdlpopup function| _qklweq function| _jmbpbcgh function| convertToUserTime string| cf_token function| toastr function| generate function| setan function| taskaction function| tasktype function| gtag object| dataLayer object| e number| n object| c object| reviveAsync number| uidEvent function| Color function| Chart object| regeneratorRuntime object| mdb object| turnstile object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| trackBannerClick object| gaGlobal object| gaplugins object| gaData object| zfgstorage function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup

13 Cookies

Domain/Path Name / Value
new1.gdflix.cfd/ Name: PHPSESSID
Value: a1e06e30b02f55212f65214a5605096e
greenfox.ink/ Name: OAGEO
Value: 2%7CNL%7CEU%7C1%7CRotterdam%7C3044%7C51.93%7C4.4264%7C100%7CEurope%2FAmsterdam%7C%7CZH%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
greenfox.ink/ Name: OAID
Value: db2c965c582d2abaad2af048a5b708c6
.gdflix.cfd/ Name: _ga_ZYPDHMSKVK
Value: GS1.1.1713647167.1.0.1713647167.0.0.0
.gdflix.cfd/ Name: _ga
Value: GA1.2.845567463.1713647168
.gdflix.cfd/ Name: _gid
Value: GA1.2.1936168126.1713647168
.gdflix.cfd/ Name: _gat_gtag_UA_156019198_1
Value: 1
.px.greenfox.ink/ Name: unq-user-id
Value: aaaaaaaaaa
waisheph.com/ Name: OAID
Value: 008044a3936a4029f574988d77bb3f41
my.rtmark.net/ Name: ID
Value: 008044a3936a4029f574988d77bb3f41
new1.gdflix.cfd/ Name: prefetchAd_7336173
Value: true
waisheph.com/ Name: oaidts
Value: 1713647168
waisheph.com/ Name: syncedCookie
Value: true

19 Console Messages

Source Level URL
Text
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new1.gdflix.cfd/file/8q06fvoydm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amd-cdn-1.custacin-crowlexing-i-283.site
cdn2.iconfinder.com
cdnjs.cloudflare.com
challenges.cloudflare.com
ddflix.xyz
fonts.googleapis.com
fonts.gstatic.com
gdflix.live
greenfox.ink
lqdjtqyryuofw.com
my.rtmark.net
new1.gdflix.cfd
px.greenfox.ink
region1.google-analytics.com
revive.stats.rip
waisheph.com
www.google-analytics.com
www.googletagmanager.com
104.17.2.184
104.17.25.14
139.45.195.8
139.45.197.157
139.45.197.245
172.66.41.45
172.67.190.65
172.67.215.76
172.67.220.231
188.114.96.3
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:831::2003
5.45.74.150
50.7.24.35
07047e10e7b97da11bdf8f8f61005e7baeb8e571c15abfc5ca56e8ac7039cb68
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
10162fc960ea7e4edc5129b1b9d9bc30bf1cbbf0e1432f7b532b45186cb50a32
47ff25e8bd5fa3581780ef508ad129d6a9140ee5a72fb46360957da629dfb493
487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864
49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5c895f9f1b5990e901eaceeecd8944b39c85894b74c9de87b796c127e54a728f
65ee84f19950f04aefcd620e735cb20dee92e535f671e2dcfbe309136c989d2a
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
98b8934335d5819cb93b91aaa4fe2939b64f7de940916d10b325922a6c5e2933
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af69b44f9772cbccf9012e1fdb22e7d7351572caa28b81c1536eba0b5de320fa
bb89bb02670edef37c548a3c230e4e0640996b7447aa244d33fa786e35ab9d06
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
dc457df653d5690d123924e3839e91dd169774321a4452c739d5f1ccaec628bb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6136e22f52a94a16606b24ec4885dd0faf07e9567892ce492ea99a9dcff307c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629