crichd.gq Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://crichd.gq/s1.php
Submission: On November 29 via manual (November 29th 2022, 1:22:41 am UTC) from IN — Scanned from NL

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is crichd.gq.
TLS certificate: Issued by E1 on November 8th 2022. Valid for: 3 months.

This is the only time crichd.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	136.243.4.18 136.243.4.18	24940 (HETZNER-AS) (HETZNER-AS)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	2606:4700:303... 2606:4700:3038::6815:ebb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	95.217.118.95 95.217.118.95	24940 (HETZNER-AS) (HETZNER-AS)
7	2606:50c0:800... 2606:50c0:8003::154	54113 (FASTLY) (FASTLY)
43	17

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

crichd.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

m.live4wap.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3038::6815:ebb6 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

red.redcdn.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

sparkleporedip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.118.95 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.95.118.217.95.clients.your-server.de

kidcdn.redcdn.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3725	2 MB
7	redcdn.cfd 4 redirects red.redcdn.cfd	101 KB
5	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14950	107 KB
4	redcdn.online kidcdn.redcdn.online	22 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2749 ka-f.fontawesome.com — Cisco Umbrella Rank: 5121	23 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 467	220 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 300	109 KB
3	crichd.gq crichd.gq	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	117 KB
1	sparkleporedip.com sparkleporedip.com
1	live4wap.click m.live4wap.click	2 KB
1	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 19322	5 KB
1	gstatic.com fonts.gstatic.com	126 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	869 B
43	15

	Domain	Requested by
7	raw.githubusercontent.com	cdn.jsdelivr.net
7	red.redcdn.cfd	4 redirects m.live4wap.click
5	cdn.plyr.io	crichd.gq m.live4wap.click cdn.plyr.io
4	kidcdn.redcdn.online	cdn.jsdelivr.net
3	ka-f.fontawesome.com	kit.fontawesome.com
3	cdn.jsdelivr.net	crichd.gq m.live4wap.click
3	cdnjs.cloudflare.com	crichd.gq cdnjs.cloudflare.com
3	crichd.gq	crichd.gq
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	crichd.gq m.live4wap.click
1	sparkleporedip.com	m.live4wap.click
1	kit.fontawesome.com	m.live4wap.click
1	m.live4wap.click	crichd.gq
1	ad.a-ads.com	crichd.gq
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	crichd.gq
43	16

This site contains links to these domains. Also see Links.

Domain
tttttt.me

Subject Issuer	Validity	Valid
*.crichd.gq E1	`2022-11-08` - `2023-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.plyr.io GTS CA 1P5	`2022-10-31` - `2023-01-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
*.live4wap.click GTS CA 1P5	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sparkleporedip.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
kidcdn.redcdn.online R3	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://crichd.gq/s1.php
Frame ID: 1637535629704A5E69390388B75F7C22
Requests: 12 HTTP requests in this frame

Frame: https://crichd.gq/1.php
Frame ID: 84A7F4A4C4D411279A17CBFDBDBF780C
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2111862?size=120x60&text_color=a606ee&title_color=eb0606&title_hover_color=d726c3&link_color=0cc216&link_hover_color=1c5f1b
Frame ID: 7E088AE89DD5F0BC9CF103FE0A98E1E6
Requests: 2 HTTP requests in this frame

Frame: https://crichd.gq/em3.php
Frame ID: 0A9A5160AEFB619FFFF55E6679E74F10
Requests: 1 HTTP requests in this frame

Frame: https://m.live4wap.click/embed.php
Frame ID: 725DB9BA2CCF70B86766DCC0A8152ED5
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ASIA CUP 2022 Live

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

86 %
HTTPS

81 %
IPv6

15
Domains

16
Subdomains

17
IPs

3
Countries

3193 kB
Transfer

4605 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tttttt.me/akitvml
Title: Join Our Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://red.redcdn.cfd/red.php?id=1 HTTP 302
https://red.redcdn.cfd/19.png

Request Chain 34

https://red.redcdn.cfd/red.php?id=2 HTTP 302
https://kidcdn.redcdn.online/live/480p.m3u8

Request Chain 35

https://red.redcdn.cfd/red.php?id=1 HTTP 302
https://red.redcdn.cfd/19.png

Request Chain 40

https://red.redcdn.cfd/red.php?id=1 HTTP 302
https://red.redcdn.cfd/19.png

43 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request s1.php Show response
crichd.gq/ 27 KB
5 KB 1086ms
533ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crichd.gq/s1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabd47248cc0afa30e61ce75e4e2661077db8fd24db03c215460617ebecb315f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7717887fbd6ab8c7-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 01:22:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahoF%2BlGP%2FZNbZSWGEoBfK9mc%2BF6OjDNHaIfjJNZFznoy6ufakqxehKtMBYExN9zhbNI4JgnHeF05bdzwW4d09VWSrsw1D5UunhK%2BUw3TU19BJNMQundn0X%2FbmglWHD8Emn6LH1bvoTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 119ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143372155-2

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0715b17222fabd02c351a22bb12eec170a80f7fd06b3bbef2ae0e7634d0d9324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crichd.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43679
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 01:22:36 GMT

GET
H2 200 plyr.css
cdn.plyr.io/3.5.6/ 24 KB
5 KB 104ms
32ms Stylesheet
text/css 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.6/plyr.css
Requested by: Host: crichd.gq
URL: https://crichd.gq/s1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crichd.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H056ZEM8GJXXH91W
age: 2319818
cf-polished: origSize=24885
x-cache: MISS, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EbH80DFG5iZL3boTZL1UO9de6fsusW2BsvkPtphPcS5y7l0bKe5GNKIhsig4B4aVlBGEy25lsMc=
x-served-by: cache-iad-kjyo7100029-IAD, cache-jnb7026-JNB
cf-bgj: minify
last-modified: Fri, 21 Jun 2019 02:30:42 GMT
server: cloudflare
x-timer: S1646306045.598365,VS0,VE0
etag: W/"453448ce115fb0fbace542e40db696e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orsJkg9hjD0fbOQEwbtTK0YTbWEdtAiQn%2BcNMXP%2FdoqIyR7JfvtrFKsycfSzm8t3ZkTCIZbT6s0pQkqYfccR23J1TJyCUkVrNiL4EzfGWiZ1uh%2B56KISAoy1lFLoEh21%2BcckqPHFsfXO"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
cf-ray: 771788839d1b1ca7-AMS
x-cache-hits: 0, 13

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 96ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crichd.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2788396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcKrLqwxf%2FmpPPEDHqVINGv%2ByKBUOOXbWGsh%2Bllwr%2F8Eq%2Bkt7Adb%2BavMiiGMvlyc%2Fz9tgLxxQMV248qMIKsyg4IZkn4Uxyb7WVSAj2Fwprk7E5ft2DxYmPW7dE1tAXSKLfepjQP%2B6mppfUBCQEOfQAMN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77178883892d0bea-AMS
expires: Sun, 19 Nov 2023 01:22:36 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 192ms
59ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crichd.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Nov 2022 01:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 01:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Nov 2022 01:22:36 GMT

GET
H2 200 hls.js@latest Show response
cdn.jsdelivr.net/npm/ 336 KB
98 KB 121ms
46ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@latest

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88fa861d6c2d711a4a0e9c186234ab06f7e0f77b7bda6da22ae50eae6c892570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://crichd.gq/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11361
x-jsd-version: 1.2.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"53f12-sE0TQ3OnDFwsU24CRrmdq93o250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMuuahZCYDCxZqHNXFSTXoeHhxTBELQV1LCor8gFiRh%2FcoIBAlMW%2BcbK3pDFlgWY5Mge5XEUzeC61p9wZZ3qra6RzdTk3OkuSIKE6dNfHqEwnH%2FrYWOnfzJLgKmVnXM1h5ygX6LAeHW%2FAzsw6P4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 771788839ccc41a8-AMS

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.6.8/ 106 KB
33 KB 106ms
35ms Script
application/javascript 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.8/plyr.js
Requested by: Host: crichd.gq
URL: https://crichd.gq/s1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 940fcd0e6f76d0b4a941bdceb34a85cd4840832532fc399d80c7bc3527b636e5

Request headers

Referer: https://crichd.gq/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7G1DF1NNQ874GR98
age: 1180422
cf-polished: origSize=108540
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygrZNQvcHRTegsLk/0t4RdARvLNAo7fI34ZSXkop4vhliBa7Vt5pcc3JY7ptSwe0gHfQSXIlll0=
x-served-by: cache-iad-kiad7000147-IAD, cache-jnb7026-JNB
cf-bgj: minify
last-modified: Wed, 12 May 2021 13:38:58 GMT
server: cloudflare
x-timer: S1646656057.469680,VS0,VE1
etag: W/"88ec1af9f00edcc45977d0b1a6d0f54d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drBjBhuVf%2Bx4yWtkQd%2Fv%2FU0giJPyjgJGUUawB0Gu2aEzTQimxtryDVDyjC9cJf46xLo0zYctjr4nvmStrP3blz6kauPkhCm1sT1aglUuw3oweDXgrtUUhs0ozLu7oojGiEtyzpY8NGox"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 771788839d1e1ca7-AMS
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 99ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://crichd.gq/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2922751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjNPg2GBvHNzCPDnI47nUHyIvsCjPn7jZIt5NbgaR7RpJFON7wKLZfMUg%2F9S0Dgad%2ByVyDA8C5Vt65aXRZC%2F4KyCgxxUBEo97LzgAefs%2Bbd6qQZDyWyA7SDEuaJEWxkDdC%2FyZj3NIBNTPGXFjsdEdkhM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77178883892e0bea-AMS
expires: Sun, 19 Nov 2023 01:22:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143372155-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://crichd.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:15:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 29 Nov 2022 03:15:53 GMT

GET
H2 200 1.php Show response
crichd.gq/ Frame 84A7 156 B
385 B 157ms
157ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crichd.gq/1.php
Requested by: Host: crichd.gq
URL: https://crichd.gq/s1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239d4546413ab65f313ca8c368af3badbd78ac5e0347512353e9c40eeca3bed2

Request headers

Referer: https://crichd.gq/s1.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7717888499a1b8c7-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 01:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyQtDrrUanIPKUHqBi2RBXI%2Bz%2BH6Jkt3GoqK86JucDiAKHf0y3S7LqKRL9ed6ezovLuV2RpkbJsw%2FNFRN5%2FCM4vu4hZBYySB%2BIMGMugjDqh%2Fc5kVbBdffQ%2FNgyvrhk3OiKKlVd0YXlc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 190ms
58ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crichd.gq
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:44:22 GMT
x-content-type-options: nosniff
age: 5895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:44:22 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 60ms
32ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://crichd.gq
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:36 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3487684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xo6JqEVH3dGK7ItAjOFdj%2Fjlunyt1LVxUbMFUFgpF0FJabxGfBvmvj43KjGg6do%2BA9aRmDx7%2BMXzx%2Fh%2Fxeqh6pub%2FA%2Bla%2BcC%2FBG1%2FCkPdmyd%2BqJtYf8ORWROBpzN9u3AFkyM%2B28uxeFduPR23ueZBElI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77178884ce7fb748-AMS
expires: Sun, 19 Nov 2023 01:22:36 GMT

GET
H2 200 2111862 Show response
ad.a-ads.com/ Frame 7E08 12 KB
5 KB 167ms
57ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2111862?size=120x60&text_color=a606ee&title_color=eb0606&title_hover_color=d726c3&link_color=0cc216&link_hover_color=1c5f1b

Requested by

Host: crichd.gq
URL: https://crichd.gq/s1.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

a3a3454842de1a423b3526d640cfcbb32108fc6bac381f98ebfd2e15fedd0556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crichd.gq/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 29 Nov 2022 01:22:37 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://crichd.gq/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 104ms
39ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1884937753&t=pageview&_s=1&dl=https%3A%2F%2Fcrichd.gq%2Fs1.php&ul=en-us&de=UTF-8&dt=ASIA%20CUP%202022%20Live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=901594480&gjid=631317184&cid=1062962.1669684957&tid=UA-143372155-2&_gid=2104129304.1669684957&_r=1&gtm=2oub90&z=324060340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crichd.gq/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 01:22:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crichd.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 em3.php Show response
crichd.gq/ Frame 0A9A 359 B
714 B 183ms
182ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crichd.gq/em3.php
Requested by: Host: crichd.gq
URL: https://crichd.gq/1.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44306e71a434df42b30759a06d81f2a80ed9b400b3db583e9ea61d19288ac04

Request headers

Referer: https://crichd.gq/1.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77178885d9feb8f6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 01:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck%2BjkzDutcqgGd0Si2PkCb%2FNYiTjzfDTL%2Bv2P2by6EZZnNhefvvfl9zyT2Lya0pxFXQxG05pCOg23JI5oBHHQIJkbMnOGFuaD39iAcGXCf%2BszEptIyVzdr%2FeOEn8xuLc%2FEmDSt1yQzk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
DATA 200
OK truncated
/ Frame 7E08 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 embed.php Show response
m.live4wap.click/ Frame 725D 3 KB
2 KB 93ms
38ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.live4wap.click/embed.php

Requested by

Host: crichd.gq
URL: https://crichd.gq/em3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bcd6cc81c177691d5e02a7f2acdd7fe097dc9d2b6e322bdcfaa80debd273b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://crichd.gq/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 771788876e92b73d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 01:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkP4mNUj6Etm2Z5XA3YckKwmZ1XbUHOeoU7sm6ILJY0Euur%2FnbvJi0Ff69u2c30pW5Y%2FE7v1URI4tByZL3nhOnnBGfEEELLjU0JbqwgLZFrAKIWP%2FWGZeiVrbc5Gmdf3Kc7skzg1LpRumDnPwp4k"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 200 plyr.css
cdn.plyr.io/3.6.2/ Frame 725D 37 KB
6 KB 86ms
34ms Stylesheet
text/css 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.2/plyr.css
Requested by: Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f2838b8db61c8ec0769f8c50670da6f88c6f5042371d41c3a295e6f7d7d3b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TQAPZKGAQSQV7XRD
age: 1505537
cf-polished: origSize=37639
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qUFik2pzhwd/FIJrLw6h9MXdaXRsIePKFgHlvBhAk44don2dJd7C/x5wE+n64YxY6S/zhNSILo0=
x-served-by: cache-iad-kcgs7200170-IAD, cache-yyz4533-YYZ
cf-bgj: minify
last-modified: Mon, 04 May 2020 11:36:56 GMT
server: cloudflare
x-timer: S1647861800.748063,VS0,VE1
etag: W/"53263754d3ae064edd2ab221ab30a2b4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsFU%2FTjEcr3ZruiCy1pqJk%2BYYgji9HxizBZdoz%2FK%2B7tESEX2BlgUrW2nGQDE675JDR%2FYMrwlPJKCd6pgo%2BpvdwIy4qfTVuVdBFpBhIv0ZlBKJe2LcE55EX%2BkvVtZnXT7y%2Bvxr3AnH%2B0g"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 771788880e7fd0d1-AMS
x-cache-hits: 1, 1

GET
H2 200 bf2610f0a2.js Show response
kit.fontawesome.com/ Frame 725D 11 KB
4 KB 116ms
61ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/bf2610f0a2.js

Requested by

Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d74dcd58a9d73e9a358f3219c11d4e932755a0938ad2e0ee51b2703eb116b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://m.live4wap.click/
Origin: https://m.live4wap.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 771788880b201c81-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fyicy-MeRSYyy3czdXHB

GET
H3 200 halfmoon.min.css
cdn.jsdelivr.net/gh/halfmoonui/halfmoon@1.0.4/css/ Frame 725D 202 KB
24 KB 66ms
39ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/halfmoonui/halfmoon@1.0.4/css/halfmoon.min.css

Requested by

Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b0f7a433c34f4ab1278db469050ba1f872c55682710109305d1a410f4df89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1165313
x-jsd-version: 1.0.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"326d6-9m6AsT4FnndZGyyUS60zmQRDkGI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=am42ViXHk9qnrntZdN%2Bq9ILYnNFk5MEmosZCUqmUc8iBCDt3pnQXhOJTA4Jf4RJUbmbyJYy1KcDkGsvOetr%2Fr44sWst4azDPnnbpCW32PFVEeeiWwRpwnd0V%2FDowxAqSceowDXmLao%2FJLfVzn8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77178887ea180e10-AMS

GET
H3 200 hls.js@latest Show response
cdn.jsdelivr.net/npm/ Frame 725D 336 KB
98 KB 90ms
64ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@latest

Requested by

Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88fa861d6c2d711a4a0e9c186234ab06f7e0f77b7bda6da22ae50eae6c892570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11387
x-jsd-version: 1.2.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"53f12-sE0TQ3OnDFwsU24CRrmdq93o250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNHp5WuPg53GUex5rvHOX%2Fo2ZkBbmOsbd0TAvnbfosewI9F9COWcCUVEU4mXW66%2Fz7ajz%2Bp%2BhMh0bQl77NiT0JLFYvtkC0LqOfjGGCiQmITBTSoKel71VunrQOmT%2FEfoMCQyrqULlMappx8GzwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77178887ea160e10-AMS

GET
H3 200 plyr.polyfilled.js Show response
cdn.plyr.io/3.6.2/ Frame 725D 188 KB
60 KB 88ms
37ms Script
application/javascript 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.2/plyr.polyfilled.js
Requested by: Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd71ebd4fa09080993b3e188b0a30e33eba3c9e7e6b2429c4fb95a269aba8bf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14930106
x-amz-request-id: V0H1BQX5Q5AHMA3A
cf-polished: origSize=192169
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WZzswlMtVUXPSW1NCOuNrZhpzQQl5rQ0KH9inJYqHJrTcuicNYUDQ03VtNTFXU0ZFd7PtZhRzZI=
x-served-by: cache-iad-kjyo7100048-IAD, cache-ams21028-AMS
cf-bgj: minify
last-modified: Mon, 04 May 2020 11:36:28 GMT
server: cloudflare
x-timer: S1654754852.645710,VS0,VE1
etag: W/"f6c87d6145f0c018fb06f1c3ce8f27e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZWellTPggTIlo7r4u6tAJ6MHJVjCYgBnarZbi8hiHQssANx1ipLRiiEqc8XZwJcq%2BvFY8%2BsghWPVnFEcbZ443pYdvmAJQug5b09GjL3GJQmqFZRQIiM15r%2BRdNwGMiylVM36ag9dLli"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 771788880e80d0d1-AMS
x-cache-hits: 1, 1

GET
H3

200

19.png
red.redcdn.cfd/ Frame 725D
Redirect Chain

https://red.redcdn.cfd/red.php?id=1
https://red.redcdn.cfd/19.png

33 KB
33 KB

91ms
33ms

Image
image/png

2606:4700:3038::6815:ebb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://red.redcdn.cfd/19.png

Requested by

Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php

Protocol

Server

2606:4700:3038::6815:ebb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e2f21bb5791b9122cd195f8a2b1895ba0593737612f8eba1d3281a4b797189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585170
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33298
last-modified: Tue, 22 Nov 2022 06:16:03 GMT
server: cloudflare
etag: "637c6923-8212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCZPYO1ZQpukT%2F%2BWOCzdii32drsX7sf4n0iLs9to4ZU1auXE4KNKpOM6%2F6N2yduOjqofU%2By3vqPMAtuvt6UqxW6fOMfwb8o88VHmAb%2FcOCaLtpx9J7ckhkqU7GZlx8Bb92%2Fg89hPbQ%2FDVZ1tIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7717888a0da5b7ae-AMS
expires: Thu, 22 Dec 2022 06:49:47 GMT

Redirect headers

date: Tue, 29 Nov 2022 01:22:37 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrhoMHsh4CAR%2BFx297P9YA94gSXoc1DUsYOxW9b4npw44dvV3scSqDIO0VoKDQ40eolObAl%2Bly02hCVouuu1f%2BEE3kWfoBVU8T%2BzMM45A6o9Zg7ePMKkLPf35GKVC08VvU%2F1sGWPJRVI7%2BBagQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /19.png
access-control-allow-origin: *
cf-ray: 77178888fef40e2f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 725D 211 KB
74 KB 112ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5DKLJLN0W

Requested by

Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79d5226edd5d56e527913e3fb1d1c66ff9c41db3ca1ef78940f26d53c5066153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 01:22:37 GMT

GET
H/1.1 403
Forbidden f3371acb223678a3aac98fffb8a7711a.js
sparkleporedip.com/f3/37/1a/ Frame 725D 0
0 906ms
109ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkleporedip.com/f3/37/1a/f3371acb223678a3aac98fffb8a7711a.js
Requested by: Host: m.live4wap.click
URL: https://m.live4wap.click/embed.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 01:22:38 GMT
Server: nginx/1.17.9
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 725D 59 KB
13 KB 97ms
35ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=bf2610f0a2
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2610f0a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
via: 1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 933164
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRtvzznnvv8ugBQ3zfprtgUixjmbdReV2Gw%2BvdgHlD9ZCJ18ZQfk95FMGJi2Ush0iTfwWxtZT98kTdhVxCjuxwqWrNJLk0WobgDe%2FtWMfd9FYo5YL60VuvLAqSQzGHe%2FVU8nCTWzb9w%2Fbl2R3bGi4WqL6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77178888df0a0e33-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _B-nm7Ip6FmOwBfs0CNzGW16sSqxYyHKuLZ4_3hZIAMa_P_hi61YUg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 725D 26 KB
5 KB 101ms
39ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=bf2610f0a2
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2610f0a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyMgMDGmcYLCC%2F4GYsAD8IMyHo1UTaSBWthz%2BGKhEV%2Fpzeo1KyKrZCLWMZ%2F44TkRbN%2B1%2BxxiGd%2FzM6LungHz7BptN4en9YGdabA%2Bv27aLH7eV4n%2BXI8L00FAAP9HDP297oqll8K1McjwMohKBCmryQQCrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77178888df0b0e33-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: tmHhPgi-lK6GRPkYqeZZWa8OZJtsxKGFEom56ojn8x4u4eEjWmjAdA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 725D 3 KB
2 KB 93ms
31ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=bf2610f0a2
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bf2610f0a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:37 GMT
via: 1.1 d5b8ff1568ca9900eb00feb643d95cd4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: BOS50-P1
age: 933164
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGC%2FIPxwQQ29n3xADlIuoCQU%2F2HuwsvhVz%2FQFij0xFHBKudH3URPsKbRvli0GajPEbpJAoKeYcZP66XRUXXPfTx1cZqaLQH%2FnR%2FY0t4qiWa2Kfwa9QoZC%2F0b5ehRFVA96%2BY1yLPz5CJnSjlNzdxrpc0lCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 77178888df0c0e33-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FzhDTQ4Q4h6RJb6ZDBtJvsc-n0A4HjcOuRVHm0W95wZSRmYbddjvTQ==

GET
DATA 200
OK truncated
/ Frame 725D 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 725D 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 725D 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 725D 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 725D 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 725D 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 725D 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

480p.m3u8 Show response
kidcdn.redcdn.online/live/ Frame 725D
Redirect Chain

https://red.redcdn.cfd/red.php?id=2
https://kidcdn.redcdn.online/live/480p.m3u8

5 KB
5 KB

364ms
82ms

XHR
application/vnd.apple.mpegurl

95.217.118.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kidcdn.redcdn.online/live/480p.m3u8

Protocol

Server

95.217.118.95 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.95.118.217.95.clients.your-server.de

Software

nginx /

Resource Hash

2b6b23cfd3eb2dcd0a3ea12ab32495b4f032cf51eb92592296969582e61d1cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:38 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Nov 2022 01:22:38 GMT
server: nginx
etag: "63855ede-14cb"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5323

Redirect headers

date: Tue, 29 Nov 2022 01:22:38 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVLCEVLRTq4EFJVM1uR1xT7sKAg23TLgBDZm3cqiHtu7cvFBXC1WPDBPPvkQLYMyh0etcnb2GzlRuY%2BbrslbPAHgFsSsOnUIgFMacem5O4T3t8NSgOr7D8mStsEkbllQIyQ7Yt2l89787lMzVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://kidcdn.redcdn.online/live/480p.m3u8
access-control-allow-origin: *
cf-ray: 7717888eed2b0ae3-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

19.png
red.redcdn.cfd/ Frame 725D
Redirect Chain

https://red.redcdn.cfd/red.php?id=1
https://red.redcdn.cfd/19.png

33 KB
33 KB

35ms
34ms

Image
image/png

2606:4700:3038::6815:ebb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://red.redcdn.cfd/19.png

Protocol

Server

2606:4700:3038::6815:ebb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e2f21bb5791b9122cd195f8a2b1895ba0593737612f8eba1d3281a4b797189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33298
last-modified: Tue, 22 Nov 2022 06:16:03 GMT
server: cloudflare
etag: "637c6923-8212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2Cj8HUpJpIMlB703kUV%2FXC6B1UuqZtOTn6KSWd%2BZjHb%2FgFP1AEbYvpBGRWOJK8zkSZ1a8e3XZeByfaG4hstBZXVOXfB0LKMGB6DfHQCqvXOMLhkp56wp6SYFNlQlIf30vl6HOWP3u%2B2FdtgsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 771788926a45b7ae-AMS
expires: Thu, 22 Dec 2022 06:49:47 GMT

Redirect headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57BSniMXJEyGuHypad7IfIlCil0hgw8sjI6MKcTnXUQ3Vk3LdgFs6cxdHZ6NLn1OHEBnkw1M9SCQI5TLWXV5ZHtqYX4FnAYTIDKKOGU6kl3EsmD%2Fwpfo2UOCWJn2jHik3ExvK%2FzgiAgxCZ%2FynA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /19.png
access-control-allow-origin: *
cf-ray: 77178891d9ebb7ae-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 plyr.svg Show response
cdn.plyr.io/3.6.2/ Frame 725D 6 KB
3 KB 87ms
33ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.2/plyr.svg
Requested by: Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.6.2/plyr.polyfilled.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:39 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VBV9S32MT5JKSS28
age: 931646
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Pl8xlS2OsAJJBsLnh34Qra3I0SHszRPHwUYuKZA937P2xSuIVu7ofty8P45PgHl69c33k1naIJ4=
x-served-by: cache-iad-kiad7000140-IAD, cache-jnb7026-JNB
last-modified: Mon, 04 May 2020 11:36:58 GMT
server: cloudflare
x-timer: S1668750056.996197,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK66nPXjEbNNSmQmWN3dNrobj3fDaquvU4LRL01anbX%2BATSR4GL%2FYZ%2BcGx49iErkLLv3CEz4rBewEp0f%2FJWljIFToKmkzzp%2B3YnQ7igcj4obV3Z6ZiShbCiX%2FFNUbtnSUufOySCeWJJO"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 771788924e59b88e-AMS
x-cache-hits: 1, 14700

GET
H2 200 480p.m3u8 Show response
kidcdn.redcdn.online/live/ Frame 725D 5 KB
5 KB 82ms
82ms XHR
application/vnd.apple.mpegurl 95.217.118.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kidcdn.redcdn.online/live/480p.m3u8

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.217.118.95 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.95.118.217.95.clients.your-server.de

Software

nginx /

Resource Hash

2b6b23cfd3eb2dcd0a3ea12ab32495b4f032cf51eb92592296969582e61d1cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Nov 2022 01:22:38 GMT
server: nginx
etag: "63855ede-14cb"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5323

GET
H2 200 480p4867.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 392 KB
393 KB 344ms
131ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4867.ts

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e5c78e2b9f0a15403106189c1ea83c7447c325fbb522274e468741442df13a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 639d0ffdd55bed994eef8950b35790f12fee1025
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:39 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4867.ts
content-length: 401756
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: 258C:47D4:38D04:4C505:63855EDF
x-timer: S1669684959.295812,VS0,VE32
etag: W/"1fd362edd07563c750f3b297da94a23762acf2ddc34bf087a504da2571f304e8"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:39 GMT

GET 4b45317a-aba2-4e39-babb-62665b91e821
https://m.live4wap.click/ Frame 725D 0
0

GET
H3

200

19.png
red.redcdn.cfd/ Frame 725D
Redirect Chain

https://red.redcdn.cfd/red.php?id=1
https://red.redcdn.cfd/19.png

33 KB
33 KB

31ms
31ms

Image
image/png

2606:4700:3038::6815:ebb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://red.redcdn.cfd/19.png

Protocol

Server

2606:4700:3038::6815:ebb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e2f21bb5791b9122cd195f8a2b1895ba0593737612f8eba1d3281a4b797189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33298
last-modified: Tue, 22 Nov 2022 06:16:03 GMT
server: cloudflare
etag: "637c6923-8212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BFa%2FoWCf6QS0bm3Qft4IzOwYfCYUaE7%2BJDy86%2BK78iRu4BnCG8eWZD4HBP1naUUYyxue5qjsThYJ0nlKT4YD6HM8CEkKD9ZxcPYNI0tT4ptyW1s65g2CMvfBbcyQI0ZyWi8Tde0yB%2Fnkjiqew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 771788930aa3b7ae-AMS
expires: Thu, 22 Dec 2022 06:49:47 GMT

Redirect headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8o2gvY7Cow0TRAOexGkmDqXncu0c0%2BtFHhexZ4ZXsTIQXzg8O%2FAeBuCye41bI855UdUhMcBCfsCmlB0LfPO153NTXAOURwZe7Y4kYrh1oxC%2FRK00qfVrBAPOKP7A%2FNAYid2LVy7MmdrI1EBjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /19.png
access-control-allow-origin: *
cf-ray: 77178892aa68b7ae-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK effd507b-635c-4a7c-ba70-a7b957654e36
https://m.live4wap.click/ Frame 725D 84 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://m.live4wap.click/effd507b-635c-4a7c-ba70-a7b957654e36
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe56f0fd33159d08ed099575483bf0280b634a4177e0cf22dc289cad0f68411f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Length: 86284
Content-Type: text/javascript

GET
H2 200 480p4868.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 345 KB
346 KB 138ms
138ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4e77324333d6698bda1db18fee25ed61980e660cdcc1edafed861c76634e309

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: b70ec977070d2b622dcb8eef09a59317e48a1e5e
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:39 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4868.ts
content-length: 353628
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: F83A:217C:1735B:279C1:63855EDF
x-timer: S1669684960.794350,VS0,VE41
etag: W/"ee9dc9b8861392ee1c59b7d698325648d3803c0b00b2b18f9ca0623651c902e4"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:39 GMT

GET
H2 200 480p.m3u8 Show response
kidcdn.redcdn.online/live/ Frame 725D 5 KB
5 KB 82ms
81ms XHR
application/vnd.apple.mpegurl 95.217.118.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kidcdn.redcdn.online/live/480p.m3u8

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.217.118.95 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.95.118.217.95.clients.your-server.de

Software

nginx /

Resource Hash

2b6b23cfd3eb2dcd0a3ea12ab32495b4f032cf51eb92592296969582e61d1cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Nov 2022 01:22:38 GMT
server: nginx
etag: "63855ede-14cb"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5323

GET
H2 200 480p4869.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 303 KB
304 KB 139ms
139ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32403fd3eb291f9447c617baff57f52a866192d2aefdaf326660a808db36476c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 3f80aca38d89d72e18b07ddde523666e7958f57f
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:40 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4869.ts
content-length: 310388
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: 1E9E:370F:1706F:27566:63855EDF
x-timer: S1669684960.980942,VS0,VE43
etag: W/"88c285d1317c3d5707bfe860a186d0d698184894983850d86311647a11700599"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:40 GMT

GET
H2 200 480p.m3u8 Show response
kidcdn.redcdn.online/live/ Frame 725D 5 KB
5 KB 82ms
82ms XHR
application/vnd.apple.mpegurl 95.217.118.95
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kidcdn.redcdn.online/live/480p.m3u8

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.217.118.95 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.95.118.217.95.clients.your-server.de

Software

nginx /

Resource Hash

2b6b23cfd3eb2dcd0a3ea12ab32495b4f032cf51eb92592296969582e61d1cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:22:40 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Nov 2022 01:22:38 GMT
server: nginx
etag: "63855ede-14cb"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5323

GET
H2 200 480p4870.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 465 KB
466 KB 137ms
137ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7e1cdccdcb3670eb6df33d675a0e407bc1a6a706cfac356e74802da3222998c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: b35b5d8c01781f873c68c9a26c067f11a5773b83
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:40 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4870.ts
content-length: 476204
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: 1DE4:6C16:1AED9:2BEE2:63855EE0
x-timer: S1669684960.151644,VS0,VE41
etag: W/"c2dc42bc84288b1c82ea463611b20c0af515a1ee069fd33b8bd0ef660d15e467"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:40 GMT

GET
H2 200 480p4871.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 345 KB
346 KB 130ms
129ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

809d94e22bcf110546b125e2cf2c4f608468f6cddc6d4b0f6aa0f94f2c828018

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: f499730839b3142e55f8f125dee35467d9221363
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:40 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4871.ts
content-length: 353628
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: 08A8:3C39:38A82:4BEB5:63855EE0
x-timer: S1669684960.349570,VS0,VE33
etag: W/"caa7f4047181ba1e61902151c6205b933e2f8cc69fbcff96df2237cf50b93689"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:40 GMT

GET
H2 200 480p4872.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 75 KB
75 KB 107ms
107ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f3fb523fa845f63e39d96aa856324f4cefb52a537274d0a0460af788ca87120

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 38e78632e27b2b83dbe009af7068e5f57d3f7eb9
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:40 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4872.ts
content-length: 76328
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: BDAA:7845:35DA3:49309:63855EE0
x-timer: S1669684961.504358,VS0,VE11
etag: W/"9c18f285dd09669a47f9749fa6b8d371e815794bdb28cdd6993dae4e9910cec1"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:40 GMT

GET
H2 200 480p4873.ts Show response
raw.githubusercontent.com/Filmy4waphindi/mytutori/main/expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dk... Frame 725D 406 KB
406 KB 220ms
220ms XHR
video/mp2t 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a33b22720dda79cda04bd52567118dcdffa749c814c979ced56fd8ceb6f8c521

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.live4wap.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 7ca19c5b528888ca9522796905bf8e837e2e084c
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 01:22:40 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
content-disposition: attachment; filename=expire_token_f2hscy9saXZlLzfIwMjQ3MzAvaXBsMjAyMi9oaW4vMTf/exp_16504691420_data_ip_3dnH4HjOXurq4PceHCSQi51fWYErdA27MrhwChY249fHH1AAa/userid_3dkmU1FDSPt3iJEhrVRLiESuQ4KSP/480p4873.ts
content-length: 415292
x-xss-protection: 1; mode=block
x-served-by: cache-ewr18126-EWR
x-github-request-id: 3CEA:673E:17FE7:2863C:63855EE0
x-timer: S1669684961.621456,VS0,VE125
etag: W/"0d4a84c98da297bf74e64b353cf5d2b6984be109696b13e75a2600dfb565c9c9"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 29 Nov 2022 01:27:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.live4wap.click
URL: blob:https://m.live4wap.click/4b45317a-aba2-4e39-babb-62665b91e821

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crichd.gq/	1970-01-20 17:24:04	Name: _ga Value: GA1.2.1062962.1669684957
.crichd.gq/	1970-01-20 07:49:31	Name: _gid Value: GA1.2.2104129304.1669684957
.crichd.gq/	1970-01-20 07:48:05	Name: _gat_gtag_UA_143372155_2 Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://crichd.gq/s1.php(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/hls.js@latest, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://crichd.gq/s1.php(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/hls.js@latest, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://crichd.gq/s1.php(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.plyr.io/3.6.8/plyr.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://crichd.gq/s1.php(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://crichd.gq/em3.php(Line 3) Message: <iframe gesture="media"> is not supported. Use <iframe allow="autoplay">, https://goo.gl/ximf56
network	error	URL: https://sparkleporedip.com/f3/37/1a/f3371acb223678a3aac98fffb8a7711a.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: blob:https://m.live4wap.click/4b45317a-aba2-4e39-babb-62665b91e821 Message: Failed to load resource: net::ERR_FILE_NOT_FOUND

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
cdn.jsdelivr.net
cdn.plyr.io
cdnjs.cloudflare.com
crichd.gq
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kidcdn.redcdn.online
kit.fontawesome.com
m.live4wap.click
raw.githubusercontent.com
red.redcdn.cfd
sparkleporedip.com
www.google-analytics.com
www.googletagmanager.com
m.live4wap.click
136.243.4.18
192.243.59.20
2606:4700:21::681b:c258
2606:4700:3038::6815:ebb6
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2606:50c0:8003::154
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:831::200e
2a06:98c1:3120::3
2a06:98c1:3121::3
95.217.118.95
0715b17222fabd02c351a22bb12eec170a80f7fd06b3bbef2ae0e7634d0d9324
0e5c78e2b9f0a15403106189c1ea83c7447c325fbb522274e468741442df13a1
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17bcd6cc81c177691d5e02a7f2acdd7fe097dc9d2b6e322bdcfaa80debd273b5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
239d4546413ab65f313ca8c368af3badbd78ac5e0347512353e9c40eeca3bed2
2b6b23cfd3eb2dcd0a3ea12ab32495b4f032cf51eb92592296969582e61d1cc6
31b0f7a433c34f4ab1278db469050ba1f872c55682710109305d1a410f4df89a
32403fd3eb291f9447c617baff57f52a866192d2aefdaf326660a808db36476c
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64d74dcd58a9d73e9a358f3219c11d4e932755a0938ad2e0ee51b2703eb116b9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d5226edd5d56e527913e3fb1d1c66ff9c41db3ca1ef78940f26d53c5066153
7f3fb523fa845f63e39d96aa856324f4cefb52a537274d0a0460af788ca87120
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
809d94e22bcf110546b125e2cf2c4f608468f6cddc6d4b0f6aa0f94f2c828018
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
88fa861d6c2d711a4a0e9c186234ab06f7e0f77b7bda6da22ae50eae6c892570
940fcd0e6f76d0b4a941bdceb34a85cd4840832532fc399d80c7bc3527b636e5
a33b22720dda79cda04bd52567118dcdffa749c814c979ced56fd8ceb6f8c521
a3a3454842de1a423b3526d640cfcbb32108fc6bac381f98ebfd2e15fedd0556
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd71ebd4fa09080993b3e188b0a30e33eba3c9e7e6b2429c4fb95a269aba8bf7
c7e1cdccdcb3670eb6df33d675a0e407bc1a6a706cfac356e74802da3222998c
c9e2f21bb5791b9122cd195f8a2b1895ba0593737612f8eba1d3281a4b797189
d44306e71a434df42b30759a06d81f2a80ed9b400b3db583e9ea61d19288ac04
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9f2838b8db61c8ec0769f8c50670da6f88c6f5042371d41c3a295e6f7d7d3b6
dabd47248cc0afa30e61ce75e4e2661077db8fd24db03c215460617ebecb315f
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e4e77324333d6698bda1db18fee25ed61980e660cdcc1edafed861c76634e309
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fe56f0fd33159d08ed099575483bf0280b634a4177e0cf22dc289cad0f68411f

crichd.gq Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

86 %HTTPS

81 %IPv6

15 Domains

16 Subdomains

17 IPs

3 Countries

3193 kBTransfer

4605 kBSize

3 Cookies

1 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crichd.gq Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

86 %
HTTPS

81 %
IPv6

15
Domains

16
Subdomains

17
IPs

3
Countries

3193 kB
Transfer

4605 kB
Size

3
Cookies

43 HTTP transactions
8 data transactions