video.webcric.com Open in urlscan Pro
2606:4700:3035::ac43:b5f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://live.webcric.com/frame1.htm
Effective URL:
https://video.webcric.com/frame1.htm
Submission Tags: falconsandbox
Submission: On April 28 via api (April 28th 2021, 9:45:36 am UTC) from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::ac43:b5f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is video.webcric.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.

This is the only time video.webcric.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	2606:4700:303... 2606:4700:3035::ac43:b5f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3034::ac43:deeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2606:4700:303... 2606:4700:3034::6815:2e1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	2606:4700::68... 2606:4700::6811:ad3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.183.99.73 185.183.99.73	60117 (HS) (HS)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3030::6815:2ed2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1	81.171.17.186 81.171.17.186	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
32	14

5 2606:4700:3035::ac43:b5f2 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

live.webcric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
en.webcric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.webcric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:deeb (United States)

ASN13335 (CLOUDFLARENET, US)

embed.uclive.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.uclive.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

luvaihoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

escy55gxubl6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::6815:2e1d (United States)

ASN13335 (CLOUDFLARENET, US)

play.uclive.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:ad3e (United States)

ASN13335 (CLOUDFLARENET, US)

velocecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.99.73 (Bucharest, Romania)

ASN60117 (HS, AE)

www.lquest123b.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

overkirliaan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.171.17.186 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

n03.quest123.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	uclive.xyz embed.uclive.xyz play.uclive.xyz	277 KB
6	onmarshtompor.com onmarshtompor.com	2 KB
5	webcric.com 3 redirects live.webcric.com en.webcric.com video.webcric.com	20 KB
2	rtmark.net my.rtmark.net	981 B
2	overkirliaan.com overkirliaan.com	21 KB
2	velocecdn.com velocecdn.com	20 KB
2	luvaihoo.com luvaihoo.com	21 KB
1	quest123.top n03.quest123.top	134 B
1	onclickgenius.com onclickgenius.com	2 KB
1	ufpcdn.com ufpcdn.com	2 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	lquest123b.top www.lquest123b.top	487 B
1	escy55gxubl6.com escy55gxubl6.com
32	13

	Domain	Requested by
9	play.uclive.xyz	embed.uclive.xyz play.uclive.xyz
6	onmarshtompor.com	luvaihoo.com overkirliaan.com
2	my.rtmark.net	onmarshtompor.com
2	overkirliaan.com	play.uclive.xyz
2	velocecdn.com	play.uclive.xyz video.webcric.com
2	luvaihoo.com	video.webcric.com
2	video.webcric.com	video.webcric.com
2	live.webcric.com	2 redirects
1	n03.quest123.top	play.uclive.xyz
1	onclickgenius.com	video.webcric.com
1	ufpcdn.com	video.webcric.com
1	ssl.google-analytics.com	play.uclive.xyz
1	www.lquest123b.top	play.uclive.xyz
1	escy55gxubl6.com	video.webcric.com
1	embed.uclive.xyz	video.webcric.com
1	en.webcric.com	1 redirects
32	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
luvaihoo.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
escy55gxubl6.com R3	`2021-03-01` - `2021-05-30`	3 months	crt.sh
onmarshtompor.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
lquest123b.top R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
overkirliaan.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
onclickgenius.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.quest123.top Sectigo RSA Domain Validation Secure Server CA	`2020-08-31` - `2021-08-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://video.webcric.com/frame1.htm
Frame ID: 332E400A03F2F6B9EA3BF727B2F3C994
Requests: 7 HTTP requests in this frame

Frame: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Frame ID: 45696A6E390990967DAE79C7F469A66F
Requests: 18 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=a2fad4a561f042f086e9eb26da226512&oaidts=1619603118
Frame ID: 74932BFB6E5ED6B3CD8F3B4B79058F6E
Requests: 2 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 1EFA5F30C7C4E5CB527CA9875AA2C373
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=ac33a264576845deac295fcf65c283f4&oaidts=1619603119
Frame ID: E00586EDE8E95185495EF8A8C9CFD5B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://live.webcric.com/frame1.htm HTTP 301
https://live.webcric.com/frame1.htm HTTP 301
https://en.webcric.com/frame1.htm HTTP 301
https://video.webcric.com/frame1.htm Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

32
Requests

100 %
HTTPS

43 %
IPv6

13
Domains

16
Subdomains

14
IPs

5
Countries

382 kB
Transfer

1327 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://live.webcric.com/frame1.htm HTTP 301
https://live.webcric.com/frame1.htm HTTP 301
https://en.webcric.com/frame1.htm HTTP 301
https://video.webcric.com/frame1.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request frame1.htm Show response
video.webcric.com/
Redirect Chain

http://live.webcric.com/frame1.htm
https://live.webcric.com/frame1.htm
https://en.webcric.com/frame1.htm
https://video.webcric.com/frame1.htm

59 KB
18 KB

83ms
73ms

Document
text/html

2606:4700:3035::ac43:b5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cec0941a906e2f3bc8c44cfeeaff7674967e9c932e7416e61a7040f50a514f7

Request headers

:method: GET
:authority: video.webcric.com
:scheme: https
:path: /frame1.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d83ae3fb9949270d437485ea132bd57461619603118
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-type: text/html
last-modified: Thu, 22 Apr 2021 11:45:49 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
cf-request-id: 09b97771ea00004e14a43e7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TBjyqa2rtJ5HIrfznl%2Ba343trh58Ad%2FMZjSgSQHMLcT%2B7wWLVpnnDdn6miE1pUy6araeQDXiRTUOLOFOhGdMIIA8OTlugbcjrm%2Bmizp3uQrLSrep0oFJF4a9SsK6jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 646f5b631cc94e14-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 28 Apr 2021 09:45:18 GMT
cache-control: max-age=3600
expires: Wed, 28 Apr 2021 10:45:18 GMT
location: https://video.webcric.com/frame1.htm
cf-request-id: 09b97771d000004e14b2979000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ExlgYuM1aeTKNcv%2F6uV17E1U0LYyOZQbArpxrshk2Tt5DyQDm%2BunDXrJMx94LsxSUCZFoCGNMto83gwfKevpQfrendlPNo8AKuNc%2F9ERT76g8pmjrTRZq%2BAd3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 646f5b62ec464e14-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hucaster.js Show response
embed.uclive.xyz/static/scripts/ 1 KB
1 KB 53ms
19ms Script
application/x-javascript 2606:4700:3034::ac43:deeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.uclive.xyz/static/scripts/hucaster.js
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:deeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ff679405552720c8acd96bdb846abaf5f9098ca3496407c9823304d15fded1

Request headers

Referer: https://video.webcric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 488647
cf-polished: origSize=1706
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b977727200004db8be849000000001
last-modified: Sun, 31 Jan 2021 14:49:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5cpyDWGxP%2FuGYp07A6MeoMWl7Acg0da8SiDAc8%2BCLu%2FvzM6QwPH64FfTI1d5TqQNU0qn6nVuEE27LXADKUsuy7xZJEV4UetPbhi9tM2NgzT6UbGIkf%2FtokLGe46A"}]}
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=1000000000, must-revalidate
cf-ray: 646f5b63ec3f4db8-FRA
expires: Sun, 29 Dec 2052 19:47:51 GMT

GET
H2 200 close-button.gif
video.webcric.com/ 307 B
662 B 21ms
11ms Image
image/gif 2606:4700:3035::ac43:b5f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.webcric.com/close-button.gif
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c67f5da4210bbf597b58d38e0d19aa093cd2fc6c2a82a13c0d23d100b5789d5

Request headers

:path: /close-button.gif
pragma: no-cache
cookie: __cfduid=d83ae3fb9949270d437485ea132bd57461619603118
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: video.webcric.com
referer: https://video.webcric.com/frame1.htm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://video.webcric.com/frame1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334031
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307
cf-request-id: 09b977725a00004e14c4162000000001
last-modified: Thu, 23 May 2019 11:51:00 GMT
server: cloudflare
etag: "5ce68924-133"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=53aUTvAwhL%2BFRMd88XsyNhlq7mr6nuD2H5odInFba7lJcX%2BAkKge2RILvOTqy0uLJGBVU6ddf%2FuA2np6xtwqskus92%2Fn2TjC6EONQAkC3euY06Hqg6V1GkZ7cDJHxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 646f5b63ce314e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apu.php Show response
luvaihoo.com/ 3 KB
2 KB 140ms
58ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://luvaihoo.com/apu.php?zoneid=3493599&oo=1

Requested by

Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d2fe90e6ce8ac5b51d75a3a38d5811d2a8172f1ae5774d1e2e47c224e70672fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://video.webcric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 0c6f4188cf982584cdc10acaa1fb650e
pragma: no-cache
date: Wed, 28 Apr 2021 09:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://video.webcric.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
luvaihoo.com/ 56 KB
19 KB 136ms
55ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://luvaihoo.com/tag.min.js

Requested by

Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6ff25efa17b3ef606970b0dfaea5635df630694c14abc9ca2ab14266267015ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://video.webcric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-length: 18867
x-trace-id: 34a31efc4652396b36f7d91c75db722a
pragma: no-cache
last-modified: Mon, 26 Apr 2021 10:40:54 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 480 Show response
play.uclive.xyz/hembedplayer/webcrici19/3/850/ Frame 4569 70 KB
21 KB 88ms
78ms Document
text/html 2606:4700:3034::ac43:deeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Requested by: Host: embed.uclive.xyz
URL: https://embed.uclive.xyz/static/scripts/hucaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:deeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ddb560628192fb0efbe77e3696c828b9a4c455d15b10a05e8dcccf8bac9ce0

Request headers

:method: GET
:authority: play.uclive.xyz
:scheme: https
:path: /hembedplayer/webcrici19/3/850/480
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.webcric.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.webcric.com/

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=daa4ec363adee126ad3ec6e01752095c31619603118; expires=Fri, 28-May-21 09:45:18 GMT; path=/; domain=.uclive.xyz; HttpOnly; SameSite=Lax; Secure JSESSIONID=1p69jl10uh7hd6psah9ju89lr;Path=/
content-language: en-US
expires: Thu, 01 Jan 1970 00:00:00 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09b977729400004db8cc287000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2oVaMQ1YhBwDX%2F5Egc9iAUuJFhbKp%2BPZcDiWUtrkXojiXnjQKOan77V0OERvdPIzbYCnivg3WutCmhfJUwygpafLaPdJ1nIjv6dEzD4uT7SupnMUNdlCUOHTYNY%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 646f5b641ca44db8-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden invoke.js
escy55gxubl6.com/4e46992a0e344f5cc9a1bd54d8a9a680/ 0
0 518ms
138ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://escy55gxubl6.com/4e46992a0e344f5cc9a1bd54d8a9a680/invoke.js
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://video.webcric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Apr 2021 09:45:19 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-29 200 screen.css
play.uclive.xyz/static/styles/ Frame 4569 16 KB
4 KB 45ms
31ms Stylesheet
text/css 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/static/styles/screen.css
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b613ffb8df1007160d03e2b2f814daf990f5741d9849e686ce50b874418661

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 857145
cf-polished: origSize=20039
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f50000975a7ab41000000001
last-modified: Thu, 17 Dec 2020 14:18:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JU%2F0nyEv8NmxH9YTwZyvvGdy2P%2BOklUd3U7Cr9LKXYUdOrbABLB9GDEBRNtzw8MrPnbNJ3PpqD%2F%2FSYLG7kQ2k2DZ9vg%2FFVbr2rfPkSzecIVn8i59zZCH%2F92APgo%3D"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=1000000000, must-revalidate
cf-ray: 646f5b64bc75975a-FRA
expires: Wed, 25 Dec 2052 13:26:13 GMT

GET
H3-29 200 hlsjs.0.11.js Show response
play.uclive.xyz/resources/scripts/vp/ Frame 4569 243 KB
64 KB 89ms
76ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/vp/hlsjs.0.11.js
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ad296925c1d2e1ebf9a5801093648b09e30ef5eacaa11be49de33fcb54ab0b

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 478
cf-polished: origSize=249356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f70000975a88082000000001
last-modified: Thu, 17 Dec 2020 14:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C9OHgZPbJtyJRP8wnvZ8VgZe%2BMzFquMjOkTB3YJ5uaUimqrsJdApY3Ggl170Ew2eQxAv0XoehTO%2FdUyf8I%2B05gVHF1hX0sMh1%2F1r4nw7ti1Md8VclHviM1fzmZk%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 646f5b64bc7b975a-FRA
cf-bgj: minify

GET
H3-29 200 simplepeer.min.js Show response
play.uclive.xyz/resources/scripts/vp/ Frame 4569 90 KB
25 KB 98ms
85ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/vp/simplepeer.min.js?id=jf83239huwe
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df44ed947f270deb502e6ca743f77fe4d1553cdda16fe98f2d71b57d9851ab36

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ffBqeem7bng9K3xCBdwE9hRzeGvMMzLMUcoCwgK%2BK4DIwWX9QMB6gjY%2Fqc3XGNH20CWewlDzHsViE6JAbePsqVPY%2FQep8wfwDR2%2BahKCTnZXKxm5zCNcDLUMgOY%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
last-modified: Thu, 17 Dec 2020 14:18:09 GMT
cf-ray: 646f5b64bc7c975a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f80000975a88083000000001

GET
H3-29 200 lz-string.min.js Show response
play.uclive.xyz/resources/scripts/vp/ Frame 4569 5 KB
2 KB 101ms
88ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/vp/lz-string.min.js?id=fsdfw
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd8685ba939395aa62bb5e14872591312a4948e65047eae612372fc70666509

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pA5b9Xm2RxUarUW3k84Ngs9LnFPx1deBnpaW2tSRGVIf69A1Lt%2BLT98BY2BM6OXr3TKM80pJnnta1XpyL4WF1pldDugw6VVQHYdd7nYeRdQ4pzRElazr%2FeRPED4%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
last-modified: Thu, 17 Dec 2020 14:18:09 GMT
cf-ray: 646f5b64bc76975a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f50000975aa09c3000000001

GET
H3-29 200 clappr.min.js Show response
play.uclive.xyz/resources/scripts/ Frame 4569 520 KB
126 KB 71ms
58ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/clappr.min.js
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09cffe2d2bc5c27e577b3522036b7761812dbf0c5860fa871b68419b6038a8c5

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 14:18:02 GMT
server: cloudflare
age: 478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RbNv8pHknt6WbaAdhjWY1B5q9zpeQsjX4extTKibquGPHJoUxXNFPNjWG4M1xTw9mOJo5pnEMHnlsVtfHuzu1tLg%2FTB1YXzUQk%2BLly6GAvb4aIFrRwPEMsie8nc%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 646f5b64bc79975a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f60000975a848b0000000001

GET
H3-29 200 newucaster.js Show response
play.uclive.xyz/resources/scripts/ Frame 4569 2 KB
1 KB 116ms
103ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/newucaster.js?id=1573542001724
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf89bfb56c7d668c21b314772a6001cc5d52fbca5062f8e5e46665d3f2c78d7

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FtmXN7pLrnfdIr0kgVtXtc1J2MBhzvnkGRO7DxUQ6nhaH32vLk5OwS9UAeWgGrr5gFQxAFuI2%2FPvvFHbXWKB%2BadNjuf5%2B8vMLbbe6FYPuz9eg4ItGB8U8SRQ7xw%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
last-modified: Thu, 17 Dec 2020 14:18:05 GMT
cf-ray: 646f5b64bc74975a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f60000975a88081000000001

GET
H3-29 200 jquery-1.10.2.min.js Show response
play.uclive.xyz/static/scripts/ Frame 4569 91 KB
32 KB 49ms
36ms Script
application/x-javascript 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/static/scripts/jquery-1.10.2.min.js
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Request headers

Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 447521
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b97772f50000975a88080000000001
last-modified: Thu, 17 Dec 2020 14:18:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ojRd4R%2BIAeAPhWizjnqVUGQuGBb%2FIxZPEYEPO6FaGZq%2F3ftAmqSpJDClpsCbZF198dY%2BbAZHoR0FAKRKd9cscUmPfDEtYDVeFZDHRZz33DnN2JoQUEN%2B7HL8Mk%3D"}],"max_age":604800}
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=1000000000, must-revalidate
cf-ray: 646f5b64bc73975a-FRA
expires: Mon, 30 Dec 2052 07:13:17 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 7493 203 B
811 B 110ms
36ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=a2fad4a561f042f086e9eb26da226512&oaidts=1619603118

Requested by

Host: luvaihoo.com
URL: https://luvaihoo.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

32760c4506d70f9f1ce859f87c82174d39c8e1468c364b4aef4f4e6d82cad606

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=a2fad4a561f042f086e9eb26da226512&oaidts=1619603118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.webcric.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.webcric.com/

Response headers

server: nginx
date: Wed, 28 Apr 2021 09:45:13 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: e88b4db1c7a37cd6db79c53500c1f65e
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=a2fad4a561f042f086e9eb26da226512; expires=Thu, 28 Apr 2022 09:45:18 GMT; path=/; secure; SameSite=None oaidts=1619603118; expires=Thu, 28 Apr 2022 09:45:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 compatibility.js Show response
velocecdn.com/script/ Frame 4569 20 KB
8 KB 57ms
33ms Script
application/javascript 2606:4700::6811:ad3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/compatibility.js
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ad3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1542
x-guploader-uploadid: ABg5-Uzy1wNDdDHDHJ9qxn8FO-IYxsbVa48z4IrXM0ccJ8cdub-HmhKeA_Jq4l7XjDoq9hgk48wb4MAHcNIb5FxXFuDsyEm6nQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09b97773bd000005c468b61000000001
last-modified: Tue, 15 Sep 2020 12:10:32 GMT
server: cloudflare
etag: W/"c2bbc1e2544049cb035c321919bef2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation: 1600171832181211
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 20647
cf-ray: 646f5b65fec305c4-FRA
expires: Wed, 28 Apr 2021 13:45:19 GMT

GET
H/1.1 200
OK loadbalancer Show response
www.lquest123b.top/ Frame 4569 25 B
487 B 288ms
125ms XHR
text/html 185.183.99.73
HS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lquest123b.top/loadbalancer?114304
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/static/scripts/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.183.99.73 Bucharest, Romania, ASN60117 (HS, AE),
Reverse DNS
Software: WowzaStreamingEngine/4.7.7 /
Resource Hash: c86c245d9648c26d70a8f7290c8d6edd1ef22ce176574729e84289b8b338ca0b

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 09:45:19 GMT
Server: WowzaStreamingEngine/4.7.7
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 25

GET
H2 200 apu.php Show response
overkirliaan.com/ Frame 4569 3 KB
2 KB 136ms
37ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://overkirliaan.com/apu.php?zoneid=3327211&oo=1

Requested by

Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bf44798c035a4e1934c62a1a08007b4ba7e0ed8c4b561a4f5b4ab56b338040cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: dd83ddb7c1a60e22b8f28079e8724133
pragma: no-cache
date: Wed, 28 Apr 2021 09:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://play.uclive.xyz
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
overkirliaan.com/ Frame 4569 56 KB
19 KB 153ms
55ms Script
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://overkirliaan.com/tag.min.js

Requested by

Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6ff25efa17b3ef606970b0dfaea5635df630694c14abc9ca2ab14266267015ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-length: 18867
x-trace-id: 2c2abff319280df076fa6972487a3a99
pragma: no-cache
last-modified: Mon, 26 Apr 2021 10:39:29 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 4569 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6017
date: Wed, 28 Apr 2021 08:05:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 28 Apr 2021 10:05:02 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 7493 43 B
491 B 112ms
36ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=a2fad4a561f042f086e9eb26da226512

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=a2fad4a561f042f086e9eb26da226512&oaidts=1619603118

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 1EFA 2 KB
2 KB 198ms
174ms Document
text/html 2606:4700:3030::6815:2ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method: GET
:authority: ufpcdn.com
:scheme: https
:path: /script/identify.html?frmt=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://play.uclive.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://play.uclive.xyz/

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
content-type: text/html
set-cookie: __cfduid=d0911073027c3178aa3282f09673749331619603119; expires=Fri, 28-May-21 09:45:19 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=90fce3c1f91b2ee460fe01becd92af15e178ad9d-1619603119-1800-ASF9Ldoidacz5MhrV4YxykIM+HwZr+rYaQK03ovWOBVaN6k6RKhGY/ZpmI9kuzxjqq9riGn+fZGEGgfUKvFxwWs=; path=/; expires=Wed, 28-Apr-21 10:15:19 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09b97773ff00004ea3e00c9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s0Y93HaAqMdPYCHvEKwnQn5%2FzjUe1jgxtPJujhikF2aOlYiAqGlN2V6MS%2FYEdQGZUipS6Q%2BbjUofKlFHQRrLSo7fVLRefqN0rWHatuoN9xbkcDh%2BDkhx"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 646f5b666e6f4ea3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 204 options
onmarshtompor.com/ Frame 0
0 110ms
36ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/options?option_args=CN-d1QESIGEyZmFkNGE1NjFmMDQyZjA4NmU5ZWIyNmRhMjI2NTEyGi9odHRwOi8vbHV2YWlob28uY29tL2FwdS5waHA_em9uZWlkPTM0OTM1OTkmb289MSIaaHR0cHM6Ly92aWRlby53ZWJjcmljLmNvbS8yJDc0ZTgyNGQyLWJiNWQtNDgzZS04NTE5LTk0ODc4OTU0NzEyZA==

Protocol

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://video.webcric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 28 Apr 2021 09:45:19 GMT
access-control-allow-origin: https://video.webcric.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H2 200 options Show response
onmarshtompor.com/ 0
450 B 37ms
37ms XHR
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: luvaihoo.com
URL: https://luvaihoo.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://video.webcric.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: e419c1578fccfa89252547e00ce6d396
pragma: no-cache
date: Wed, 28 Apr 2021 09:45:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://video.webcric.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame E005 203 B
647 B 36ms
36ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=ac33a264576845deac295fcf65c283f4&oaidts=1619603119

Requested by

Host: overkirliaan.com
URL: https://overkirliaan.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

32760c4506d70f9f1ce859f87c82174d39c8e1468c364b4aef4f4e6d82cad606

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=ac33a264576845deac295fcf65c283f4&oaidts=1619603119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://play.uclive.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OAID=a2fad4a561f042f086e9eb26da226512; oaidts=1619603118
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://play.uclive.xyz/

Response headers

server: nginx
date: Wed, 28 Apr 2021 09:45:14 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 47cf60a64611b5489c3689ee658fc861
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 img.gif
my.rtmark.net/ Frame E005 43 B
490 B 36ms
36ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=a2fad4a561f042f086e9eb26da226512

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=ac33a264576845deac295fcf65c283f4&oaidts=1619603119

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 suurl.php Show response
onclickgenius.com/script/ Frame 4569 5 KB
2 KB 268ms
202ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickgenius.com/script/suurl.php?r=2682531&excluded_countries=RU%2CUA&cbrandom=0.07492789076345474&cbiframe=1&cbWidth=850&cbHeight=480&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=velocecdn.com
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: af359ef1d6e258b9fc4ea95c02fe81e9fd2af82c6435a8bd74de06d2a6c4b327

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Apr 2021 09:45:19 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 chrome.js Show response
velocecdn.com/script/ Frame 4569 36 KB
11 KB 23ms
22ms Script
application/javascript 2606:4700::6811:ad3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://velocecdn.com/script/chrome.js
Requested by: Host: video.webcric.com
URL: https://video.webcric.com/frame1.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ad3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1035
x-guploader-uploadid: ABg5-UzCEXuVJgFjTD_Ief9nzXY_jegLClurwD43lbc7sHJTS90biE66LucXcbxTSPUjdndongZrkMODbSmNRwIyniA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 09b97774b1000005c43fa5e000000001
last-modified: Mon, 14 Sep 2020 09:15:29 GMT
server: cloudflare
etag: W/"ef6565ab259dafbc08468b4d0bb46762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation: 1600074929755781
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 37300
cf-ray: 646f5b67895705c4-FRA
expires: Wed, 28 Apr 2021 13:45:19 GMT

OPTIONS
H2 204 options
onmarshtompor.com/ Frame 0
0 36ms
36ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/options?option_args=COuJywESIGFjMzNhMjY0NTc2ODQ1ZGVhYzI5NWZjZjY1YzI4M2Y0GjNodHRwOi8vb3ZlcmtpcmxpYWFuLmNvbS9hcHUucGhwP3pvbmVpZD0zMzI3MjExJm9vPTEiGGh0dHBzOi8vcGxheS51Y2xpdmUueHl6LzIkY2ExZTZlZGItMTQ2Yy00MGQ2LWFlOTktNjEwYTI5MDgyNDhm

Protocol

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.uclive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 28 Apr 2021 09:45:19 GMT
access-control-allow-origin: https://play.uclive.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H2 200 options Show response
onmarshtompor.com/ Frame 4569 0
450 B 39ms
38ms XHR
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: overkirliaan.com
URL: https://overkirliaan.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: b55e27f0e73b3866498070313c5302f0
pragma: no-cache
date: Wed, 28 Apr 2021 09:45:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://play.uclive.xyz
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 204
No Content playlist.m3u8 Show response
n03.quest123.top/live/webcrici19/ Frame 4569 0
134 B 155ms
36ms XHR
text/plain 81.171.17.186
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://n03.quest123.top:8088/live/webcrici19/playlist.m3u8?id=114304&pk=16e773993a887bdb96ab779d37a34ebd2c7289b6c2086d378a0cea06efa7ed68
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/resources/scripts/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.171.17.186 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: VidictMediaServer1.519 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://play.uclive.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Server: VidictMediaServer1.519
Connection: keep-alive
Content-Length: 0

GET
H3-29 404 38861cba61c66739c1452c3a71e39852.ttf
play.uclive.xyz/resources/scripts/ Frame 4569 0
0 78ms
78ms Font
text/html 2606:4700:3034::6815:2e1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play.uclive.xyz/resources/scripts/38861cba61c66739c1452c3a71e39852.ttf
Requested by: Host: play.uclive.xyz
URL: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2e1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://play.uclive.xyz
Referer: https://play.uclive.xyz/hembedplayer/webcrici19/3/850/480
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 09:45:20 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i%2Bc2Hv4sy6Yl6Gv3Q%2BrFkjyrkOgL8XFBUhCg6w7WdKurc%2FjH7izqgV4xezJJQoY9u0i6fx7VFi1oxBkxjd%2Fmaq5H0R8oCMHH1%2Bms3%2BAy46w45crnx1aMQm40nyY%3D"}],"max_age":604800}
content-type: text/html;charset=ISO-8859-1
cf-ray: 646f5b703806975a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b9777a280000975a7db05000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onmarshtompor.com/	1970-01-20 02:38:59	Name: oaidts Value: 1619603118
onmarshtompor.com/	1970-01-20 02:38:59	Name: OAID Value: a2fad4a561f042f086e9eb26da226512
.ufpcdn.com/	1970-01-19 17:53:24	Name: __cf_bm Value: 90fce3c1f91b2ee460fe01becd92af15e178ad9d-1619603119-1800-ASF9Ldoidacz5MhrV4YxykIM+HwZr+rYaQK03ovWOBVaN6k6RKhGY/ZpmI9kuzxjqq9riGn+fZGEGgfUKvFxwWs=
.video.webcric.com/	1970-01-19 17:53:26	Name: __PPU_BACKCLCK_3493599 Value: true
.webcric.com/	1970-01-19 18:36:35	Name: __cfduid Value: d83ae3fb9949270d437485ea132bd57461619603118

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://play.uclive.xyz/resources/scripts/clappr.min.js(Line 1) Message: %c[error][hlsjs: unrecoverable network fatal error.] color: #ff0000;font-weight: bold; font-size: 13px; [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

embed.uclive.xyz
en.webcric.com
escy55gxubl6.com
live.webcric.com
luvaihoo.com
my.rtmark.net
n03.quest123.top
onclickgenius.com
onmarshtompor.com
overkirliaan.com
play.uclive.xyz
ssl.google-analytics.com
ufpcdn.com
velocecdn.com
video.webcric.com
www.lquest123b.top
139.45.195.8
139.45.197.238
139.45.197.243
139.45.197.244
185.183.99.73
192.243.59.12
2606:4700:3030::6815:2ed2
2606:4700:3034::6815:2e1d
2606:4700:3034::ac43:deeb
2606:4700:3035::ac43:b5f2
2606:4700::6811:ad3e
2a00:1450:4001:829::2008
35.190.71.96
81.171.17.186
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
09cffe2d2bc5c27e577b3522036b7761812dbf0c5860fa871b68419b6038a8c5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
31ad296925c1d2e1ebf9a5801093648b09e30ef5eacaa11be49de33fcb54ab0b
32760c4506d70f9f1ce859f87c82174d39c8e1468c364b4aef4f4e6d82cad606
36b613ffb8df1007160d03e2b2f814daf990f5741d9849e686ce50b874418661
3bd8685ba939395aa62bb5e14872591312a4948e65047eae612372fc70666509
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5c67f5da4210bbf597b58d38e0d19aa093cd2fc6c2a82a13c0d23d100b5789d5
6ff25efa17b3ef606970b0dfaea5635df630694c14abc9ca2ab14266267015ff
8cec0941a906e2f3bc8c44cfeeaff7674967e9c932e7416e61a7040f50a514f7
a3ff679405552720c8acd96bdb846abaf5f9098ca3496407c9823304d15fded1
a7ddb560628192fb0efbe77e3696c828b9a4c455d15b10a05e8dcccf8bac9ce0
af359ef1d6e258b9fc4ea95c02fe81e9fd2af82c6435a8bd74de06d2a6c4b327
bf44798c035a4e1934c62a1a08007b4ba7e0ed8c4b561a4f5b4ab56b338040cc
c86c245d9648c26d70a8f7290c8d6edd1ef22ce176574729e84289b8b338ca0b
d2fe90e6ce8ac5b51d75a3a38d5811d2a8172f1ae5774d1e2e47c224e70672fa
df44ed947f270deb502e6ca743f77fe4d1553cdda16fe98f2d71b57d9851ab36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf89bfb56c7d668c21b314772a6001cc5d52fbca5062f8e5e46665d3f2c78d7
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

video.webcric.com Open in urlscan Pro 2606:4700:3035::ac43:b5f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

43 %IPv6

13 Domains

16 Subdomains

14 IPs

5 Countries

382 kBTransfer

1327 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

video.webcric.com Open in urlscan Pro
2606:4700:3035::ac43:b5f2 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

43 %
IPv6

13
Domains

16
Subdomains

14
IPs

5
Countries

382 kB
Transfer

1327 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions