urlscan.io logo urlscan.io
SecurityTrails logo

cricfree.1banproxy.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://cricfree.1banproxy.com/.env
Submission: On November 05 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 7 countries across 27 domains to perform 90 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cricfree.1banproxy.com.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.
This is the only time cricfree.1banproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 32 188.114.96.3 13335 (CLOUDFLAR...)
3 104.17.24.14 13335 (CLOUDFLAR...)
3 142.250.185.74 15169 (GOOGLE)
2 162.19.58.161 16276 (OVH)
1 3 192.229.221.25 15133 (EDGECAST)
1 151.101.130.137 54113 (FASTLY)
1 142.250.184.234 15169 (GOOGLE)
1 172.67.75.33 13335 (CLOUDFLAR...)
2 172.240.108.76 7979 (SERVERS-COM)
4 172.240.108.84 7979 (SERVERS-COM)
2 10 178.162.215.162 28753 (LEASEWEB-...)
2 104.21.27.152 13335 (CLOUDFLAR...)
3 142.250.186.99 15169 (GOOGLE)
2 208.93.230.22 29893 (CHATANGO)
4 19 93.158.134.119 13238 (YANDEX)
1 104.20.2.69 13335 (CLOUDFLAR...)
1 142.4.219.198 16276 (OVH)
1 208.93.230.24 29893 (CHATANGO)
90 19
32    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cricfree.1banproxy.com
metrica-yandex.com
cdn.sports-streams-online.club
theusualsuspectz.biz
cdn.usefulmobile.club
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
2    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
www.paypal.com
1    151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
ajax.googleapis.com
1    172.67.75.33 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
2    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
heartilyscales.com
4    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
gemfowls.com
10    178.162.215.162 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
vmuid.com
origunix.com
pupspu.com
2    104.21.27.152 (None, )

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    208.93.230.22 (United States)

ASN29893 (CHATANGO, US)
st.chatango.com
19    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    104.20.2.69 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net
s4.histats.com
1    208.93.230.24 (United States)

ASN29893 (CHATANGO, US)
st.chatango.com
Apex Domain
Subdomains		 Transfer
26 1banproxy.com
cricfree.1banproxy.com
144 KB
16 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
8 KB
4 pupspu.com
pupspu.com — Cisco Umbrella Rank: 37728
121 KB
4 vmuid.com
vmuid.com
22 KB
4 gemfowls.com
gemfowls.com
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
32 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4610
76 KB
3 chatango.com
st.chatango.com — Cisco Umbrella Rank: 53279
24 KB
3 gstatic.com
fonts.gstatic.com
36 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
16 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12259
s4.histats.com — Cisco Umbrella Rank: 12449
5 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
86 KB
2 origunix.com
origunix.com
812 B
2 heartilyscales.com
heartilyscales.com
2 theusualsuspectz.biz
theusualsuspectz.biz
18 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2817
3 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12145
6 KB
2 metrica-yandex.com
metrica-yandex.com
19 KB
1 usefulmobile.club
cdn.usefulmobile.club — Cisco Umbrella Rank: 749491
4 KB
1 sports-streams-online.club
cdn.sports-streams-online.club
6 KB
1 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5075
27 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
79 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
804 B
0 sidebyz.com Failed
ecma.sidebyz.com Failed
0 hellohi.me Failed
matomo.hellohi.me Failed
0 Failed
function sub() { [native code] }. Failed
0 intckdom.com Failed
intckdom.com Failed
90 27
Domain Requested by
26 cricfree.1banproxy.com 3 redirects cricfree.1banproxy.com
16 mc.yandex.com 3 redirects cricfree.1banproxy.com
mc.yandex.ru
4 pupspu.com cricfree.1banproxy.com
origunix.com
4 vmuid.com cricfree.1banproxy.com
vmuid.com
4 gemfowls.com cricfree.1banproxy.com
3 mc.yandex.ru 1 redirects cricfree.1banproxy.com
3 st.chatango.com cricfree.1banproxy.com
st.chatango.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com cricfree.1banproxy.com
3 cdnjs.cloudflare.com cricfree.1banproxy.com
2 use.fontawesome.com cricfree.1banproxy.com
use.fontawesome.com
2 origunix.com 2 redirects
2 heartilyscales.com cricfree.1banproxy.com
2 theusualsuspectz.biz cricfree.1banproxy.com
2 www.paypalobjects.com cricfree.1banproxy.com
2 i.ibb.co cricfree.1banproxy.com
2 metrica-yandex.com cricfree.1banproxy.com
1 s4.histats.com s10.histats.com
1 s10.histats.com cricfree.1banproxy.com
1 cdn.usefulmobile.club cricfree.1banproxy.com
1 cdn.sports-streams-online.club cricfree.1banproxy.com
1 cdn.datatables.net cricfree.1banproxy.com
1 ajax.googleapis.com cricfree.1banproxy.com
1 code.jquery.com cricfree.1banproxy.com
1 www.paypal.com 1 redirects
0 ecma.sidebyz.com Failed theusualsuspectz.biz
0 matomo.hellohi.me Failed cricfree.1banproxy.com
0 gtag Failed cricfree.1banproxy.com
0 intckdom.com Failed cricfree.1banproxy.com
90 29

This site contains no links.

Subject Issuer Validity Valid
1banproxy.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
metrica-yandex.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
ibb.co
E6		 2024-10-21 -
2025-01-19		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-13 -
2025-06-12		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
datatables.net
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh
sports-streams-online.club
WE1		 2024-10-15 -
2025-01-13		 3 months crt.sh
theusualsuspectz.biz
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh
heartilyscales.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
gemfowls.com
R11		 2024-10-01 -
2024-12-30		 3 months crt.sh
vmuid.com
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.chatango.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-24 -
2025-07-24		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
usefulmobile.club
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
s10.histats.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
pupspu.com
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
histats.com
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://cricfree.1banproxy.com/.env
Frame ID: 6C67814C95909CDA6F489FF6281B92B8
Requests: 59 HTTP requests in this frame

Frame: https://cricfree.1banproxy.com/chat.php
Frame ID: 469F767D4198709264275F83569B4C1E
Requests: 28 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0924241845/id.html
Frame ID: 718D5BB1857FEC34C02214DCA928B61A
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 40FADD37EB234492E786DD2E81BB6644
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 275E55C2AA6BE8F7784701B78A8BEB6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

80 %
HTTPS

0 %
IPv6

27
Domains

29
Subdomains

19
IPs

7
Countries

726 kB
Transfer

2135 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://p176706.clksite.com/adServe/banners?tid=P_CRICMOBSCHD&tagid=2 HTTP 301
  • https://intckdom.com/adServe/banners?tid=P_CRICMOBSCHD&tagid=2
Request Chain 3
  • https://p176706.clksite.com/adServe/banners?tid=CRICFREE_DI HTTP 301
  • https://intckdom.com/adServe/banners?tid=CRICFREE_DI
Request Chain 4
  • https://p176706.clksite.com/adServe/banners?tid=CRICFREEP&tagid=2 HTTP 301
  • https://intckdom.com/adServe/banners?tid=CRICFREEP&tagid=2
Request Chain 9
  • https://www.paypal.com/en_GB/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
Request Chain 10
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css HTTP 302
  • https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css
Request Chain 11
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/old1.css HTTP 302
  • https://cricfree.1banproxy.com/front-media/v4/css/old1.css
Request Chain 12
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css HTTP 302
  • https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css
Request Chain 33
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Request Chain 54
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Request Chain 74
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10544.XQCUgd6ylgaucJa56rhw3RBpRIb7nW9G6Uv-W8HEP1gmz3QDfHroFoSYXhUrbjKI.2ljgqgeE4FjQC8w2fqz8d1I91q4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10544.XiIHri4xLfiapg65eAN63A_m4Ukk1rnKIsZBMfnXnDA5fr6P2mZ0bVzXHDWhz81-cjsFtxtX0WAdIaOlSYOMJyDmUqz41-9yQ6u0YA4_Wb-KOjwzgrhIlmFgj372Z0RbrVlaR9hvLdEFVz2yLl8LnqKLv-cDxfsWPBlG4rNDov6ESecSpDP4ni2vpx1a-x_645y4Cgt4Ji9MAU0LeCdguC3iqshkrmkY309gPInIZZU%2C.fFPNmIYYFHGnEKwVqqbbeSF5i6o%2C
Request Chain 76
  • https://mc.yandex.com/watch/86221166?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A227491652%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/86221166/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A227491652%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
Request Chain 77
  • https://mc.yandex.com/watch/90921098?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A138307954%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/90921098/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A138307954%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request .env
cricfree.1banproxy.com/ 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f62e022c3da9d4e257a1d156ead16fde7b963185687fd52e5b18df447dab17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ddb884f1a4e661a-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 05 Nov 2024 08:39:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYpifdJREv4tvNCZv%2BPSYDlhYBvZCyS%2FOL3i1UmilHQm3y2xHJB7zcDse1i0mvQQ7cnsY5JUbMJAicQ183SIWE13jcz7Hm4ZoEE4XQjr0jGShtKNYdt%2BCwHHV3J8%2BsNg3uPk9MueD5Kz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16474&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4190&recv_bytes=4540&delivery_rate=661&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=697&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
tag.js
metrica-yandex.com/metrika/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrica-yandex.com/metrika/tag.js?1001
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61564186-eb6f"
age
411519
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ak6OBFw8JL3YZUr2Oq9NshJNOpbgGOzVW3dMlIhMBRoQz9vApE%2FN5%2Bi3wgQ9l8xRgOdcMTHYYy2vPKR1pedOYsJQ4MBzSu3Ow3owl4yIxK9bz%2Bei%2BEeitf4EgGqSRAvDRbUodKM%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28983&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4320&delivery_rate=103109&cwnd=12000&unsent_bytes=0&cid=c630892e8392c8d6&ts=432&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 30 Sep 2021 23:00:22 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb8854bda266e4-AMS
server
cloudflare
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e58-f2d"
age
52762
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J02oQNy%2FODiN4J4bOAFFLWfplB%2FD5fCsMDJ%2BrGC1Vqg1eJ5ZZMeUMYr929Fh7fVgXjkUhedw7t%2F8PGVcrlcqbr4p%2FAxcDnKSJ%2BZhSnwX3f2iSxKBBuFFDdkHFsJgxF4BLGSLC%2Fn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 08:39:18 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ddb8855bb099fdb-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
955
server
cloudflare
banners
intckdom.com/adServe/
Redirect Chain
  • https://p176706.clksite.com/adServe/banners?tid=P_CRICMOBSCHD&tagid=2
  • https://intckdom.com/adServe/banners?tid=P_CRICMOBSCHD&tagid=2
0
0
banners
intckdom.com/adServe/
Redirect Chain
  • https://p176706.clksite.com/adServe/banners?tid=CRICFREE_DI
  • https://intckdom.com/adServe/banners?tid=CRICFREE_DI
0
0
banners
intckdom.com/adServe/
Redirect Chain
  • https://p176706.clksite.com/adServe/banners?tid=CRICFREEP&tagid=2
  • https://intckdom.com/adServe/banners?tid=CRICFREEP&tagid=2
0
0
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 08:39:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 07:02:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
alert-xxl.png
i.ibb.co/pyC2VvJ/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
5554
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
image/png
last-modified
Mon, 07 Aug 2023 04:09:39 GMT
server
nginx
logo.png
cricfree.1banproxy.com/front-media/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cricfree.1banproxy.com/front-media/img/logo.png
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1875ae4c6c1e9e1b1c4392dfe7453f5174e330a5427d3b8f894ec459751026e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r55HFiNI97PlXPpgNHs%2FoOas0uXwGmBp5Vj0f3kDvZ6GUxZr4RMg%2FsI33nOS5tbzTQKbUNlxWWwUWTNK8i7f%2Fzxt%2B5E5KxlYWsBLFY%2FCaYH3FJIeSqra6JoB8PHX24HdWY0UiL%2F8JIrA"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb88522d1b661a-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33496&sent=21&recv=16&lost=0&retrans=1&sent_bytes=12404&recv_bytes=5115&delivery_rate=126089&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=919&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/GB/i/btn/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D9) /
Resource Hash
238ffe6f51ad7bc454ba82ce61ef91f8c2f9b615187dce0255a3a964821df394
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

paypal-debug-id
69a2e7e2c7950
etag
"5d5637ba-b2a"
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 09:39:18 GMT
traceparent
00-000000000000000000069a2e7e2c7950-100686a90eac9346-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
image/gif
last-modified
Fri, 16 Aug 2019 04:57:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
2858
server
ECAcc (ama/48D9)
pixel.gif
www.paypalobjects.com/en_GB/i/scr/
Redirect Chain
  • https://www.paypal.com/en_GB/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

paypal-debug-id
bfcb41c8d9519
etag
"642b3574-2b"
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 09:39:20 GMT
traceparent
00-0000000000000000000bfcb41c8d9519-31cab52f02658560-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
image/gif
last-modified
Mon, 03 Apr 2023 20:22:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
43
server
ECAcc (ama/48CB)

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
0251521b2a5b4
content-encoding
gzip
accept-ch
Sec-CH-UA-Full
location
https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
timing-allow-origin
*
traceparent
00-00000000000000000000251521b2a5b4-0f3cb849e8ea5be5-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20
date
Tue, 05 Nov 2024 08:39:20 GMT
vary
Accept-Encoding
server
ECAcc (lhd/370D)
bootstrap.min.css
cricfree.1banproxy.com/front-media/v4/css/
Redirect Chain
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css
  • https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css
141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytALOPljJgYNGWcHzyo8PcTg1LEUydU6gS6joUZPGjFIGmilYqI3oasCPgUeCl3GZChxSdhtuxYlhcY9Fc9H9W0CdTUaBeuJ8MY8E2jlm6i00fK9sHBnC3lU9ekvfvvrK7EMC87RnW5y"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29631&sent=35&recv=27&lost=0&retrans=1&sent_bytes=23173&recv_bytes=7643&delivery_rate=17519&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=2180&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ddb88595d42661a-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://cricfree.1banproxy.com/front-media/v4/css/bootstrap.min.css
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtbodK7cw9ofaiA%2FK%2FoPDBgOupEtijF5jH3lWj8aXzj5qngMnK4ANIvbH9gvT52z%2BpMLMtxS91qqaVAon7pk79RzkNogD4%2FkGwYeTtDu6UfDhuXczaNuKBeD%2Bze7KHPSNHOQHmA06DHe"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb885629c7661a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28475&sent=30&recv=22&lost=0&retrans=1&sent_bytes=19613&recv_bytes=6435&delivery_rate=76341&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=1954&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
old1.css
cricfree.1banproxy.com/front-media/v4/css/
Redirect Chain
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/old1.css
  • https://cricfree.1banproxy.com/front-media/v4/css/old1.css
38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/front-media/v4/css/old1.css
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f94aa0a6a3014ac99c89b04ebe1f80a089f8c2a13b57b885805aa8d5bca198b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WODbETl%2FKS6UPSk6uq9jBP5g%2BEtPEgsONVqXa1792YYzMtz4yE3LeRA4dk0cvu97pq9MNnMYnuXvA3z4go%2FbNgXKp%2FcfJ9x9LwdRn5W%2FrbYZV8MKFSFCKG6PwHNkMyFWHP6wKgmQlNLz"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24635&sent=55&recv=32&lost=0&retrans=1&sent_bytes=46233&recv_bytes=7858&delivery_rate=65752&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=2210&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ddb88595d44661a-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://cricfree.1banproxy.com/front-media/v4/css/old1.css
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FK7cUTbgsVSEIedTz2FwJqOA5uWfehAltYe0fc%2F%2FKSL70hdymA7vCnZYI%2FASqYDjljJId%2F0RNPbPeytKSLZwIDE2zZ0zTCGr1iAIvlTyehxNlvNVa4qJkaPC7BIxXWaPOC2sUFDUEbr"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb885639df661a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28475&sent=28&recv=22&lost=0&retrans=1&sent_bytes=18217&recv_bytes=6435&delivery_rate=76341&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=1949&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
jquery.dataTables.min.css
cricfree.1banproxy.com/front-media/v4/css/
Redirect Chain
  • https://cricfree.1banproxy.com/b/?https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css
  • https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css
14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1152f9acb9c7bc4a3db79ea49a119b36e2f6eb912f3bb8bd74f672085b2e7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz14ec8Udiljhhoj35J6SXgXrJmU65Kt%2FRkfQZzJj0sLxHZjZBb9WBkuowakpFB%2BEkqycnqPQPFLrHlaxzlxreSVaiVSBC5QrRkMJsnAtCHywCY0tVEcbqpINN65afNrnTMzYhABBOas"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30945&sent=32&recv=26&lost=0&retrans=1&sent_bytes=20331&recv_bytes=7600&delivery_rate=4255&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=2125&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ddb88595d40661a-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://cricfree.1banproxy.com/front-media/v4/css/jquery.dataTables.min.css
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIMgkiwPb7GdCDZSlM53KfgPhh7tOngiVT%2Bj5SEoRQjn5DWWsRKOWZvBLvqUybvSQDhL6AaGk8uMQ4peAv43Milx%2FVXTgkMdVY9M6r5Xld3GW%2BDGhOb4gCj%2BOLfz%2BxQNlESPecunrEnJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb885639e4661a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28475&sent=29&recv=22&lost=0&retrans=1&sent_bytes=18908&recv_bytes=6435&delivery_rate=76341&cwnd=12000&unsent_bytes=0&cid=33ad0a8b965e2358&ts=1953&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
jquery-3.3.1.js
code.jquery.com/ 		265 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-42587"
age
1131919
x-cache
HIT, HIT
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
22100, 3058
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21980-LGA, cache-ams2100123-AMS
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730795959.952964,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80268
server
nginx
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
gzip
age
493189
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:39:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:39:30 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30306
x-xss-protection
0
server
sffe
jquery.dataTables.min.js
cdn.datatables.net/1.10.19/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67065367-141eb"
age
2186847
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKQZeTRk%2FeKcts0qys76A%2F6nqz7Ut%2BkxwJXo83cqGpgP4MWlk0LpS7ghbzP69WdfEdc%2F8NrhJNw9wzUR56dzfD7D3%2B288i6zA%2FlbVkXZkpAqgcsH%2BCD7uSD3s64gta3JcyNt7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET
expires
Thu, 31 Dec 2037 23:55:55 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=12747&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4025&recv_bytes=2302&delivery_rate=329166&cwnd=254&unsent_bytes=0&cid=bdb00f6fd2e0a44c&ts=477&x=0"
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 09:56:55 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
origin, x-requested-with, content-type
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb885e7c096648-AMS
access-control-allow-origin
*
server
cloudflare
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7b17cdd4eb6d085c3bbd06b7f0ceffd485bcef80900ff3ab2edd08efe230b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e58-59d2"
age
275120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BeJ3%2BzgkBd%2BOmG0ZsfFdFV3QF1wBKfBM1i9zfUawD0MefG5fAU4Z9SXdSvPDz0aAyVG1NyimMquNE10rAMH2yDkCU5fkUZIFzXDNFyQQ6OXin%2F5pJwAegV3d25pknR089FzZNSF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 08:39:19 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ddb885d1ce99fdb-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
7584
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-4af4"
age
452978
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAJZeqdP%2FXZnJg6Ep2S88ztAk23cgEVhnCcmYR338NVHP%2BJkw48EOGvZQ2dZNzD94hfbbK5Zb5wm4Ftqi08E0PERv%2Ft%2BTAQ4bA2gaNgVk2tfdluJMz7j11MyS8xbOLLOQ9aXY0gx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 08:39:20 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ddb885dfe249fdb-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
6157
server
cloudflare
bootstrap.min.js
cricfree.1banproxy.com/front-media/v4/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/front-media/v4/js/bootstrap.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5efab7b2fa6a15716092e6099dc7b98e07699afde4f35a3adb1a13dc9f312364

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBm0S6p7GtEPirmcdym%2FzhzXYMn98WFVs%2BosaWphVWhJGFVnAXzUH9Seo6R4nN3mbZPBoXDP4vrzVYQhBKSGEHbsv8svx3Hbdx8qzZolRyScenobOkUw6DSo%2F9%2BmkRDG%2BGs7iaydoBVc"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23219&sent=62&recv=42&lost=0&retrans=1&sent_bytes=52660&recv_bytes=8601&delivery_rate=712034&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ddb885f5c1e661a-AMS
access-control-allow-origin
*
server
cloudflare
extra.js
cricfree.1banproxy.com/front-media/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/front-media/js/extra.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6a92bd7daa4d024679dd44e8a493eca990c023866575cfde718dec0d439414

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3upCC9Y4C0uq%2FAia5lDVUK9bsanOiy24TuZd1iq39%2BCmB1RK7urQkQi25w3Ck2tzwbtUpOiM9F0O%2Bdpjyc%2BIZDvrbJZV0IWNEEVlrtMr2ZN7JHSs6KY9FSJo%2FCkxutcKUpvI5vLKdU1"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20537&sent=120&recv=73&lost=0&retrans=1&sent_bytes=112198&recv_bytes=12509&delivery_rate=505604&cwnd=34800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3973&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ddb88611e10661a-AMS
access-control-allow-origin
*
server
cloudflare
nwm-fcn.min.js
cdn.sports-streams-online.club/scripts/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sports-streams-online.club/scripts/nwm-fcn.min.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87f95d3ba934e9be1e139268ab44fc19aaf6693b537dfd004c1172ade20a706

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

no_cache_headers
[object Object]
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgNlERt6%2FyQkozntv%2BQQ5t5vLehqIY8pz0UpbTkhRgGf3RUxp0bty4rCBTYX6fi1SeMiJtarv9Ln9DwepdlmJDlTCIiPY0n6czgw7MeuGFbKOTy0JjlDf4ieTcQ5vpyJ7DHjHoomOnjfpOmfZzXuOIo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb88624b071c1a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19997&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4209&recv_bytes=4420&delivery_rate=31433&cwnd=12000&unsent_bytes=0&cid=12e65fb9dd78631d&ts=234&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
js
gtag/ 		0
0
js
gtag/ 		0
0
apx19.js
cricfree.1banproxy.com/app/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/apx19.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-23df"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlXV4uuufRZbXVz5qyikxUGx9nnNG0xbmXfmLijwNLLGMLwuM%2BCv1NG1WePavdZZkKxxgG0BUTnEtYRfu%2FrJwRA95JjjSnKsw5FOk6mqfkce9Eb8QmUT7dkYCqzEDy9lWVJke%2FVXPzvC"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=78&recv=56&lost=0&retrans=1&sent_bytes=67306&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3268&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e15661a-AMS
server
cloudflare
hy.js
cricfree.1banproxy.com/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/hy.js?q22q2q2
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa3-db43"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uajK4dpII2W8whkmPO%2BTHAGn8okAWoic2Ke4asgzegw0wWHq50gtBQtA0nkYFzAb%2BmdF4unXsG%2FHRfomv%2Ba4fGHV5SFW0ABcKpZ2GxViHHVDOHPMvMTBAiDh9fje5qDA5C%2BVBofUztkH"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=81&recv=56&lost=0&retrans=1&sent_bytes=70806&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3270&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:31 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e17661a-AMS
server
cloudflare
zpp4.js
cricfree.1banproxy.com/zpp/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/zpp/zpp4.js?q22q2q2
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fca-9853"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1Ahtf2BIYulSvYLdB4g%2Bw72TzK2%2Fpq85c9N11MDAyZXmKulywPPgfF92GA%2FvzSva8Cf0rIajnuBa1o7vLh%2BeU0L2IGwzVAUfURSCO1JQKXV%2BuZlR2Fn%2FXlJEg%2BsWiYezetL8sSeMpbH"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=98&recv=56&lost=0&retrans=1&sent_bytes=90106&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3273&x=1", cfExtPri, cfHdrFlush;dur=9
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:40:10 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e19661a-AMS
server
cloudflare
apx14.js
cricfree.1banproxy.com/app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/apx14.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-1def"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEEFkuJKaSldKyGdoxKNijdzOLqlSog95M2i2mL9YVcnK33xCbLpioixYDGH1kicpGHTgYUs9VoXiOslsujJbHoOTa6GoXFDJi5PxI34wCmNoXKEOzjqY8RRQIJOJONiDRb2tLTnfAQu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=81&recv=56&lost=0&retrans=1&sent_bytes=70806&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3270&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e1a661a-AMS
server
cloudflare
x12.js
cricfree.1banproxy.com/app/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/x12.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-2bac"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jawQgLAmsbYSUWQ5Uh%2BeF1q4oDtlYW7kngHljmzwXv08%2BvA1Gy3Lp%2B5WSeV%2BHmIsbNxvkp77%2FKkOq0tauBgutqI1zpAO%2FJhutvtdc%2BLfBJvUGLE8IjJC%2Bjb6CbNIvMWA5KTRUTY5rz1F"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=98&recv=56&lost=0&retrans=1&sent_bytes=90106&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3271&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e20661a-AMS
server
cloudflare
qqqq.js
theusualsuspectz.biz/j/m/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theusualsuspectz.biz/j/m/qqqq.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"603dadf6-bcdf"
age
1674701
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tso6gMe8bpTXg5%2FFbh%2BqSdtw1ZtUvj1Q7vKYbtGI1vvAuQra0na6qEPPvS5AP55Uul71OpCQKqPyBlIu5USaEvAOy0r8ZhfE%2BB4gaBr7mAKLDl8GX%2FXPh4EyNlr6ZFLaOhOJ3UTHZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18237&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4223&recv_bytes=4407&delivery_rate=23243&cwnd=12000&unsent_bytes=0&cid=cfbd29f0363c40af&ts=202&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 02 Mar 2021 03:16:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88623b950c11-AMS
server
cloudflare
a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:20 GMT
Content-Type
application/javascript
Host
heartilyscales.com
Server
nginx/1.21.6
2200540f09f939738419313a1a090c32.js
gemfowls.com/22/00/54/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gemfowls.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:20 GMT
Content-Type
application/javascript
Host
gemfowls.com
Server
nginx/1.21.6
a032b4d33c8aea68a4f9b84235614bff.js
gemfowls.com/a0/32/b4/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gemfowls.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:20 GMT
Content-Type
application/javascript
Host
gemfowls.com
Server
nginx/1.21.6
script.js
vmuid.com/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
10178
Date
Tue, 05 Nov 2024 08:39:20 GMT
Content-Type
text/javascript
Server
nginx
sdk.js
pupspu.com/
Redirect Chain
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
HTTP/1.1
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
4c7c4732601c2f3dc3f4b3a1fbe88dd6ffe92fb0af8a4a1a28e256cd4f9c2b5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
61297
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
text/javascript
Server
nginx

Redirect headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Location
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 05 Nov 2024 08:39:20 GMT
Server
nginx
css
fonts.googleapis.com/ 		9 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/front-media/v4/css/old1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 08:39:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 08:39:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 07:40:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/front-media/v4/css/old1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"77cbad34e5ce95e70847b074e05faeab"
age
1088501
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKAnDExe1H%2F2MpHSi6Q8q2el4CiDXqhbb4WSrUE6ha6NCgW3N3SIHfmmeLnGsft%2Bd2b2thHuvo%2BUxw20TZXuehA9YhQoYmRVSg%2F6ON2pVkDQmrCHUUDY93A0c21R0JX%2BjA65vz%2BC"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb885f381c1c94-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19604&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2244&delivery_rate=329062&cwnd=254&unsent_bytes=0&cid=0ffdfeac2e03ed13&ts=469&x=0"
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
vary
Accept-Encoding
server
cloudflare
chat.php
cricfree.1banproxy.com/ Frame 469F 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/chat.php
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbb2daa3fa3b11d9da0ccd9e48cf81bd9169347152bc34e91cf82585dccbfd4

Request headers

Referer
https://cricfree.1banproxy.com/.env
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ddb88612e1b661a-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 05 Nov 2024 08:39:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZnWr5XtQ1bEfvvcpgNNpSXkgfSnENsbj7KDxNzAxvyXh1PzSVHqKrzjo%2FGAP%2FFMNUJqH3Z2GN5aDbwUcHeMy7Y2SqgPV4S0KJyh02fyRzxalae43aByILGfLT8NFJQFYr6RpHvq0TtS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=20537&sent=122&recv=73&lost=0&retrans=1&sent_bytes=113691&recv_bytes=12509&delivery_rate=505604&cwnd=34800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3974&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
final.png
cricfree.1banproxy.com/front-media/img/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cricfree.1banproxy.com/front-media/img/final.png
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/front-media/v4/css/old1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7feae08993e8036090ffdeecca3c9225ef5818fe098ac2028f3a06222ce8b04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/front-media/v4/css/old1.css

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTu%2Fqo19BnAdF0xYa5wwqexhB0NO2tYyjDhhysrc2iP9rrzOR603r729sePMytJzswH8RdW5eNzBNEvfQx4j3CjLWkj7l0PuN0Re2%2B2Y52nOTAev7aA7XM19ZEP4sdPyq325cRbg9S2L"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb8861ae95661a-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20537&sent=126&recv=73&lost=0&retrans=1&sent_bytes=117438&recv_bytes=12509&delivery_rate=505604&cwnd=34800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3993&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cricfree.1banproxy.com
Referer
https://fonts.googleapis.com/

Response headers

age
6020
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 06:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 06:59:00 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cricfree.1banproxy.com
Referer
https://fonts.googleapis.com/

Response headers

age
494357
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cricfree.1banproxy.com
Referer
https://use.fontawesome.com/releases/v5.8.2/css/all.css

Response headers

cf-cache-status
MISS
etag
"64b3e814a66c2719b15abf8f7998bd73"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ie1JJTMnyyyezj8kq4LE4AwHqMu3uJV%2BOc77LXJWWx3zZqahH6mbTik48%2F14N13NmojPcng9BDITD6AgUI8a5jCaPHX7u7cDw2yFu72ko8z1SL20E2DznKI%2FPxAxXbHwla1iIVJq"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15297&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2256&delivery_rate=241273&cwnd=254&unsent_bytes=0&cid=561286028f2039b5&ts=341&x=0"
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:59 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88637d5a0b58-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
74328
server
cloudflare
tag.js
metrica-yandex.com/metrika/ Frame 469F 		59 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://metrica-yandex.com/metrika/tag.js?1001
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61564186-eb6f"
age
411519
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ak6OBFw8JL3YZUr2Oq9NshJNOpbgGOzVW3dMlIhMBRoQz9vApE%2FN5%2Bi3wgQ9l8xRgOdcMTHYYy2vPKR1pedOYsJQ4MBzSu3Ow3owl4yIxK9bz%2Bei%2BEeitf4EgGqSRAvDRbUodKM%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28983&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4320&delivery_rate=103109&cwnd=12000&unsent_bytes=0&cid=c630892e8392c8d6&ts=432&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 30 Sep 2021 23:00:22 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb8854bda266e4-AMS
server
cloudflare
css2
fonts.googleapis.com/ Frame 469F 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 08:39:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 08:39:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 07:02:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
alert-xxl.png
i.ibb.co/pyC2VvJ/ Frame 469F 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
5554
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
image/png
last-modified
Mon, 07 Aug 2023 04:09:39 GMT
server
nginx
apx19.js
cricfree.1banproxy.com/app/ Frame 469F 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/apx19.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-23df"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlXV4uuufRZbXVz5qyikxUGx9nnNG0xbmXfmLijwNLLGMLwuM%2BCv1NG1WePavdZZkKxxgG0BUTnEtYRfu%2FrJwRA95JjjSnKsw5FOk6mqfkce9Eb8QmUT7dkYCqzEDy9lWVJke%2FVXPzvC"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=78&recv=56&lost=0&retrans=1&sent_bytes=67306&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3268&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e15661a-AMS
server
cloudflare
hy.js
cricfree.1banproxy.com/ Frame 469F 		55 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/hy.js?q22q2q2
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa3-db43"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uajK4dpII2W8whkmPO%2BTHAGn8okAWoic2Ke4asgzegw0wWHq50gtBQtA0nkYFzAb%2BmdF4unXsG%2FHRfomv%2Ba4fGHV5SFW0ABcKpZ2GxViHHVDOHPMvMTBAiDh9fje5qDA5C%2BVBofUztkH"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=81&recv=56&lost=0&retrans=1&sent_bytes=70806&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3270&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:31 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e17661a-AMS
server
cloudflare
zpp4.js
cricfree.1banproxy.com/zpp/ Frame 469F 		38 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/zpp/zpp4.js?q22q2q2
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fca-9853"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1Ahtf2BIYulSvYLdB4g%2Bw72TzK2%2Fpq85c9N11MDAyZXmKulywPPgfF92GA%2FvzSva8Cf0rIajnuBa1o7vLh%2BeU0L2IGwzVAUfURSCO1JQKXV%2BuZlR2Fn%2FXlJEg%2BsWiYezetL8sSeMpbH"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=98&recv=56&lost=0&retrans=1&sent_bytes=90106&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3273&x=1", cfExtPri, cfHdrFlush;dur=9
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:40:10 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e19661a-AMS
server
cloudflare
apx14.js
cricfree.1banproxy.com/app/ Frame 469F 		7 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/apx14.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-1def"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEEFkuJKaSldKyGdoxKNijdzOLqlSog95M2i2mL9YVcnK33xCbLpioixYDGH1kicpGHTgYUs9VoXiOslsujJbHoOTa6GoXFDJi5PxI34wCmNoXKEOzjqY8RRQIJOJONiDRb2tLTnfAQu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=81&recv=56&lost=0&retrans=1&sent_bytes=70806&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3270&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e1a661a-AMS
server
cloudflare
x12.js
cricfree.1banproxy.com/app/ Frame 469F 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/app/x12.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61830fa6-2bac"
age
1317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jawQgLAmsbYSUWQ5Uh%2BeF1q4oDtlYW7kngHljmzwXv08%2BvA1Gy3Lp%2B5WSeV%2BHmIsbNxvkp77%2FKkOq0tauBgutqI1zpAO%2FJhutvtdc%2BLfBJvUGLE8IjJC%2Bjb6CbNIvMWA5KTRUTY5rz1F"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22148&sent=98&recv=56&lost=0&retrans=1&sent_bytes=90106&recv_bytes=11383&delivery_rate=87832&cwnd=22800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=3271&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Nov 2021 22:39:34 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88612e20661a-AMS
server
cloudflare
qqqq.js
theusualsuspectz.biz/j/m/ Frame 469F 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://theusualsuspectz.biz/j/m/qqqq.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"603dadf6-bcdf"
age
1674701
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tso6gMe8bpTXg5%2FFbh%2BqSdtw1ZtUvj1Q7vKYbtGI1vvAuQra0na6qEPPvS5AP55Uul71OpCQKqPyBlIu5USaEvAOy0r8ZhfE%2BB4gaBr7mAKLDl8GX%2FXPh4EyNlr6ZFLaOhOJ3UTHZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18237&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4223&recv_bytes=4407&delivery_rate=23243&cwnd=12000&unsent_bytes=0&cid=cfbd29f0363c40af&ts=202&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 02 Mar 2021 03:16:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb88623b950c11-AMS
server
cloudflare
a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ Frame 469F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
application/javascript
Host
heartilyscales.com
Server
nginx/1.21.6
2200540f09f939738419313a1a090c32.js
gemfowls.com/22/00/54/ Frame 469F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gemfowls.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
application/javascript
Host
gemfowls.com
Server
nginx/1.21.6
a032b4d33c8aea68a4f9b84235614bff.js
gemfowls.com/a0/32/b4/ Frame 469F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gemfowls.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
application/javascript
Host
gemfowls.com
Server
nginx/1.21.6
script.js
vmuid.com/ Frame 469F 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
10178
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
text/javascript
Server
nginx
sdk.js
pupspu.com/ Frame 469F
Redirect Chain
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
4c7c4732601c2f3dc3f4b3a1fbe88dd6ffe92fb0af8a4a1a28e256cd4f9c2b5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
61297
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
text/javascript
Server
nginx

Redirect headers

X-Cache-Status
MISS
Cache-Control
no-store, max-age=0
Location
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 05 Nov 2024 08:39:21 GMT
Server
nginx
emb.js
st.chatango.com/js/gz/ Frame 469F 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/js/gz/emb.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
56029ca55d0ab59f30047b3cd5e6edb175d72ad77ef9693affbd883bab9449f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Cache-Control
max-age=0
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 05 Nov 2024 08:39:22 GMT
Accept-Ranges
bytes
Content-Length
23804
Date
Tue, 05 Nov 2024 08:39:22 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 25 Sep 2024 01:49:29 GMT
Server
nginx
tag.js
mc.yandex.ru/metrika/ Frame 469F 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6726238c-129f3"
expires
Tue, 05 Nov 2024 09:39:21 GMT
access-control-allow-origin
*
content-length
76275
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
img3.jpg
cdn.usefulmobile.club/images/fcn/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.usefulmobile.club/images/fcn/img3.jpg
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f449d4a08e3666aa9439169959623f700e4accc27f8314e12c726ee285189f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cf-cache-status
REVALIDATED
etag
"8220bf6e55b40a98ca088e886065b187"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Obo7dM7bLhHnFOtmcNt0vhcc0X3DdTunZIFgQUMGX23uJiwJwk7CY%2FtiuKVFDc4GUL90HsSeOGk5rocFknn5xYfogJwBVSfwK1xmHEHPcYiPGlvWO0IsLd%2BDeM1Uvt0PZs%2BkLG5cKQo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22000&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4210&recv_bytes=4452&delivery_rate=552&cwnd=12000&unsent_bytes=0&cid=a2a6acdb73ac212a&ts=644&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:22 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Wed, 13 May 2020 17:54:40 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ddb8867d8300b70-AMS
x-amz-request-id
tx0000077167abbed4f70bd-0066fd7c4f-2d44625ba-us-east-1-iad1
accept-ranges
bytes
x-amz-meta-origin-date-iso8601
2019-12-13T20:06:54.164Z
content-length
3744
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 469F 		18 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

age
494357
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
user.php
cricfree.1banproxy.com/ Frame 469F 		0
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/user.php
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cricfree.1banproxy.com/chat.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVzSL1bkewNeT3UwRW0BqHshYFi%2FMEAgjpeA%2BjiIh8iq0NBfKDYl5PejFaVeHaUkRfCB4OrZ6Ksc9aSGHGAYzNTi9uegL990elXsY6nVrw2O6R6Dz3%2BWe7kp5CWQ0cKhVTxrhmarTJLC"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb8867cd3e661a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31049&sent=162&recv=84&lost=0&retrans=1&sent_bytes=154451&recv_bytes=14309&delivery_rate=21288&cwnd=40800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=4457&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
text/html; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
matomo.js
matomo.hellohi.me/ Frame 469F 		0
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
15085
cf-ray
8ddb88687dcc0e33-AMS
accept-ranges
bytes
content-length
4547
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
tag.js
mc.yandex.ru/metrika/ 		220 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6726238c-129f3"
expires
Tue, 05 Nov 2024 09:39:21 GMT
access-control-allow-origin
*
content-length
76275
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
user.php
cricfree.1banproxy.com/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/user.php
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cricfree.1banproxy.com/.env
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtcvQJpWK7B3feUKSWvZuXpnDco%2BIVsIu8BIP0%2FFW5Wor07AaNo%2FB8Vp9bB3A%2BXUKXWWKqxOrojwS5MLVIexq%2FPHWHTddrsCjqDbRQB%2F2y8VExleQWlazMh1dNN8AWqbT%2BnXSS%2BpVOf%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb8867cd3f661a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31049&sent=161&recv=84&lost=0&retrans=1&sent_bytes=153803&recv_bytes=14309&delivery_rate=21288&cwnd=40800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=4450&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
text/html; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
matomo.js
matomo.hellohi.me/ 		0
0
/
cricfree.1banproxy.com/helper-js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/helper-js/
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/app/apx14.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b77a0f7b256a31f50ca438c1219ac451cd68589164cb55510624597b1d22ac97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/.env

Response headers

cache-control
s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=330beZcgWY0r1KKxQaTv31ZTStZkLKInzwG6jIaIZZK%2BNfYF3ZaIELyrbXNZh8Nxdgd00Nzi%2F2wCQwmZmmJHUCT9O0q0%2FRhJ4BFPEZZrQVFipqfQU8pjqwPtziEsG3cIbODLEs8dmajR"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb8867dd4d661a-AMS
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28177&sent=159&recv=82&lost=0&retrans=1&sent_bytes=152051&recv_bytes=14219&delivery_rate=49659&cwnd=40800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=4372&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:21 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=3,i=?0
w2.js.php
ecma.sidebyz.com/j/m/ 		0
0
send
vmuid.com/uid/ 		65 B
744 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
fd5a5179bbed2dd80df4edd89f6b979e7af9ff80b2b0da3f2b5cabc70a4e58db

Request headers

Referer
https://cricfree.1banproxy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarycBrD54sqHDZ1s6Q7

Response headers

Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://cricfree.1banproxy.com
Content-Length
65
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
application/json
Server
nginx
Access-Control-Allow-Headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
hit
pupspu.com/ 		2 B
433 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/hit
Requested by
Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryI7Fwva2XwvXI4Md4
Referer
https://cricfree.1banproxy.com/

Response headers

Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
2
Date
Tue, 05 Nov 2024 08:39:21 GMT
Content-Type
text/plain; charset=utf-8
Server
nginx
/
cricfree.1banproxy.com/helper-js/ Frame 469F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cricfree.1banproxy.com/helper-js/
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/app/apx14.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24069fb17d46aa3e371a9f956bd5f8202013ce91f5d86f8e6e4f4bedeb8c5c56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/chat.php

Response headers

cache-control
s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Xj7x%2FdOtDoSaOjXhi51q0ESu4%2BKYYN3V2y1sRob3BWPAJKspD%2FzrMFGLpOD7bgbFREKLMFBcg4SZFyOjIwiKOLEKnEEWp1dpke2DYLvbgXUxZbOJ98e8x0F37lqzj1UZs%2FNwCDwHjCe"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddb886a5fcf661a-AMS
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28194&sent=164&recv=87&lost=0&retrans=1&sent_bytes=155113&recv_bytes=14818&delivery_rate=52393&cwnd=40800&unsent_bytes=0&cid=33ad0a8b965e2358&ts=4775&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 08:39:22 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=3,i=?0
0.php
s4.histats.com/stats/ 		49 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1602289&@f16&@g1&@h1&@i1&@j1730795961975&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:187501347&@b3:1730795962&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fcricfree.1banproxy.com%2F.env&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5000868.ip-142-4-219.net
Software
/
Resource Hash
1e1cbcade756228bf3f8ca0bbe161edf54bbc29b7c97645636407af85d41a164

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Content-Length
49
Date
Tue, 05 Nov 2024 08:39:22 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
w2.js.php
ecma.sidebyz.com/j/m/ Frame 469F 		0
0
send
vmuid.com/uid/ Frame 469F 		65 B
744 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
fd5a5179bbed2dd80df4edd89f6b979e7af9ff80b2b0da3f2b5cabc70a4e58db

Request headers

Referer
https://cricfree.1banproxy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary9mASz4C5RbwCEpX1

Response headers

Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://cricfree.1banproxy.com
Content-Length
65
Date
Tue, 05 Nov 2024 08:39:22 GMT
Content-Type
application/json
Server
nginx
Access-Control-Allow-Headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
hit
pupspu.com/ Frame 469F 		2 B
433 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/hit
Requested by
Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary1WABdf926or37mMz
Referer
https://cricfree.1banproxy.com/

Response headers

Cache-Control
no-store, max-age=0
Accept-Ch
Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
2
Date
Tue, 05 Nov 2024 08:39:22 GMT
Content-Type
text/plain; charset=utf-8
Server
nginx
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10544.XQCUgd6ylgaucJa56rhw3RBpRIb7nW9G6Uv-W8HEP1gmz3QDfHroFoSYXhUrbjKI.2ljgqgeE4FjQC8w2fqz8d1I91q4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10544.XiIHri4xLfiapg65eAN63A_m4Ukk1rnKIsZBMfnXnDA5fr6P2mZ0bVzXHDWhz81-cjsFtxtX0WAdIaOlSYOMJyDmUqz41-9yQ6u0YA4_Wb-KOjwzgrhIlmFgj372Z0RbrVlaR9hvLd...
43 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10544.XiIHri4xLfiapg65eAN63A_m4Ukk1rnKIsZBMfnXnDA5fr6P2mZ0bVzXHDWhz81-cjsFtxtX0WAdIaOlSYOMJyDmUqz41-9yQ6u0YA4_Wb-KOjwzgrhIlmFgj372Z0RbrVlaR9hvLdEFVz2yLl8LnqKLv-cDxfsWPBlG4rNDov6ESecSpDP4ni2vpx1a-x_645y4Cgt4Ji9MAU0LeCdguC3iqshkrmkY309gPInIZZU%2C.fFPNmIYYFHGnEKwVqqbbeSF5i6o%2C
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Tue, 05 Nov 2024 08:39:22 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10544.XiIHri4xLfiapg65eAN63A_m4Ukk1rnKIsZBMfnXnDA5fr6P2mZ0bVzXHDWhz81-cjsFtxtX0WAdIaOlSYOMJyDmUqz41-9yQ6u0YA4_Wb-KOjwzgrhIlmFgj372Z0RbrVlaR9hvLdEFVz2yLl8LnqKLv-cDxfsWPBlG4rNDov6ESecSpDP4ni2vpx1a-x_645y4Cgt4Ji9MAU0LeCdguC3iqshkrmkY309gPInIZZU%2C.fFPNmIYYFHGnEKwVqqbbeSF5i6o%2C
date
Tue, 05 Nov 2024 08:39:22 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/.env
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"6726238c-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Tue, 05 Nov 2024 09:39:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 05 Nov 2024 08:39:22 GMT
content-type
image/gif
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
1
mc.yandex.com/watch/86221166/ Frame 469F
Redirect Chain
  • https://mc.yandex.com/watch/86221166?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=...
  • https://mc.yandex.com/watch/86221166/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-inf...
611 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86221166/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A227491652%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
f13b50651f1ba9b538890fd3c19e2fa3f261d93415a96cadf1b7bd3227e86291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
611
x-xss-protection
1; mode=block
date
Tue, 05 Nov 2024 08:39:23 GMT
content-type
application/json; charset=utf-8
last-modified
Tue, 05-Nov-2024 08:39:23 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/86221166/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A227491652%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:22 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
x-xss-protection
1; mode=block
date
Tue, 05 Nov 2024 08:39:22 GMT
last-modified
Tue, 05-Nov-2024 08:39:22 GMT
1
mc.yandex.com/watch/90921098/ Frame 469F
Redirect Chain
  • https://mc.yandex.com/watch/90921098?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=...
  • https://mc.yandex.com/watch/90921098/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-inf...
611 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90921098/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A138307954%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
Requested by
Host: cricfree.1banproxy.com
URL: https://cricfree.1banproxy.com/chat.php
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
7caf33a95ce1a8b646908d77fe4133f65e67af8adbefba2e2649ed283db528c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
611
date
Tue, 05 Nov 2024 08:39:23 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 05-Nov-2024 08:39:23 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/90921098/1?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A138307954%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:22 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
date
Tue, 05 Nov 2024 08:39:22 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 05-Nov-2024 08:39:22 GMT
advert.gif
mc.yandex.com/metrika/ Frame 469F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
etag
"6726238c-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Tue, 05 Nov 2024 09:39:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 05 Nov 2024 08:39:22 GMT
content-type
image/gif
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
id.html
st.chatango.com/h5/gz/r0924241845/ Frame 718D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/h5/gz/r0924241845/id.html
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.24 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://cricfree.1banproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224329
Content-Type
text/html
Date
Tue, 05 Nov 2024 08:39:24 GMT
ETag
"66f36c29-36c49"
Expires
Wed, 05 Nov 2025 08:39:24 GMT
Last-Modified
Wed, 25 Sep 2024 01:49:29 GMT
P3P
CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Server
nginx
r.json
st.chatango.com/cfg/nc/ Frame 469F 		20 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/cfg/nc/r.json?c529740020000082600348963
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
7b4d0c88365490a5148541b1563a5ba837bc3e9b2fbf5695ca34d68416905fcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
20
Date
Tue, 05 Nov 2024 08:39:23 GMT
Content-Type
application/octet-stream
Last-Modified
Wed, 25 Sep 2024 01:49:29 GMT
Server
nginx
metrika_match.html
mc.yandex.com/metrika/ Frame 40FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cricfree.1banproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1446
content-type
text/html
date
Tue, 05 Nov 2024 08:39:23 GMT
etag
"6726238c-5a6"
expires
Tue, 05 Nov 2024 09:39:23 GMT
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
90921098
mc.yandex.com/watch/ 		603 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90921098?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A657312949%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A906729291%3Arqn%3A1%3Au%3A1730795962803669961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3680%3Awv%3A2%3Ads%3A8%2C373%2C433%2C47%2C1%2C0%2C%2C4092%2C6%2C%2C%2C%2C4955%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795957224%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)cdl(na)eco(42009088)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
de932137964267d01f902d3e790c64ad371bfd15eac8d9811d8d727ad5c4a82c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
603
date
Tue, 05 Nov 2024 08:39:23 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 05-Nov-2024 08:39:23 GMT
content-type
application/json; charset=utf-8
86221166
mc.yandex.com/watch/ 		603 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86221166?wmode=7&page-url=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A657312949%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795962%3Ac%3A1%3Arn%3A944088595%3Arqn%3A1%3Au%3A1730795962803669961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3680%3Awv%3A2%3Ads%3A8%2C373%2C433%2C47%2C1%2C0%2C%2C4092%2C6%2C%2C%2C%2C4955%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795957224%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)cdl(na)eco(42009088)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
daf544923624aaf2e84c84b0c727bcd045023db45b449a7315764ceab8a1ad1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
603
x-xss-protection
1; mode=block
date
Tue, 05 Nov 2024 08:39:23 GMT
content-type
application/json; charset=utf-8
last-modified
Tue, 05-Nov-2024 08:39:23 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 275E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash

Request headers

Referer
https://cricfree.1banproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1446
content-type
text/html
date
Tue, 05 Nov 2024 08:39:23 GMT
etag
"6726238c-5a6"
expires
Tue, 05 Nov 2024 09:39:23 GMT
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
timing-allow-origin
*
86221166
mc.yandex.com/watch/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86221166?page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A620160246897%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A227491652%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A2%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
43
date
Tue, 05 Nov 2024 08:39:23 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Tue, 05-Nov-2024 08:39:23 GMT
90921098
mc.yandex.com/watch/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90921098?page-url=https%3A%2F%2Fcricfree.1banproxy.com%2Fchat.php&page-ref=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A0%3Als%3A366055698350%3Ahid%3A1042088575%3Az%3A60%3Ai%3A20241105093922%3Aet%3A1730795963%3Ac%3A1%3Arn%3A138307954%3Arqn%3A2%3Au%3A1730795962803669961%3Aw%3A491x600%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A1001%3Awv%3A2%3Ads%3A0%2C0%2C741%2C83%2C21%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1730795960443%3Arqnl%3A2%3Ast%3A1730795963%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:23 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
43
date
Tue, 05 Nov 2024 08:39:23 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 05-Nov-2024 08:39:23 GMT
content-type
image/gif
86221166
mc.yandex.com/watch/ 		43 B
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86221166?page-url=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&hittoken=1730795963_fc405cba6538d2ff8fccb3861d85db042cf848459c2fbec4071499532acb0e2c&browser-info=nb%3A1%3Acl%3A1104%3Aar%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A1%3Adp%3A1%3Als%3A620160246897%3Ahid%3A657312949%3Az%3A60%3Ai%3A20241105093937%3Aet%3A1730795978%3Ac%3A1%3Arn%3A1065901386%3Arqn%3A3%3Au%3A1730795962803669961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1730795957224%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730795978&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(0)cdl(na)eco(42009088)dss(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:37 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
43
date
Tue, 05 Nov 2024 08:39:37 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Tue, 05-Nov-2024 08:39:37 GMT
90921098
mc.yandex.com/watch/ 		43 B
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90921098?page-url=https%3A%2F%2Fcricfree.1banproxy.com%2F.env&charset=utf-8&hittoken=1730795963_e48f0bd4d4fc7b58ed2adfb272daf2a4f80745c050206b355b2e7a67cd66381b&browser-info=nb%3A1%3Acl%3A845%3Aar%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1502%3Acn%3A2%3Adp%3A1%3Als%3A366055698350%3Ahid%3A657312949%3Az%3A60%3Ai%3A20241105093937%3Aet%3A1730795978%3Ac%3A1%3Arn%3A637145381%3Arqn%3A3%3Au%3A1730795962803669961%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1730795957224%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730795978&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(0)cdl(na)eco(42009088)dss(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cricfree.1banproxy.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 05-Nov-2024 08:39:37 GMT
access-control-allow-origin
https://cricfree.1banproxy.com
content-length
43
date
Tue, 05 Nov 2024 08:39:37 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 05-Nov-2024 08:39:37 GMT
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
intckdom.com
URL
https://intckdom.com/adServe/banners?tid=P_CRICMOBSCHD&tagid=2
Domain
intckdom.com
URL
https://intckdom.com/adServe/banners?tid=CRICFREE_DI
Domain
intckdom.com
URL
https://intckdom.com/adServe/banners?tid=CRICFREEP&tagid=2
Domain
gtag
URL
https://gtag/js?id=UA-138973718-1
Domain
gtag
URL
https://gtag/js?id=UA-36635533-1
Domain
matomo.hellohi.me
URL
https://matomo.hellohi.me/matomo.js
Domain
matomo.hellohi.me
URL
https://matomo.hellohi.me/matomo.js
Domain
ecma.sidebyz.com
URL
https://ecma.sidebyz.com/j/m/w2.js.php
Domain
ecma.sidebyz.com
URL
https://ecma.sidebyz.com/j/m/w2.js.php

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hum function| $ function| jQuery function| Popper object| fcnparams object| _0x3550 function| _0x4202 function| closebutton function| openmessage object| _Hasync function| ym object| _paq function| h function| as function| f function| ay function| D object| J object| a8 function| a9 object| _0x1668 function| _0x3137 function| _0x460066 function| _0x5cd959 function| S function| o function| W function| r function| q object| imported function| aP object| regeneratorRuntime string| _uid object| AltPushPush object| AltPush object| Morath function| GetWindowHeight function| GetWindowWidth function| GetWindowTop function| GetWindowLeft function| uys function| setCookie function| getCookie function| initPu function| checkTarget number| lqtehbllcWidth number| lqtehbllcHeight object| _Top function| yolo function| chfh function| chfh2 string| _HST_cntval object| Histats function| Rq function| Pv function| Qv object| Rv function| Sv function| Tv object| Ya object| yaCounter86221166 object| yaCounter90921098 object| _HistatsCounterGraphics_0_setValues

37 Cookies

Domain/Path Name / Value
cricfree.1banproxy.com/front-media/v4/css Name: view
Value: 1
cricfree.1banproxy.com/front-media/v4/js Name: view
Value: 1
cricfree.1banproxy.com/front-media/img Name: view
Value: 1
cricfree.1banproxy.com/front-media/js Name: view
Value: 1
cricfree.1banproxy.com/ Name: view
Value: 1
cricfree.1banproxy.com/ Name: PHPSESSID
Value: iplekvr8prsdgsdhtp0th1j49n
.paypal.com/ Name: ts
Value: vreXpYrS%3D1825400360%26vteXpYrS%3D1730797760%26vr%3Dfb7a794f1920ad11c46e1155feb7e421%26vt%3Dfb7a794f1920ad11c46e1155feb7e420%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3Dfb7a794f1920ad11c46e1155feb7e421%26vt%3Dfb7a794f1920ad11c46e1155feb7e420
cricfree.1banproxy.com/ Name: nwdialogbox_1hour5
Value: %7B%22numberOfTimes%22%3A1%2C%20%22exdate%22%3ATue%2C%2005%20Nov%202024%2009%3A39%3A21%20GMT%7D
cricfree.1banproxy.com/ Name: prefix_views_counter
Value: 1
.yandex.ru/ Name: i
Value: iDBB7x5Hbj1sEHiZPLPwxPpShRTPIG/ox1N1EADNmMfINkGp5uyz5EwW8oGbd+foliqrGygQ/z5UdlDwrJ4pgPdJ6a8=
.yandex.ru/ Name: yandexuid
Value: 1472347771730795961
.yandex.ru/ Name: yashr
Value: 6706414281730795961
.vmuid.com/ Name: guid
Value: 42b140e7-0756-4fb8-9709-85a3c27eb1b4
pupspu.com/ Name: av_sw_hit
Value: 1
cricfree.1banproxy.com/ Name: HstCfa1602289
Value: 1730795961975
cricfree.1banproxy.com/ Name: HstCla1602289
Value: 1730795961975
cricfree.1banproxy.com/ Name: HstCmu1602289
Value: 1730795961975
cricfree.1banproxy.com/ Name: HstPn1602289
Value: 1
cricfree.1banproxy.com/ Name: HstPt1602289
Value: 1
cricfree.1banproxy.com/ Name: HstCnv1602289
Value: 1
cricfree.1banproxy.com/ Name: HstCns1602289
Value: 1
.1banproxy.com/ Name: _ym_uid
Value: 1730795962803669961
.1banproxy.com/ Name: _ym_d
Value: 1730795962
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2342507820fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1644027312fake
.yandex.com/ Name: yashr
Value: 2775010761730795962
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.com/ Name: ymex
Value: 1762331962.yrts.1730795962#1762331962.yrtsi.1730795962
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
mc.yandex.com/ Name: yabs-sid
Value: 1491841631730795962
.yandex.com/ Name: i
Value: PH2t14PWh5N/THb0c5tXAtPOYpco8ARGB+ue/GRCabNQEkHXhFQtdnHGruva20yzySNf1z4OB50zpDOpPFKQe1h4ZWE=
.yandex.com/ Name: yandexuid
Value: 3234757231730795962
.yandex.com/ Name: yuidss
Value: 3234757231730795962
.1banproxy.com/ Name: _ym_isad
Value: 2
.yandex.com/ Name: bh
Value: KgI/MGC7s6e5Bg==
st.chatango.com/ Name: session_id
Value: 5915755514742719

10 Console Messages

Source Level URL
Text
network error URL: https://gtag/js?id=UA-138973718-1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gemfowls.com/22/00/54/2200540f09f939738419313a1a090c32.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://gemfowls.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://gtag/js?id=UA-36635533-1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://gemfowls.com/22/00/54/2200540f09f939738419313a1a090c32.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://gemfowls.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ecma.sidebyz.com/j/m/w2.js.php
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ecma.sidebyz.com/j/m/w2.js.php
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.datatables.net
cdn.sports-streams-online.club
cdn.usefulmobile.club
cdnjs.cloudflare.com
code.jquery.com
cricfree.1banproxy.com
ecma.sidebyz.com
fonts.googleapis.com
fonts.gstatic.com
gemfowls.com
gtag
heartilyscales.com
i.ibb.co
intckdom.com
matomo.hellohi.me
mc.yandex.com
mc.yandex.ru
metrica-yandex.com
origunix.com
pupspu.com
s10.histats.com
s4.histats.com
st.chatango.com
theusualsuspectz.biz
use.fontawesome.com
vmuid.com
www.paypal.com
www.paypalobjects.com
ecma.sidebyz.com
gtag
intckdom.com
matomo.hellohi.me
104.17.24.14
104.20.2.69
104.21.27.152
142.250.184.234
142.250.185.74
142.250.186.99
142.4.219.198
151.101.130.137
162.19.58.161
172.240.108.76
172.240.108.84
172.67.75.33
178.162.215.162
188.114.96.3
192.229.221.25
208.93.230.22
208.93.230.24
93.158.134.119
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
14f62e022c3da9d4e257a1d156ead16fde7b963185687fd52e5b18df447dab17
1a6a92bd7daa4d024679dd44e8a493eca990c023866575cfde718dec0d439414
1e1cbcade756228bf3f8ca0bbe161edf54bbc29b7c97645636407af85d41a164
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
238ffe6f51ad7bc454ba82ce61ef91f8c2f9b615187dce0255a3a964821df394
24069fb17d46aa3e371a9f956bd5f8202013ce91f5d86f8e6e4f4bedeb8c5c56
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3a1152f9acb9c7bc4a3db79ea49a119b36e2f6eb912f3bb8bd74f672085b2e7e
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960
3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a
3f449d4a08e3666aa9439169959623f700e4accc27f8314e12c726ee285189f4
4c7c4732601c2f3dc3f4b3a1fbe88dd6ffe92fb0af8a4a1a28e256cd4f9c2b5e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56029ca55d0ab59f30047b3cd5e6edb175d72ad77ef9693affbd883bab9449f9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102
5cbb2daa3fa3b11d9da0ccd9e48cf81bd9169347152bc34e91cf82585dccbfd4
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11
5efab7b2fa6a15716092e6099dc7b98e07699afde4f35a3adb1a13dc9f312364
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
7b4d0c88365490a5148541b1563a5ba837bc3e9b2fbf5695ca34d68416905fcd
7caf33a95ce1a8b646908d77fe4133f65e67af8adbefba2e2649ed283db528c1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9f94aa0a6a3014ac99c89b04ebe1f80a089f8c2a13b57b885805aa8d5bca198b
a1875ae4c6c1e9e1b1c4392dfe7453f5174e330a5427d3b8f894ec459751026e
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
ac7b17cdd4eb6d085c3bbd06b7f0ceffd485bcef80900ff3ab2edd08efe230b5
afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48
b77a0f7b256a31f50ca438c1219ac451cd68589164cb55510624597b1d22ac97
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
d7feae08993e8036090ffdeecca3c9225ef5818fe098ac2028f3a06222ce8b04
d87f95d3ba934e9be1e139268ab44fc19aaf6693b537dfd004c1172ade20a706
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
daf544923624aaf2e84c84b0c727bcd045023db45b449a7315764ceab8a1ad1c
dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33
de932137964267d01f902d3e790c64ad371bfd15eac8d9811d8d727ad5c4a82c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13b50651f1ba9b538890fd3c19e2fa3f261d93415a96cadf1b7bd3227e86291
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1
fd5a5179bbed2dd80df4edd89f6b979e7af9ff80b2b0da3f2b5cabc70a4e58db
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76