cdn.crichd.to Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Submission: On June 17 via manual (June 17th 2023, 9:45:03 am UTC) from IN — Scanned from NL

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 17 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.crichd.to.

This is the only time cdn.crichd.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.109.87.20 23.109.87.20	7979 (SERVERS-COM) (SERVERS-COM)
1	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
2	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
4	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
4	2606:4700::68... 2606:4700::6810:5b06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e2:... 2606:4700:e2::ac40:8b25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.70.33 104.21.70.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:610	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3035::6815:2e3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	45.154.206.73 45.154.206.73	48357 (K4X) (K4X)
45	20

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.crichd.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.109.87.20 (Netherlands)

ASN7979 (SERVERS-COM, US)

naivescorries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

sstatic1.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sportsonline.sx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

atservineor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

nanouwho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5b06 (United States)

ASN13335 (CLOUDFLARENET, US)

celeritascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4bab (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8b25 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.70.33 (None, )

ASN13335 (CLOUDFLARENET, US)

l911ej0ei3363y3.opposepresent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:610 (United States)

ASN13335 (CLOUDFLARENET, US)

swarm.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:2e3f (United States)

ASN13335 (CLOUDFLARENET, US)

awstats.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.154.206.73 (United Kingdom)

ASN48357 (K4X, EE)

htjaaikwrbxk.cdnexpress59.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	histats.com sstatic1.histats.com — Cisco Umbrella Rank: 62996 s10.histats.com — Cisco Umbrella Rank: 12395 s4.histats.com — Cisco Umbrella Rank: 11738	10 KB
4	cdnexpress59.net htjaaikwrbxk.cdnexpress59.net	1 MB
4	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 33131	3 KB
4	amung.us 2 redirects whos.amung.us — Cisco Umbrella Rank: 13356 widgets.amung.us — Cisco Umbrella Rank: 20985	4 KB
4	celeritascdn.com celeritascdn.com — Cisco Umbrella Rank: 517103	126 KB
4	nanouwho.com nanouwho.com — Cisco Umbrella Rank: 35602	145 KB
4	crichd.to cdn.crichd.to	22 KB
3	opposepresent.net l911ej0ei3363y3.opposepresent.net	36 KB
3	naivescorries.com naivescorries.com — Cisco Umbrella Rank: 166200	5 KB
2	awstats.cloud awstats.cloud — Cisco Umbrella Rank: 625437	2 KB
2	atservineor.com atservineor.com — Cisco Umbrella Rank: 353862	29 KB
2	sportsonline.sx sportsonline.sx — Cisco Umbrella Rank: 394906	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	817 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	142 KB
1	swarm.video swarm.video — Cisco Umbrella Rank: 451224	134 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9487	542 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 6533	2 KB
45	17

	Domain	Requested by
4	htjaaikwrbxk.cdnexpress59.net	swarm.video
4	youradexchange.com	celeritascdn.com
4	celeritascdn.com	sportsonline.sx celeritascdn.com l911ej0ei3363y3.opposepresent.net
4	nanouwho.com	atservineor.com nanouwho.com
4	cdn.crichd.to	cdn.crichd.to
3	l911ej0ei3363y3.opposepresent.net	sportsonline.sx l911ej0ei3363y3.opposepresent.net
3	naivescorries.com	cdn.crichd.to
2	awstats.cloud	l911ej0ei3363y3.opposepresent.net awstats.cloud
2	widgets.amung.us	sportsonline.sx l911ej0ei3363y3.opposepresent.net
2	whos.amung.us	2 redirects
2	atservineor.com	cdn.crichd.to
2	s4.histats.com	s10.histats.com
2	s10.histats.com	cdn.crichd.to sportsonline.sx
2	sportsonline.sx	cdn.crichd.to sportsonline.sx
1	fonts.googleapis.com	l911ej0ei3363y3.opposepresent.net
1	cdn.jsdelivr.net	l911ej0ei3363y3.opposepresent.net
1	swarm.video	l911ej0ei3363y3.opposepresent.net
1	my.rtmark.net	atservineor.com
1	sstatic1.histats.com	cdn.crichd.to
1	i.imgur.com	cdn.crichd.to
45	20

This site contains no links.

Subject Issuer	Validity	Valid
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
sportsonline.sx GTS CA 1P5	`2023-06-05` - `2023-09-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
nanouwho.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-04-23` - `2023-07-22`	3 months	crt.sh
opposepresent.net GTS CA 1P5	`2023-05-22` - `2023-08-20`	3 months	crt.sh
swarm.video GTS CA 1P5	`2023-06-04` - `2023-09-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
awstats.cloud E1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
htjaaikwrbxk.cdnexpress59.net R3	`2023-06-01` - `2023-08-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Frame ID: 82C31AD2D5820D845137D0F063D34A1E
Requests: 13 HTTP requests in this frame

Frame: https://sportsonline.sx/channels/pt/sporttv1.php
Frame ID: 46E61A865364912EFB93D4AB890F9D2D
Requests: 9 HTTP requests in this frame

Frame: http://cdn.crichd.to/ad.html
Frame ID: 90D553280C2C62AEE21452487A73D0FA
Requests: 2 HTTP requests in this frame

Frame: http://cdn.crichd.to/ad.html
Frame ID: 0057B716DCB2210E059035EAED1DFF82
Requests: 2 HTTP requests in this frame

Frame: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Frame ID: 5210D415DC7F3D6B7BB898C50C253D78
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sptv1 Live Streaming

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

45
Requests

71 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

20
IPs

6
Countries

1805 kB
Transfer

3914 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=1719&c=000000ffffff&p=left

Request Chain 31

https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=3211&c=000000ffffff&p=left

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request embed2.php Show response
cdn.crichd.to/ 60 KB
20 KB 148ms
107ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d764736abc4779680e00e1192d891e4b96bef235e818e779fb7e754aa144687

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 124
CF-Cache-Status: DYNAMIC
CF-RAY: 7d8a5b64994dbbd4-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Jun 2023 09:44:58 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu9K0Yu6NCwo1AGinsPz1uru9vFLw%2F7x2pMJcmh%2BsCeknUvOp4H5gmmoCpSX0zUhSooUOOJ4l22g8gYO9mITrmVeEejdCMUaxyyjvEh24avx%2FGoyuhJSSywv2sht5XtGwbiOW8JM3HVE8IMG"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 varnish (Varnish/6.2)
X-Varnish: 124839251 143509907
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 55911 Show response
naivescorries.com/teekJi5pBIYbSj/ 5 B
2 KB 74ms
22ms Script
application/javascript 23.109.87.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

http://naivescorries.com/teekJi5pBIYbSj/55911

Requested by

Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2

Protocol

HTTP/1.1

Server

23.109.87.20 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: http://cdn.crichd.to
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 AW6QOE1.png
i.imgur.com/ 1 KB
2 KB 70ms
21ms Image
image/png 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/AW6QOE1.png

Requested by

Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f8f6cffc0c6fc6e0b8883ada74bfe1711a0298ae8559087b93ab9fd39a014349

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 756143
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1171
x-served-by: cache-iad-kcgs7200022-IAD, cache-fra-eddf8230021-FRA
last-modified: Fri, 10 Jan 2014 05:05:50 GMT
server: cat factory 1.0
x-timer: S1686995098.496894,VS0,VE1
etag: "6e305ad6a7b8bba734125c50cd691d67"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 88ukJvls_iLaFNb74_hB3EI14GbsOFrvnb8CTPJQW3ErBVDjPJ2Sog==
x-cache-hits: 2944, 1

GET
H/1.1 200
OK 0.gif
sstatic1.histats.com/ 43 B
163 B 295ms
95ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sstatic1.histats.com/0.gif?2162255&101
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sporttv1.php Show response
sportsonline.sx/channels/pt/ Frame 46E6 3 KB
2 KB 309ms
251ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sportsonline.sx/channels/pt/sporttv1.php
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 9fd65ec1b7b53c315f4d3e7ac9c107daf9d1ee1f78297c793b4f8a097acf8717

Request headers

Referer: http://cdn.crichd.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d8a5b65ae3f9219-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:44:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR%2FPAWZbRpQogqAoEcou5NN5BDoZ6wPSqZYEjRpy6nwc8pXZz3WU%2FNFrU1RiEgMj2rOJhrVI7sptL%2B39u04Bd2SdE9CEPBPsdJt0qBlpzCALN1yEvlEVdy0A2hUIrkNsdh76qsLWRBiUlM1x%2BBY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34

GET
H/1.1 200
OK ad.html Show response
cdn.crichd.to/ Frame 90D5 125 B
863 B 121ms
101ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.crichd.to/ad.html
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c845425061a72ba989890d60508e12106913f019966cecda8f6e1743c1f499

Request headers

Referer: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 124
CF-Cache-Status: DYNAMIC
CF-RAY: 7d8a5b657e719a39-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 17 Jun 2023 09:44:58 GMT
Last-Modified: Tue, 28 Mar 2023 11:35:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r11guOrZUqOFT9njDJbbh6Xwk%2FgFnWfnX01Py4kyCnnUSjjWucxfEN2hsA2psjkXsXRtbGdoaa3tcHx8Drt4JA0OqQ5vPnl4E2NHvERA1QyM2TAKx9L7oZNkr1L4nuZZgm4lA7gv12sfsJ4"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 varnish (Varnish/6.2)
X-Varnish: 143317450 143509912
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK ad.html Show response
cdn.crichd.to/ Frame 0057 125 B
860 B 128ms
108ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.crichd.to/ad.html
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c845425061a72ba989890d60508e12106913f019966cecda8f6e1743c1f499

Request headers

Referer: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7d8a5b657c433633-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 17 Jun 2023 09:44:58 GMT
Last-Modified: Tue, 28 Mar 2023 11:35:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK8zgQuVVrgA5sw2OLBee0U%2B5ZawOShusqm2zQkYvn9%2BMBuaQkARN8nRNON3HL0%2FqS4FkNxOxKZwEQE7lXVAOg2OamwFSNgeXU2P2NtLocnWwYV8S7VL6iYjgHkarUUaaOvE2ogTextqtreW"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 varnish (Varnish/6.2)
X-Varnish: 143623967 143317451
alt-svc: h3=":443"; ma=86400

GET
H2 200 js15.js Show response
s10.histats.com/ 11 KB
4 KB 97ms
37ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15.js
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://cdn.crichd.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 63962
etag: "980881274"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7d8a5b65ccb41e50-FRA
content-length: 4405

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 303ms
97ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2162255&@f16&@g1&@h1&@i1&@j1686995098557&@k0&@l1&@msptv1%20Live%20Streaming&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:183891322&@b3:1686995099&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcdn.crichd.to%2Fembed2.php%3Fid%3Dsptv1%26vw%3D620%26vh%3D460%26p%3D2&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ca718ec9361fa440d801cf27f11c75ff0ad4010dc13629233cff02fc8cc3aa83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

HEAD
H/1.1 200
OK embed2.php Show response
cdn.crichd.to/ 0
651 B 71ms
70ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Via: 1.1 varnish (Varnish/6.2)
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwSu%2BeJ%2BOh%2BsYw2ib45ZdL30YeWFl3Y9sXfCXyLd0nZSnMYhD49916Lmj%2BV3n1i3BQp6p7KHVKp6lD056xtmHaBIg6GhAhYqJo1CmLCZnS6OhoFJtg1OxcQJ4tWF%2F8lTekEe6Jia7JfE0RAY"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
X-Varnish: 142955056
Connection: keep-alive
CF-RAY: 7d8a5b666d263633-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 55911 Show response
naivescorries.com/teekJi5pBIYbSj/ Frame 90D5 5 B
2 KB 22ms
22ms Script
application/javascript 23.109.87.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

http://naivescorries.com/teekJi5pBIYbSj/55911

Requested by

Host: cdn.crichd.to
URL: http://cdn.crichd.to/ad.html

Protocol

HTTP/1.1

Server

23.109.87.20 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: http://cdn.crichd.to
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H/1.1 200
OK 55911 Show response
naivescorries.com/teekJi5pBIYbSj/ Frame 0057 5 B
2 KB 33ms
21ms Script
application/javascript 23.109.87.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

http://naivescorries.com/teekJi5pBIYbSj/55911

Requested by

Host: cdn.crichd.to
URL: http://cdn.crichd.to/ad.html

Protocol

HTTP/1.1

Server

23.109.87.20 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: http://cdn.crichd.to
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H/1.1 200
OK / Show response
atservineor.com/5/3950893/ 3 KB
3 KB 44ms
16ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://atservineor.com/5/3950893/?oo=1&aab=1
Requested by: Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2
Protocol: HTTP/1.1
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7159f4e99e53e4bdd718beb98c87bec293eb78e9bc8a1ebd6486d35e4aacc877

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 3e8ba2c9942d30b75c5434d0073f926c
Pragma: no-cache, no-cache
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://cdn.crichd.to
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
atservineor.com/ 76 KB
27 KB 58ms
13ms Script
text/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://atservineor.com/tag.min.js

Requested by

Host: cdn.crichd.to
URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2

Protocol

HTTP/1.1

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d47fd3d95f10998b20c9e29bb7a8c00caa835fbfec52cc29eb0bb380c511144a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Connection: keep-alive
Content-Length: 26336
X-Trace-Id: 9e30fd9a1ef72fc1b3c4b860097b36e5
Pragma: no-cache
Last-Modified: Fri, 16 Jun 2023 11:46:05 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 1 Show response
nanouwho.com/ 42 KB
16 KB 43ms
16ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nanouwho.com/1?z=3961139
Requested by: Host: atservineor.com
URL: http://atservineor.com/tag.min.js
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7a695e8ec0ba201aad70f0376defe34848f47573b88f77e0960c94674b4de870

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 5fc3e38a5dd3a47c917791c0e927ac92
Pragma: no-cache
X-Sc: OduYWOFgFf56VAf1YmthUy856vmGus3uc3Fr2T763pqKxk4LHKITxbygSjU0XZZnavmm4D1HED2BW7ZgL1qruN56mCs=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 55ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=15601c0006bd403d912f4018e942c489

Requested by

Host: atservineor.com
URL: http://atservineor.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

58fc21f4f8a9d8f1c68ea2d9ab511e0d0c85f85e4c5ac52eb2d72ce16c84fac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://cdn.crichd.to
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 antd.js Show response
celeritascdn.com/script/ Frame 46E6 108 KB
36 KB 110ms
36ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/antd.js
Requested by: Host: sportsonline.sx
URL: https://sportsonline.sx/channels/pt/sporttv1.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4a86b03da6c426a5754d53aab90a63b087cc5719d56f3cba396574248a53e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2657
x-guploader-uploadid: ADPycdvm0GwXcyskuCZ_WEsJOdYK3Zhq50ICRVQp-ORnfgQ23DaeMQDPoAo93boSgkmv2kydcD2b0xHfKmF_EM8Vh2xJW8pJuEZV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 16 Jun 2023 08:20:30 GMT
server: cloudflare
etag: W/"c195f621c55f7f4891a3f508e4abc9e9"
vary: Accept-Encoding
x-goog-hash: crc32c=rP9R3Q==, md5=wZX2IcVff0iRo/UI5KvJ6Q==
x-goog-generation: 1686903630877353
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 110518
cf-ray: 7d8a5b67ce5e3a5c-FRA
expires: Sat, 17 Jun 2023 13:44:58 GMT

GET
H2 200 SCCfwxq.png
sportsonline.sx/channels/pt/ Frame 46E6 1 KB
2 KB 27ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sportsonline.sx/channels/pt/SCCfwxq.png
Requested by: Host: sportsonline.sx
URL: https://sportsonline.sx/channels/pt/sporttv1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/channels/pt/sporttv1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Dec 2021 14:48:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6173
etag: "61af7434-4c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWQmQstLYCDuaVXo926lqivewtToVe%2Fdyn7VIpD3jtNeWK%2FcO4VI73Nb2pl%2BUcfEv6trL2qtvZnprof6P9QIYHeNudEEvVQDv7IxEZfI7BfyJ89Mm83Zg20wDVLfJgsGx5fwzxAZtBQKrGSvBnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d8a5b6748aa9219-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1220

GET
H2

200

/
widgets.amung.us/draw/ Frame 46E6
Redirect Chain

https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=1719&c=000000ffffff&p=left

1 KB
2 KB

366ms
348ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=1719&c=000000ffffff&p=left
Requested by: Host: sportsonline.sx
URL: https://sportsonline.sx/channels/pt/sporttv1.php
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06fa76a44b211b7a044e23b9c8445bbbf869a1f66ea46faa18f07306bf865e89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Jun 2023 09:44:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 7d8a5b6948925c38-FRA
expires: Sun, 18 Jun 2023 09:44:59 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=1719&c=000000ffffff&p=left
date: Sat, 17 Jun 2023 09:44:59 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d8a5b679e765c38-FRA
content-type: text/html; charset=UTF-8

GET
H2 200 13fa4a205678e8f27355aaf1d3b549f6 Show response
nanouwho.com/27/ 404 KB
128 KB 45ms
13ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nanouwho.com/27/13fa4a205678e8f27355aaf1d3b549f6

Requested by

Host: nanouwho.com
URL: http://nanouwho.com/1?z=3961139

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ef970a57abf3de0dc518d7c8df3c75c42d18fabe1ca7a196b923ece178034b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://cdn.crichd.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 47274f4b4bf70c75cdb8b48c481b5fa0
date: Sat, 17 Jun 2023 09:44:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Tue, 13 Jun 2023 07:14:19 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Tue, 13 Jul 2083 07:14:19 GMT

POST
H2 200 9 Show response
nanouwho.com/ 7 B
758 B 16ms
16ms XHR
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nanouwho.com/9?z=3961139&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fcdn.crichd.to%2Fembed2.php%3Fid%3Dsptv1%26vw%3D620%26vh%3D460%26p%3D2&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&oaid=15601c0006bd403d912f4018e942c489
Requested by: Host: nanouwho.com
URL: https://nanouwho.com/27/13fa4a205678e8f27355aaf1d3b549f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: http://cdn.crichd.to/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 76856898ea8ab8436ce7e78ca55920cd
pragma: no-cache
date: Sat, 17 Jun 2023 09:44:58 GMT
x-sc: KIcXnZRPDm1gx_6jlZFw4QMW0mbarsL12bvQR9bt4XqHJabpnIDMl_WQmN36QT3gxrNC9R3IT-70lDjBoxCWIBfsXe4=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: http://cdn.crichd.to
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
nanouwho.com/ Frame 0
0 43ms
13ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nanouwho.com/9?z=3961139&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fcdn.crichd.to%2Fembed2.php%3Fid%3Dsptv1%26vw%3D620%26vh%3D460%26p%3D2&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&oaid=15601c0006bd403d912f4018e942c489
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://cdn.crichd.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://cdn.crichd.to
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Jun 2023 09:44:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 ut.js Show response
celeritascdn.com/script/ Frame 46E6 80 KB
27 KB 29ms
29ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/ut.js?cb=1686995098935
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/antd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758519148bca76af1cfe30b12896dc40207967dd283a8aec6281588d07cb433a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1066
x-guploader-uploadid: ADPycdsp18FwDL_lVZbGv4N4kHr2WgGbYBaONzxtMQc-SxGfVw2cknezlcsBuy20NwszJ96OZkWlcLQM5RAqRhi5qPSJbSepjSwF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 30 May 2023 12:36:05 GMT
server: cloudflare
etag: W/"4549edd6adc0674f59e20ade3b3f8b23"
vary: Accept-Encoding
x-goog-hash: crc32c=e/HddQ==, md5=RUnt1q3AZ09Z4greOz+LIw==
x-goog-generation: 1685450165695067
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 82158
cf-ray: 7d8a5b686f3a3a5c-FRA
expires: Sat, 17 Jun 2023 13:44:58 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame 46E6 1 KB
1 KB 293ms
231ms Fetch
application/json 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=4827899&cbur=0.33222181180913957&cbiframe=1&cbWidth=1600&cbHeight=460&cbtitle=&cbpage=http%3A%2F%2Fcdn.crichd.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0&ts=1686995098942
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/antd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f8cc1efc38839f4834c8850d5baba48da29ec2f6015d601c2ab81631f6c0aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuMKxUS4PuhtHdQjJERXE%2B9Xp%2FP9G%2FaS4RcISEyew8sM0lmR0bGabbg4dkTLVztZ2RW3k5iJocarqGee8sD%2FpZDbeUSV7AO%2F86%2B7CCApSsal4uJhqYvqDJIPKlElzbpdm6PeqwV7UDolP%2FWl993DisI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7d8a5b68db149202-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 b5r01up6xuiica Show response
l911ej0ei3363y3.opposepresent.net/embed/ Frame 5210 9 KB
4 KB 194ms
139ms Document
text/html 104.21.70.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Requested by: Host: sportsonline.sx
URL: https://sportsonline.sx/channels/pt/sporttv1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b086271bdbbf14b4a282f537912f411ba8812acc550f27f97fe3573b2546c223

Request headers

Referer: https://sportsonline.sx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d8a5b68c80818c3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:44:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xq31VhoGGiW1pDldzhX0WAaLmBMoynihYlPSKXtsWIjGAbQjyFOOt2zngHPpIsHPcaXiEozJqWFMJ3%2FiXCTkA7XMOlx3KaXqv4aiRgpAXGCT6uOSWCLlTWaOSmnKKZ30oIDkkGFJDOVza%2FpOIdOGLoR53s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 46E6 11 KB
5 KB 31ms
30ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: sportsonline.sx
URL: https://sportsonline.sx/channels/pt/sporttv1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 64020
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7d8a5b68780c1e50-FRA
content-length: 4547

POST
H2 204 hb.php
youradexchange.com/ut/ Frame 46E6 0
415 B 194ms
150ms Ping
text/plain 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.7415375390973304
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/ut.js?cb=1686995098935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sportsonline.sx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzqluMpTvs2WkLfIApyphbyBrUWzH3C3%2BmTFyaIPYIyLgfrByqo%2BYlUhuEj9AFEZZYs4Jb1lJQcnQQWN4TdHipRCPDDPj3MlI8i8OStr4YgDM3ymsMlUl6lmz7rw5LOb1KCBXctJe3ly%2FoN2XiXdzYY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d8a5b68fb7e9c0a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 46E6 52 B
186 B 283ms
94ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fcdn.crichd.to%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-52768083&@b3:1686995099&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsportsonline.sx%2Fchannels%2Fpt%2Fsporttv1.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 3d21573f6fc4e9b199b66e14c2acfdb77c9687d830817c96b43078710854d815

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sportsonline.sx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:44:59 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 embed.min.css
l911ej0ei3363y3.opposepresent.net/css/ Frame 5210 1 KB
898 B 27ms
25ms Stylesheet
text/css 104.21.70.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l911ej0ei3363y3.opposepresent.net/css/embed.min.css?v=0.4
Requested by: Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8760
etag: W/"62a1c21c-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQAm93ybM6QKkmFDc8iZpMORKe4UJoq%2Fw0Ndw0Tin%2FdUV59HsI6BjIqK0kp5MFVhI34x7rSra7RBCvEjAgKCUPwHV1Q5dd30bW3lTLRrH%2Bcgyk8aUh12hSltkD1p92SvdGawmlcc5O6vusKX1q1ZvuoQ74I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=608400
cf-ray: 7d8a5b69b9a618c3-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 08:18:59 GMT

GET
H2 200 jquery.min.js Show response
l911ej0ei3363y3.opposepresent.net/js/ Frame 5210 85 KB
31 KB 29ms
28ms Script
application/javascript 104.21.70.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l911ej0ei3363y3.opposepresent.net/js/jquery.min.js
Requested by: Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8763
etag: W/"5fa984ce-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bThb9FMa7KS2BQEFLPzTtUpH%2FkdXGB4je3fMCbf3D6UZI%2BD9GWMGvgZleQeFAAqTA1xR0hdT4A2xS0Nz3D%2F7PCaOLaaQwELk0sm%2BlGrJvQXaRQriJ5LNaXyAblt9TQ2eoiClJRuQlfYJw1X2cZi4FuescEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=608400
cf-ray: 7d8a5b69b9a818c3-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 08:18:56 GMT

GET
H2 200 nsns.js Show response
swarm.video/ Frame 5210 532 KB
134 KB 108ms
41ms Script
application/javascript 2606:4700:3033::6815:610
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/nsns.js?v=1.1
Requested by: Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2110343
cf-polished: origSize=545594
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Feb 2023 19:59:09 GMT
server: cloudflare
etag: W/"8533a-1865bcf2c90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L8GHLhOXB53lS0r9AWE39n3e96kEZ9PVVrQEnzTzI%2F8qZcRQBqC3Y6HdNV8%2BUMrjTdy94e%2FIATfaXTnjj1NVcwOnArF02YOPrhnzAjKUyqH4KB4QgZbUPQKCtucA8%2F%2BgmEcquLfeXoX1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7d8a5b6a1e55377c-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5210 513 KB
142 KB 58ms
15ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:44:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19730
x-jsd-version: 0.3.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
x-served-by: cache-fra-eddf8230067-FRA, cache-ams21072-AMS
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

/
widgets.amung.us/draw/ Frame 5210
Redirect Chain

https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=3211&c=000000ffffff&p=left

2 KB
2 KB

27ms
26ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=3211&c=000000ffffff&p=left
Requested by: Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b04bd104c66156b647c4de54d1bcb4260192dfd9b42efdbe6478017126beef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 23:52:15 GMT
server: cloudflare
age: 35564
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 7d8a5b6a9a035c38-FRA
expires: Sat, 17 Jun 2023 23:52:15 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=3211&c=000000ffffff&p=left
date: Sat, 17 Jun 2023 09:44:59 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d8a5b69b9165c38-FRA
content-type: text/html; charset=UTF-8

GET
H2 200 plausible.js Show response
awstats.cloud/js/ Frame 5210 1 KB
1 KB 111ms
53ms Script
application/javascript 2606:4700:3035::6815:2e3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awstats.cloud/js/plausible.js

Requested by

Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abki%2BO9KVG3KHgxNEyjYQ1VSFwofwjBymg3K5OGXXlZpGjGdOlSwN%2BU%2BxvCOi4iiGThvNuDZodSDKdgjI9thydP5xFbQLf4TyD4UFDzPZbt1hepmUdiyWJvLI11tBvPDZL7YKcoNTXHtduW7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
cf-ray: 7d8a5b6a19f2928f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 5210 1 KB
817 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/css/embed.min.css?v=0.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 08:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 09:44:59 GMT

GET
H2 200 antd.js Show response
celeritascdn.com/script/ Frame 5210 108 KB
36 KB 30ms
30ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/antd.js
Requested by: Host: l911ej0ei3363y3.opposepresent.net
URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4a86b03da6c426a5754d53aab90a63b087cc5719d56f3cba396574248a53e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2658
x-guploader-uploadid: ADPycdvm0GwXcyskuCZ_WEsJOdYK3Zhq50ICRVQp-ORnfgQ23DaeMQDPoAo93boSgkmv2kydcD2b0xHfKmF_EM8Vh2xJW8pJuEZV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 16 Jun 2023 08:20:30 GMT
server: cloudflare
etag: W/"c195f621c55f7f4891a3f508e4abc9e9"
vary: Accept-Encoding
x-goog-hash: crc32c=rP9R3Q==, md5=wZX2IcVff0iRo/UI5KvJ6Q==
x-goog-generation: 1686903630877353
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 110518
cf-ray: 7d8a5b6afa263a5c-FRA
expires: Sat, 17 Jun 2023 13:44:59 GMT

POST
H3 202 event Show response
awstats.cloud/api/ Frame 5210 2 B
520 B 242ms
194ms XHR
text/plain 2606:4700:3035::6815:2e3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://awstats.cloud/api/event
Requested by: Host: awstats.cloud
URL: https://awstats.cloud/js/plausible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://l911ej0ei3363y3.opposepresent.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHh3JhzSmY8lVdGKbBUEIC916Frox12iFSPoAseFPyepc%2Fe7u6%2BI7okF7h2W20ZRA%2BSlsaVS7Xp%2FJePdXUgO4Wj4AqLVNa1kjM%2BlxvCOnVMESH39wWeAGoec5RAdS8zqeeK9swS9VVrvUj7t"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d8a5b6b4ef03657-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F2lpGtzV4BYbLpEExiOD

GET
H2 200 ut.js Show response
celeritascdn.com/script/ Frame 5210 80 KB
27 KB 31ms
31ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/ut.js?cb=1686995099401
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/antd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758519148bca76af1cfe30b12896dc40207967dd283a8aec6281588d07cb433a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1067
x-guploader-uploadid: ADPycdsp18FwDL_lVZbGv4N4kHr2WgGbYBaONzxtMQc-SxGfVw2cknezlcsBuy20NwszJ96OZkWlcLQM5RAqRhi5qPSJbSepjSwF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 30 May 2023 12:36:05 GMT
server: cloudflare
etag: W/"4549edd6adc0674f59e20ade3b3f8b23"
vary: Accept-Encoding
x-goog-hash: crc32c=e/HddQ==, md5=RUnt1q3AZ09Z4greOz+LIw==
x-goog-generation: 1685450165695067
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 82158
cf-ray: 7d8a5b6b5aa33a5c-FRA
expires: Sat, 17 Jun 2023 13:44:59 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame 5210 1 KB
1 KB 250ms
249ms Fetch
application/json 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5954546&cbur=0.9914880174839718&cbiframe=1&cbWidth=1600&cbHeight=460&cbtitle=&cbpage=https%3A%2F%2Fsportsonline.sx%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0&ts=1686995099416
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/antd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eaa24e745914d8a26ebcaf6e23b2c04b0bc223c9853132f96d2a200533887e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlQp4IwrdlFOK6h5zNUF7cngHGXvpMegwbH3ymAf7z7W3rWoh3q7CjaGUIGwmw6yE9P4Sw746Fp0CYGj77qZPghAQXmQuWtnBtZKNUYMHjiZW1Kwin4jkC0rgcmqJxOp84aX18hxfHFIMF%2FJby663cs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7d8a5b6b6d729202-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 hb.php
youradexchange.com/ut/ Frame 5210 0
266 B 147ms
146ms Ping
text/plain 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.03907723053705925
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/ut.js?cb=1686995099401
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://l911ej0ei3363y3.opposepresent.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sat, 17 Jun 2023 09:44:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko%2FDXeH2QK38Dr%2ByDG3LTHPLOWEsWu5T2kCRz8TLFK0AHMDDfm6v2EYufPWEw%2BPfktfCA7g2u3xI3dMl83Dk4m6YdufMy0MXidK7QiB%2FUjwtI0yE5REaujntK9LkkrQUtFC3elirhrLPSw%2BOV7Wi5dI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d8a5b6bae949c0a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK b5r01up6xuiica.m3u8 Show response
htjaaikwrbxk.cdnexpress59.net/hls/ Frame 5210 935 B
1 KB 69ms
13ms XHR
application/vnd.apple.mpegurl 45.154.206.73
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://htjaaikwrbxk.cdnexpress59.net:8443/hls/b5r01up6xuiica.m3u8?s=3ZtmVeToQrU6Xv-bX0lALQ&e=1687016699
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.73 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 911086f4cd9cc52d7ec0523b250f3fa9e610d2596cce343982d534c005769e26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:45:02 GMT
Last-Modified: Sat, 17 Jun 2023 09:44:59 GMT
Server: nginx/1.18.0
ETag: "648d809b-3a7"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 935

GET
H/1.1 200
OK b5r01up6xuiica.m3u8 Show response
htjaaikwrbxk.cdnexpress59.net/hls/ Frame 5210 935 B
1 KB 13ms
13ms XHR
application/vnd.apple.mpegurl 45.154.206.73
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://htjaaikwrbxk.cdnexpress59.net:8443/hls/b5r01up6xuiica.m3u8?s=3ZtmVeToQrU6Xv-bX0lALQ&e=1687016699
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.73 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 911086f4cd9cc52d7ec0523b250f3fa9e610d2596cce343982d534c005769e26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:45:02 GMT
Last-Modified: Sat, 17 Jun 2023 09:44:59 GMT
Server: nginx/1.18.0
ETag: "648d809b-3a7"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 935

GET
BLOB 200
OK 5dc594a1-47cf-46f6-b16c-56e761bdee91
https://l911ej0ei3363y3.opposepresent.net/ Frame 5210 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://l911ej0ei3363y3.opposepresent.net/5dc594a1-47cf-46f6-b16c-56e761bdee91
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H/1.1 200
OK b5r01up6xuiica-247226400.ts Show response
htjaaikwrbxk.cdnexpress59.net/hls/ Frame 5210 1 MB
1 MB 26ms
25ms XHR
video/mp2t 45.154.206.73
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://htjaaikwrbxk.cdnexpress59.net:8443/hls/b5r01up6xuiica-247226400.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.73 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7c911217f42793d07b9e1a6c2db6f60dc2d175a9671ea0d5dd19e778bab376d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:45:02 GMT
Last-Modified: Sat, 17 Jun 2023 09:44:05 GMT
Server: nginx/1.18.0
ETag: "648d8065-11cd88"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1166728

GET
H/1.1 200
OK b5r01up6xuiica-247976370.ts
htjaaikwrbxk.cdnexpress59.net/hls/ Frame 5210 576 KB
0 56ms
29ms XHR
video/mp2t 45.154.206.73
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://htjaaikwrbxk.cdnexpress59.net:8443/hls/b5r01up6xuiica-247976370.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.73 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://l911ej0ei3363y3.opposepresent.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:45:02 GMT
Last-Modified: Sat, 17 Jun 2023 09:44:09 GMT
Server: nginx/1.18.0
ETag: "648d8069-9b5dc"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 636380

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstCfa2162255 Value: 1686995098557
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstCla2162255 Value: 1686995098557
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstCmu2162255 Value: 1686995098557
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstPn2162255 Value: 1
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstPt2162255 Value: 1
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstCnv2162255 Value: 1
cdn.crichd.to/	1970-01-20 21:22:11	Name: HstCns2162255 Value: 1
my.rtmark.net/	1970-01-20 21:22:11	Name: ID Value: 15601c0006bd403d912f4018e942c489
nanouwho.com/	1970-01-20 21:22:11	Name: scm Value: 1
nanouwho.com/	1970-01-20 21:22:11	Name: OAID Value: 15601c0006bd403d912f4018e942c489
nanouwho.com/	1970-01-20 21:22:11	Name: oaidts Value: 1686995098
l911ej0ei3363y3.opposepresent.net/	1970-01-20 12:37:18	Name: hf3 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://cdn.crichd.to/embed2.php?id=sptv1&vw=620&vh=460&p=2(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering	warning	URL: https://l911ej0ei3363y3.opposepresent.net/embed/b5r01up6xuiica(Line 5) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atservineor.com
awstats.cloud
cdn.crichd.to
cdn.jsdelivr.net
celeritascdn.com
fonts.googleapis.com
htjaaikwrbxk.cdnexpress59.net
i.imgur.com
l911ej0ei3363y3.opposepresent.net
my.rtmark.net
naivescorries.com
nanouwho.com
s10.histats.com
s4.histats.com
sportsonline.sx
sstatic1.histats.com
swarm.video
whos.amung.us
widgets.amung.us
youradexchange.com
104.21.70.33
139.45.195.8
139.45.197.242
139.45.197.244
146.75.116.193
149.56.240.127
149.56.240.128
23.109.87.20
2606:4700:10::6814:41d
2606:4700:10::6816:4bab
2606:4700:3033::6815:610
2606:4700:3035::6815:2e3f
2606:4700::6810:5b06
2606:4700:e2::ac40:8b25
2a00:1450:4001:82b::200a
2a04:4e42:600::485
2a06:98c1:3120::3
2a06:98c1:3121::3
45.154.206.73
01f8cc1efc38839f4834c8850d5baba48da29ec2f6015d601c2ab81631f6c0aa
06b04bd104c66156b647c4de54d1bcb4260192dfd9b42efdbe6478017126beef
06fa76a44b211b7a044e23b9c8445bbbf869a1f66ea46faa18f07306bf865e89
0eaa24e745914d8a26ebcaf6e23b2c04b0bc223c9853132f96d2a200533887e6
1c4a86b03da6c426a5754d53aab90a63b087cc5719d56f3cba396574248a53e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3d21573f6fc4e9b199b66e14c2acfdb77c9687d830817c96b43078710854d815
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
58c845425061a72ba989890d60508e12106913f019966cecda8f6e1743c1f499
58fc21f4f8a9d8f1c68ea2d9ab511e0d0c85f85e4c5ac52eb2d72ce16c84fac1
5d764736abc4779680e00e1192d891e4b96bef235e818e779fb7e754aa144687
7159f4e99e53e4bdd718beb98c87bec293eb78e9bc8a1ebd6486d35e4aacc877
758519148bca76af1cfe30b12896dc40207967dd283a8aec6281588d07cb433a
7a695e8ec0ba201aad70f0376defe34848f47573b88f77e0960c94674b4de870
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
7c911217f42793d07b9e1a6c2db6f60dc2d175a9671ea0d5dd19e778bab376d6
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
911086f4cd9cc52d7ec0523b250f3fa9e610d2596cce343982d534c005769e26
9fd65ec1b7b53c315f4d3e7ac9c107daf9d1ee1f78297c793b4f8a097acf8717
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
b086271bdbbf14b4a282f537912f411ba8812acc550f27f97fe3573b2546c223
ca718ec9361fa440d801cf27f11c75ff0ad4010dc13629233cff02fc8cc3aa83
d47fd3d95f10998b20c9e29bb7a8c00caa835fbfec52cc29eb0bb380c511144a
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef970a57abf3de0dc518d7c8df3c75c42d18fabe1ca7a196b923ece178034b61
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f8f6cffc0c6fc6e0b8883ada74bfe1711a0298ae8559087b93ab9fd39a014349

cdn.crichd.to Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

71 %HTTPS

53 %IPv6

17 Domains

20 Subdomains

20 IPs

6 Countries

1805 kBTransfer

3914 kBSize

12 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cdn.crichd.to Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

71 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

20
IPs

6
Countries

1805 kB
Transfer

3914 kB
Size

12
Cookies

45 HTTP transactions
0 data transactions