URL: https://cricfree.pw/update/bt1
Submission: On November 06 via manual from RU — Scanned from DE

Summary

This website contacted 34 IPs in 7 countries across 31 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3035::6815:42d, located in United States and belongs to CLOUDFLARENET, US. The main domain is cricfree.pw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time cricfree.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.24 39572 (ADVANCEDH...)
2 45.133.44.25 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 157.90.84.242 24940 (HETZNER-AS)
4 144.76.28.254 24940 (HETZNER-AS)
1 168.119.25.22 24940 (HETZNER-AS)
2 4 2a01:4f8:e0:1... 24940 (HETZNER-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 46.105.201.240 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (STACKPATH...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:237... 16509 (AMAZON-02)
2 35.190.41.116 15169 (GOOGLE)
2 192.99.8.27 16276 (OVH)
2 168.119.25.20 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.64.106.19 13335 (CLOUDFLAR...)
2 65.9.66.33 16509 (AMAZON-02)
3 172.67.138.9 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 139.45.197.238 9002 (RETN-AS)
4 37.49.224.221 213371 (SQUITTER-...)
1 51.77.64.70 16276 (OVH)
76 34
Apex Domain
Subdomains
Transfer
10 gocast2.com
gocast2.com — Cisco Umbrella Rank: 94648
go2.gocast2.com — Cisco Umbrella Rank: 310336
706 KB
5 3cb004e947.com
633678338f.3cb004e947.com
65eb50053b.3cb004e947.com
14 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 126
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 475
208 KB
4 histats.com
s10.histats.com — Cisco Umbrella Rank: 12131
s4.histats.com — Cisco Umbrella Rank: 9462
9 KB
4 superfastcdn.com
superfastcdn.com — Cisco Umbrella Rank: 33574
120 KB
4 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 15357
static.a-ads.com — Cisco Umbrella Rank: 36047
1 MB
3 redanludb.xyz
redanludb.xyz
1 KB
3 cloudfront.net
d27x9po2cfinm5.cloudfront.net
107 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 959
118 KB
3 3bcd202415.com
0a9f0fde99.3bcd202415.com
102 KB
3 cricfree.pw
cricfree.pw
10 KB
2 waufooke.com
waufooke.com — Cisco Umbrella Rank: 142780
24 KB
2 anwhocam.xyz
anwhocam.xyz
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 17381
101 KB
2 adskeeper.com
s-img.adskeeper.com — Cisco Umbrella Rank: 14057
c.adskeeper.com — Cisco Umbrella Rank: 13505
47 KB
2 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 31421
6 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 11033
2 KB
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 26975
400 B
2 crichd.vip
stream.crichd.vip — Cisco Umbrella Rank: 345173
2 KB
2 4dsbanner.net
4dsbanner.net — Cisco Umbrella Rank: 728699
1 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 447
63 KB
1 web3-lab.com
asia.web3-lab.com — Cisco Umbrella Rank: 97447
690 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5233
334 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165
11 KB
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 25613
201 B
1 9anime.vip
ww1.9anime.vip
664 B
1 dramacool.tube
dramacool.tube
656 B
1 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 17171
238 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
54 KB
76 31
Domain Requested by
6 gocast2.com stream.crichd.vip
gocast2.com
4 go2.gocast2.com cdn.jsdelivr.net
4 accounts.google.com 2 redirects gocast2.com
4 cdn.jsdelivr.net gocast2.com
4 superfastcdn.com stream.crichd.vip
superfastcdn.com
gocast2.com
4 65eb50053b.3cb004e947.com 2 redirects 0a9f0fde99.3bcd202415.com
3 redanludb.xyz gocast2.com
3 d27x9po2cfinm5.cloudfront.net gocast2.com
anwhocam.xyz
3 code.jquery.com gocast2.com
3 0a9f0fde99.3bcd202415.com cricfree.pw
0a9f0fde99.3bcd202415.com
3 cricfree.pw cricfree.pw
2 waufooke.com gocast2.com
2 anwhocam.xyz d27x9po2cfinm5.cloudfront.net
2 pogothere.xyz d27x9po2cfinm5.cloudfront.net
2 static.bookmsg.com cricfree.pw
2 s4.histats.com s10.histats.com
2 youradexchange.com superfastcdn.com
2 s10.histats.com stream.crichd.vip
gocast2.com
2 static.a-ads.com ad.a-ads.com
2 ad.a-ads.com dramacool.tube
ww1.9anime.vip
2 fp.metricswpsh.com 0a9f0fde99.3bcd202415.com
2 stream.crichd.vip cricfree.pw
stream.crichd.vip
2 4dsbanner.net cricfree.pw
2 ajax.googleapis.com cricfree.pw
gocast2.com
1 asia.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 www.facebook.com gocast2.com
1 c.adskeeper.com cricfree.pw
1 s-img.adskeeper.com cricfree.pw
1 maxcdn.bootstrapcdn.com gocast2.com
1 nereserv.com 0a9f0fde99.3bcd202415.com
1 633678338f.3cb004e947.com 0a9f0fde99.3bcd202415.com
1 ww1.9anime.vip 4dsbanner.net
1 dramacool.tube 4dsbanner.net
1 js.wpadmngr.com 0a9f0fde99.3bcd202415.com
1 pagead2.googlesyndication.com cricfree.pw
76 36

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-10-17 -
2023-01-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-10-17 -
2023-01-09
3 months crt.sh
0a9f0fde99.3bcd202415.com
R3
2022-11-03 -
2023-02-01
3 months crt.sh
js.wpadmngr.com
R3
2022-09-17 -
2022-12-16
3 months crt.sh
*.gocast2.com
E1
2022-10-07 -
2023-01-05
3 months crt.sh
notification.tubecup.net
R3
2022-10-20 -
2023-01-18
3 months crt.sh
633678338f.3cb004e947.com
R3
2022-11-03 -
2023-02-01
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2021-12-08 -
2023-01-08
a year crt.sh
3cb004e947.com
R3
2022-11-03 -
2023-02-01
3 months crt.sh
*.superfastcdn.com
E1
2022-11-04 -
2023-02-02
3 months crt.sh
histats.com
R3
2022-09-30 -
2022-12-29
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-20 -
2023-06-20
a year crt.sh
bookmsg.com
R3
2022-09-17 -
2022-12-16
3 months crt.sh
*.pogothere.xyz
E1
2022-11-02 -
2023-01-31
3 months crt.sh
anwhocam.xyz
Amazon RSA 2048 M02
2022-10-23 -
2023-11-21
a year crt.sh
*.redanludb.xyz
E1
2022-10-23 -
2023-01-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-15 -
2022-11-13
3 months crt.sh
waufooke.com
R3
2022-10-26 -
2023-01-24
3 months crt.sh
go2.gocast2.com
R3
2022-10-19 -
2023-01-17
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-28 -
2022-11-27
a year crt.sh

This page contains 11 frames:

Primary Page: https://cricfree.pw/update/bt1
Frame ID: 6F40EA0284AE4858D0502F301795CBD7
Requests: 15 HTTP requests in this frame

Frame: https://4dsbanner.net/banner/static/300x250
Frame ID: 65D66FAE64DAF229356068FFA49B273C
Requests: 1 HTTP requests in this frame

Frame: https://4dsbanner.net/banner/native/728x90
Frame ID: FE9922333405BD8955CDE7EC19BFDFF7
Requests: 1 HTTP requests in this frame

Frame: https://stream.crichd.vip/update/bt1.php
Frame ID: EDF62D083FF08048B469344A07315544
Requests: 8 HTTP requests in this frame

Frame: https://dramacool.tube/banner_300x250
Frame ID: FFACDF020582385CA6EF0D5B347E8916
Requests: 1 HTTP requests in this frame

Frame: https://ww1.9anime.vip/banner_728x90
Frame ID: 11E521546536A7FCCBE647681823754A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2003357?size=300x250
Frame ID: CFAE49873825393E56B13F332C80ACFA
Requests: 3 HTTP requests in this frame

Frame: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Frame ID: 5834FF1D7E14C0180A0F16D1FF74CC95
Requests: 39 HTTP requests in this frame

Frame: https://ad.a-ads.com/1804593?size=728x90
Frame ID: 5A3A4B0D9C8DCEAA4C30FD1EFA442EB9
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0EAD91BB6B1B51F9C882F8546557DCD4
Requests: 19 HTTP requests in this frame

Frame: https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Frame ID: 50B08F826AA2226362FA2C8CF5754CA2
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Player

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

76
Requests

93 %
HTTPS

55 %
IPv6

31
Domains

36
Subdomains

34
IPs

7
Countries

3007 kB
Transfer

4967 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2255&price=0.0049&is_cpm=0&cpm=0&ecpm=0.5055159291660788&crid=&crtid=a248c2bc2b5718538c9d2d00088493cc&tcid=0&out_id=1&ver=7.13.0&ver_c=&refdom=cricfree.pw&hostname=auc-inpage-hz-3-c&site_id=3131515&spot_id=31515&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-06&is_native=2&auction_queue=0&burl=9e0j5VScwUgAJmzbJ879JO5vaC6QhvnXPMasxyAjYcMU47atyqToFw&pop_winurl=&ip=178.162.209.140&testab=0&px_id=3131515&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB17-17&min_cpm=0.0014358324975306902&placement_type_id=&skin_test=0&verify_hash=e6742a85cb86c1e6fd92fa281cde99ae&score=81.79400963029482&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2110042838%26spot_id%3D31515%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fcricfree.pw%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.0049&user_fp=0&v2_track=0&url=2SIqJLmaCt_-s8sQHCcZMPUcWtceeYzUO-jJ1pzr2NzMLND3t0YKNfqlKGgZWQx9JOXJmUfFWI0Z7ZdbRYHV6I5rkFZMefx8cLj2Vr8tbZj7fbHhA7nkv3g2PLyj4v9vQHIHfvFp5MYV2bwnc1CtnJW-Lo1O1O5vFwoWY7YP9gwhdB7npQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&skin_id=2&vertical_id=0&real_bid=0.00413217&pr=&user_keywords=&auc_type=1&aid=401&ext_cid=0&device_theme=light&keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=fdc56a3e-8466-43ea-ac1f-2437a9248519 HTTP 302
  • https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
Request Chain 66
  • https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2749&price=0.00058&is_cpm=0&cpm=0&ecpm=0.0020050895188883154&crid=Brainberries&crtid=d81d5a03f1d219ad08a0bb4282c7dca8&tcid=0&out_id=0&ver=7.13.0&ver_c=&refdom=cricfree.pw&hostname=auc-inpage-hz-3-c&site_id=3131515&spot_id=31515&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1667767325&created_at=2022-11-06&is_native=1&auction_queue=0&burl=qyd7Tnhb7wEWGOA1cEVkIG8WHChDVLPbnRI0nWPAT3zq_vBSAAqDlg&pop_winurl=&ip=178.162.209.140&testab=0&px_id=7331515&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB17-17&min_cpm=5.126275798684744e-05&placement_type_id=&skin_test=0&verify_hash=80c9ece107ed522f964311e6d55419c9&score=81.79400963029482&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2110042838%26spot_id%3D31515%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fcricfree.pw%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00058&user_fp=0&v2_track=0&url=TEz3Ub85_kptxyhYFHZnSMu5XXe6zjYsR7Ic5llv1h-3pudRHPQXu2jivuhs72RUQ-8NAaWxjGAalMyIo8Hu9RnFTbDXSn1sC6rv1rJYnjj_q5hLPHKd93HHMl8ObfvlQfnOL3CXABY13TvA2U-wwgpUEotpOHBpkQZs3otg2uycGp63V8qr3x42vPB9NTjiAWhn1SuRKCBZfH6YyM3C7Pg24ngfbSuMjWWTu3cp5xytW-Cz5_tgeAEcVVb_wQ4ddm1Eugq0B1fIuyTgYIehhaFOjHMDzD_KgKrWovH3WDvomdqBYDvi1prS79-3f4XJCztda9F3d8pMiorAlNWPZR_AJrYb3GxsjD_UxlEaMd2HdvyqzEqNl2wiVJLK&image_url=https%3A%2F%2Fs-img.adskeeper.com%2Fg%2F12581074%2F492x328%2F-%2FaHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4YThjNDE2ZDJhOGFmZjU3NS5qcGVn.webp%3Fv%3D1667731325-RyDq-q3cApGIl7SBD6Eq-om_nU2jzPa4qQVc1GQYDYE&skin_id=2&vertical_id=0&real_bid=0.00045907&pr=&user_keywords=&auc_type=1&aid=62&ext_cid=0&device_theme=light&keywords=&format=default-slide-b_r-body&cpa=a1717087-0c46-4ed7-9e39-027ca9960fe5 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515
Request Chain 73
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
Request Chain 74
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request bt1
cricfree.pw/update/
11 KB
4 KB
Document
General
Full URL
https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f18e292da6e248331f150ecf9b6effa903acbe7cadcf175b68cf5da86b32ab0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386c7aed922c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIr6UiidvKAbErYwEyBX%2F7dNpJoaz8rTdWzRIbOfQzRDvu5ZaSfE3kIH%2BKasrDjaqQq54OXZRyG7HOC01H1MjvV8VV8jKDXCUaI98VutnvdzzllgYlaZLKOXSQEMbfqmhIhfL%2Furzkiwhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.2)
x-varnish
413369887 356557132
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/
93 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 09:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 09:24:32 GMT
close-ads.png
cricfree.pw/images/
1 KB
2 KB
Image
General
Full URL
https://cricfree.pw/images/close-ads.png
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8971375d4c672bf14e4a54be807ae4df6c31e2ac45baf217eb216356129fcdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/update/bt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1193
last-modified
Sat, 07 May 2022 15:01:48 GMT
server
cloudflare
etag
"627689dc-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZODPeaVnaYNBo1loHCYee195hYb5TlN4wvTKK23GEfTlc%2FphnfAbB42WWvWiMGRK%2BAdRhbJRKitOZs2dX%2FlwBMFQ7vpkRtm6KdVNi0RbS9I%2BW1MQk6PXemGpe3rPn0f9RVh1k5J7RwVYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
213816186
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
765d386d3c39922c-FRA
dab.min.js
cricfree.pw/js/
11 KB
4 KB
Script
General
Full URL
https://cricfree.pw/js/dab.min.js
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8411c291ce76ba4fc168aff129da83e7193dedd181b468436bb27157d817b46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/update/bt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
via
1.1 varnish (Varnish/5.2)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Apr 2022 13:48:12 GMT
server
cloudflare
etag
W/"6254319c-2bdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwgIikCbyBWW%2F8pauuAO0Vc7m9nBMWrCqrIQY2LdnWBv896MXeXTa%2FlEfQR7Q6I0B2nLgHNmLzQykRTv3Lmln1wOWceo5%2Bvi4yWWFj2p9%2BUoalMHvvJOQ5%2Bi35cqdx9SDLklqJx0DvNMag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
103426126
content-type
application/javascript
cache-control
max-age=14400
cf-ray
765d386dacd0995c-FRA
300x250
4dsbanner.net/banner/static/ Frame 65D6
250 B
694 B
Document
General
Full URL
https://4dsbanner.net/banner/static/300x250
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b2a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97867cc54a1e7ae0de8fdcc7e3c8ac1b606c63d186cc529d26b3c24ef7306e35

Request headers

Referer
https://cricfree.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386dfec86939-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7I0si3G3Cv90w9tgttTQvFPJFLeFiFGHU3L1DT4jQZ7uVqXsrqazYBWPl9p9LT3BG6552mfFc4Ni%2FP329afAaaUcmk7aFuRef8FDbtmqBRVkQZ%2FgNRUuQHqid10I2t1hbiC%2B2qs1qU6xjey"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
728x90
4dsbanner.net/banner/native/ Frame FE99
248 B
500 B
Document
General
Full URL
https://4dsbanner.net/banner/native/728x90
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b2a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e2b19cb3a6b3ff4eb3047150c8a044fb1205c17b9f9824a81c2c9235e865f05

Request headers

Referer
https://cricfree.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386e0ecb6939-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcq68u8YPXjDSV%2FnuDZVB%2FHI6bSR%2FiVHTxYG5nwVWqToBrurihkRaXpeHDgusc%2FEGA%2BfqOWk9%2FabFpK40qaxKuUl8gqjWDrnV9TOJ%2FlQX%2BOXLRM3QJzWN4MnUe7C0E3L%2B7uSU2pew9tmm9G4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bt1.php
stream.crichd.vip/update/ Frame EDF6
1 KB
976 B
Document
General
Full URL
https://stream.crichd.vip/update/bt1.php
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a24d667576c16edf12d9700634499efa715c8854cb2cd85511162790ba4944ac

Request headers

Referer
https://cricfree.pw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386dffbb9b21-FRA
content-encoding
br
content-type
text/html
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXIqvPjs1X6dhqn9MRONiXusumvmK6qD9NPhFbddfNJlWIT3m3uYiqb0Bwmvl0i3gs4t8TZZGuHrKZy8USWSElm7BOjgDiIt3fJ%2BR%2BLyDq68YYHT7mDDyeTkodd%2B3UB4HaH65NQLnL4OSxzl%2FHvXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
169 KB
54 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/js/dab.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29e7c5257a418d2e0443211633b1dfbc36812a72ec9f73f313096ecefebb0e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55228
x-xss-protection
0
server
cafe
etag
1732045442113744308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 10:42:05 GMT
0a348d3f46c951ada0c150d7d5043bb9.js
0a9f0fde99.3bcd202415.com/
92 KB
34 KB
Script
General
Full URL
https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f10953260c9ddeedd18d7ca3ce3cd3b16e97461dff4d178d4cf4159e5dd73069

Request headers

Referer
https://cricfree.pw/
Origin
https://cricfree.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 06 Nov 2022 10:47:05 GMT
date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Nov 2022 13:27:00 GMT
server
nginx/1.18.0
etag
W/"63611ea4-171bc"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
44045
0a9f0fde99.3bcd202415.com/a401b5bb4b6b0804bdacecabf4cddf7e/
874 B
1 KB
XHR
General
Full URL
https://0a9f0fde99.3bcd202415.com/a401b5bb4b6b0804bdacecabf4cddf7e/44045?version_name=c
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bec822f91e7e14ce5a2bb23bdc971b9c5f7d63a63a0c63aef9baa5bf0082d0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 06 Nov 2022 10:47:05 GMT
date
Sun, 06 Nov 2022 10:42:05 GMT
server
nginx/1.18.0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
content-length
874
x-proxy-cache
EXPIRED
wp-banners.js
js.wpadmngr.com/npc/sdk/
0
238 B
Script
General
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 06 Nov 2022 10:47:05 GMT
date
Sun, 06 Nov 2022 10:42:05 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
banner_300x250
dramacool.tube/ Frame FFAC
214 B
656 B
Document
General
Full URL
https://dramacool.tube/banner_300x250
Requested by
Host: 4dsbanner.net
URL: https://4dsbanner.net/banner/static/300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:959a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c84d8894b17c340c1c398af71a4b2f6c7fcb1b1b446479576a0e58b3d2583d

Request headers

Referer
https://4dsbanner.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2922
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386edb82163f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztD0yF6%2F7gsSq1e6BVUCwadbhLdZpeZ%2FonfV%2BlX83D%2B5tdo8RCJgtLXNsV07N3Je5fGlgH%2FwW8FXjDxVtCFvwsRgVD2unIPY2g%2F%2BdQ0B%2BT8dmjc2iLjnsfSXaSM%2FYOQcPrGaVBhKhA5rgKgpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.2)
x-varnish
412976845 366167338
banner_728x90
ww1.9anime.vip/ Frame 11E5
220 B
664 B
Document
General
Full URL
https://ww1.9anime.vip/banner_728x90
Requested by
Host: 4dsbanner.net
URL: https://4dsbanner.net/banner/native/728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d666277aef4f050cbd97cd374d7c4f1851053730af2aaf94e533cef1a831b5f

Request headers

Referer
https://4dsbanner.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386ee8069247-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GSRV06EG1zEXt8vx4x97qBld7OK5Wn38FO1%2FnCmBbz5cY8KXmFh2CzCL%2B4DLyejbwf9mkVMAwvB9rNJB7ivbLCloBpFVvgU6vhEXrRL8ZUoFDEwCgSrwwkfAqyrF5q%2BIwoiJng3Yd43LZwnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.2)
x-varnish
402887571 404196332
gcrichd.js
gocast2.com/ Frame EDF6
1 KB
1 KB
Script
General
Full URL
https://gocast2.com/gcrichd.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d145ad36fca557bc8c44ecbe631e295982f084cd123850b51177225766bf3825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 03:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2510
etag
W/"636728e2-4df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDIjpYlMPlky%2BUpxC9986EuVEbMo1HdZGRwEZ%2BQ9e7t7AidQeQ0v2PYT10dVhoMR8Ql%2B%2FPY8Q%2BFSttoN9sLVujHwcQxa0ONX5aKH0N9BqdG6OvP8%2FU%2FtM3WPK6OiH%2BcMGB3tKXsNNy390A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
765d386f3af89b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z-5214935
stream.crichd.vip/ Frame EDF6
938 B
1 KB
Script
General
Full URL
https://stream.crichd.vip/z-5214935
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7a1c53396e4e1111eed4ffb4e61be65eeaf667df61dc855aee4aad738b471a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/update/bt1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 06 Nov 2022 10:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"636785dd-3aa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e6%2FJvMikyH5Gqo5SDrMKxbmDPxkKN3irX6PeVDmZ9eY4SiSzpxVG9fuHLWNQKtNiEJ8zmz%2BDgdA0IrFPtfXnF9BzTUHEvfggznM5F0V0g6alB1EqKjrlDPfTwbZpZi%2FZq3XRhCsKG4y3tCXD0pzww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
765d386f1be09bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
fp
fp.metricswpsh.com/ Frame
0
0
Preflight
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=44045
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cricfree.pw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://cricfree.pw
Connection
keep-alive
Date
Sun, 06 Nov 2022 10:42:05 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/
28 B
400 B
XHR
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=44045
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b25bb52b1e268a41258688299cd14fd3d9b3dec26f35fdf978f54cf28b1d59cd

Request headers

Referer
https://cricfree.pw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sun, 06 Nov 2022 10:42:05 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://cricfree.pw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
28
track
633678338f.3cb004e947.com/in/
0
207 B
XHR
General
Full URL
https://633678338f.3cb004e947.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjI2Nzg1MTM0ODM0OTg5NTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE1LjEiLCJ0YWdfaWQiOjQ0MDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiUGxheWVyJTIwIn0=
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:05 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
a92613f64e707b0d9422cc699cecabc2.js
0a9f0fde99.3bcd202415.com/
263 KB
67 KB
Script
General
Full URL
https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
45743d79e226db1759aaf6452e4a5325ffe6f1687de1f53f5eac3e8c0a3d41b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Sun, 06 Nov 2022 10:47:05 GMT
date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
last-modified
Thu, 03 Nov 2022 09:52:54 GMT
server
nginx/1.18.0
etag
W/"63638f76-41bd2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
2003357
ad.a-ads.com/ Frame CFAE
12 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/2003357?size=300x250
Requested by
Host: dramacool.tube
URL: https://dramacool.tube/banner_300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
63f8444c5cd956ff39912d8f8ef003d279928cabafbe62384c04ddf65a113712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dramacool.tube/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 06 Nov 2022 10:42:05 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://dramacool.tube/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
gcrichd.php
gocast2.com/ Frame 5834
130 KB
49 KB
Document
General
Full URL
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
8e321c1922f280086b0eb381999f9d90eeb334c6143784fad5d2b3de233c72ef

Request headers

Referer
https://stream.crichd.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
765d386fab529bf4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Nov 2022 10:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thTtagxP9Ap66jnqXf3A5OeIk8oqp1s%2FNVhjnl36J3EpJ1VN%2FhUuCdKr4Esl0fV1R6fygqs4x7RQZ%2BhtXhuG1ZAT3fRV98BTZbiI57r36%2B%2B2BGF2oANKBObJUeSh0v12pzx%2BjD9%2BPQLjkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
dip
nereserv.com/in/
0
201 B
XHR
General
Full URL
https://nereserv.com/in/dip?site=native-push&wl=0&event_id=1049e986-b3e8-4f5f-911c-04be9f36614b&subid=2110042838&sid=3918551584&spot_id=31515&created_at=2022-11-06&timezone=0&ver=7.13.0&is_native=1
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:05 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
65eb50053b.3cb004e947.com/in/
13 KB
13 KB
XHR
General
Full URL
https://65eb50053b.3cb004e947.com/in/multy
Requested by
Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
189dc16cc18c1cc5d571b94e745e9f55f84d4c30b117498d7f5ebf8c779caa44

Request headers

Referer
https://cricfree.pw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:06 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
13247
multy
65eb50053b.3cb004e947.com/in/ Frame
0
0
Preflight
General
Full URL
https://65eb50053b.3cb004e947.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cricfree.pw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Sun, 06 Nov 2022 10:42:05 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
300x250
static.a-ads.com/a-ads-banners/393780/ Frame CFAE
609 KB
610 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/2003357?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx /
Resource Hash
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
x-amz-version-id
jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4
last-modified
Tue, 31 May 2022 13:36:40 GMT
server
nginx
x-amz-request-id
02FDADRGGR0ZDXHD
etag
"022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
623504
x-amz-id-2
JPyRBEag82LALOcmJzFwaevqQqGg8iM5pew/0wkhf7b/MCsRMki9uz1N67f/h2Oo5Esdw4xOhXs=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame CFAE
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
bootstrap.js
superfastcdn.com/script/ Frame EDF6
98 KB
35 KB
Script
General
Full URL
https://superfastcdn.com/script/bootstrap.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/z-5214935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2344
x-guploader-uploadid
ADPycdt4b_PWjJRXIJiq1hdJwjcyLXpmhv8hZJ6_nF_IuOV6vEkU7kObu9aD4i-O1PnZ5ivx0bzdJrOUPkZu6ZtmV38V9sIyKmbb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df39N7N5mtSpe3XBlHs7Gy%2F%2Bt9GX9OvuLNDSejsVXaV4rcTCw7YPKWFtBPuzVgF7hfBgbAFYiTCHsgZr7o5JcHluWz8KEEqKws7hYss611V9ibUD9W3PjftqjiV2iMX8mowdJl6nSwmAPsGdw9mj"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
765d38704f2d9271-FRA
expires
Sun, 06 Nov 2022 10:48:59 GMT
js15_as.js
s10.histats.com/ Frame EDF6
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:32:55 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
797541927
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame 5834
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 04:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30281
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 04:35:50 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 5834
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
26208578
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
765d38709abc92c6-FRA
cdn-requestpullsuccess
True
jquery-latest.js
code.jquery.com/ Frame 5834
276 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-4508e"
vary
Accept-Encoding
x-hw
1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds254.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
embed.css
gocast2.com/css/ Frame 5834
537 B
698 B
Stylesheet
General
Full URL
https://gocast2.com/css/embed.css?ver=1.4.4
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:08:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2502
etag
W/"617bba25-219"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6YFtu7SCWFDYZF7L1rGLSyMXwuolDB0EpIX7Ihs4CI3FiiVKl3OWA7nEJlI%2Fk5QQzlXb2ThA6XVDAV%2Bw5PjKuD6VtbjHtOzOawN9slZ1KA0kQACdFXV0%2FoLqK0eb4kboD%2FZdD84nZjWIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
765d38707d9d9bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
code.jquery.com/ Frame 5834
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.0.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-1787d"
vary
Accept-Encoding
x-hw
1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds154.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33357
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame 5834
7 KB
3 KB
Script
General
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1c1f"
vary
Accept-Encoding
x-hw
1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
site.css
gocast2.com/css/ Frame 5834
199 B
596 B
Stylesheet
General
Full URL
https://gocast2.com/css/site.css
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:54:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2509
etag
W/"617bc4e2-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMDJmHHAzOgzD%2B8b33DxbIEsCQjqXbFAHJzZCBTvnWYo87q7PzqSllmx9mdCjycHfr%2B%2Bt8luGkZr6HcHe%2Bo%2B9YXZ3x24voDLaQgTwd1il%2FtLgZtYgTd081bTx56pKp7AdPV1Fd9kNIl5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
765d38707da09bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5834
513 KB
139 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
933
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViJegrmyBBoyrpNz6BBHVobzQ6zL79wMnWp6bO1Hf77qcoGH1%2BRxcNkdI%2Bb9w%2F9LQ%2FuygNvSTvlGFd3oCGttbU9x5knld0vL8r%2BPh3wXqITBdupFvO6gKqv7EXzjDlyhwe61T%2BnmujrewzjBglc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
765d38709e9d929f-FRA
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5834
186 KB
57 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5068bf4d0038f2fb3107d9e6fc326922073b8ac3bcaaa1724391f54f89b938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8201
x-jsd-version
2.5.1
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA, cache-yyz4568-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2e94b-GaSKxxXX+FG4zeRkuruQuN50UKE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LXIQ5YJD4kJGhMg%2FSNEQnU%2BGpZAQTcQ%2FoIdyhZ1n7kjI88u0uHbrulX9RGwIA5ziuhrJBjcCrVqy8aOpXLmoc7b8I9ZKkc3y42PofDy%2FxJOzGz1oyz6df5nP33yjAK2Bw9ANkLzf7sO7V4JaVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
765d38709e9f929f-FRA
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5834
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18927
x-jsd-version
2.0.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19157-FRA, cache-iad-kiad7000110-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLwU5dlpm4dT1CqediBAMEKJIPadW7P3WzNxaDMkrrQo7sGCYh9YLZHmiJW29yKY0qv33YkZx6r4a%2BYupmz5gDRm%2FxBYarmP6HwPrwv8O%2FlgotxhCbuFf%2BHHWgM9RSrFHs4mClP6uc3EweaoBxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
765d38709ea2929f-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 5834
30 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15329
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-itm18844-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6K%2B9F9hZVw5WN%2F0%2BSxyJB%2B%2B3DAs8ExfoFHXHVcRTShTSmJJtN3XeVL7gZIr6KLG%2BqCUo3YArT%2FbP34ZhtnXXKqhxuUuGP%2Fo0TtPKZ3P4CR%2FieDSGxiw1hZlOglhkGZKVpvjWEcGd938UjkKGbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
765d38709ea4929f-FRA
/
d27x9po2cfinm5.cloudfront.net/ Frame 5834
162 KB
53 KB
Script
General
Full URL
https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
009addfcb02e1b173a6dd6cc83a82417f8b23c971480d87600473d9997779a00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
53944
x-amz-cf-id
tmuSaHIwQYhzEGSvxY8vpqqyGCcXEwr3zam1zCqfzzrD4ebyVfF4Fw==
z-6330442
gocast2.com/ Frame 5834
938 B
1 KB
Script
General
Full URL
https://gocast2.com/z-6330442
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d3c35ed4dacca7d4ae8ca43494e21618390d22dd7dfdce2c8a2b410f39c876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 06 Nov 2022 10:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"636785e0-3aa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFWS%2F357lVO0sOHtisYhy3tTJjNLUpF2xPNY8PM7cVJTsEdsnnuaJyPpVVStXm5rB9Wuh4uWtPd1X9LbM%2FpEfhYmYVgwkWeQjHDb9j%2BBsYCxULywgXrG9YngGpsu1G7nGDRkMFCJRUUGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
765d38708dc89bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
ut.js
superfastcdn.com/script/ Frame EDF6
70 KB
26 KB
Script
General
Full URL
https://superfastcdn.com/script/ut.js?cb=1667731325567
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsl6utTBTX3CF_v6j20qQioSCFwS_tC1Q6FQL47I_5hNAeLccduh7Iu96YYlrZDZ2n0joUvmTFJPTFBm7dn8DVWrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwDtbX1dAnSPQKBp%2BEHRCuDp0UcRSUuHqGSfwXdsOrnHpoDwQGTEXsZ85C7BwNRaZKDqpyFBgZD7i5WYI3O6vL2YpDntcCJVFymiumRHIbU%2FvwCvyNxIMSKO01Q5cdNmkhFt7ASCse4BR5BDV6qa"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
765d3870fe976931-FRA
expires
Sun, 06 Nov 2022 10:53:55 GMT
1804593
ad.a-ads.com/ Frame 5A3A
12 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/1804593?size=728x90
Requested by
Host: ww1.9anime.vip
URL: https://ww1.9anime.vip/banner_728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
4bfa8a7a3679231faaa4477043ad1065e09f4a9acb54856484da6dedb8e41471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ww1.9anime.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 06 Nov 2022 10:42:05 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://ww1.9anime.vip/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
suurl4.php
youradexchange.com/script/ Frame EDF6
1 KB
1 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5214935&cbur=0.5166918466757926&cbiframe=1&cbWidth=682&cbHeight=490&cbtitle=&cbpage=https%3A%2F%2Fcricfree.pw%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0&chmob=?0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
2dd3ccdaf97312cae5795da4f1003b9bdb569a10076b80e7dfdbaf08b32bc728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 06 Nov 2022 10:42:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
0.php
s4.histats.com/stats/ Frame EDF6
53 B
187 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4599824&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fcricfree.pw%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:169256149&@b3:1667731326&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fbt1.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
c27b19d10fc675cfeef8c03f43008192ec4cd69556ad0d994b21826be7d57da9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 06 Nov 2022 10:42:05 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
728x90
static.a-ads.com/a-ads-banners/393754/ Frame 5A3A
674 KB
676 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1804593?size=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx /
Resource Hash
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:05 GMT
x-amz-version-id
Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified
Tue, 31 May 2022 13:28:31 GMT
server
nginx
x-amz-request-id
0VE498QY9AD8TBY9
etag
"17ab32789bf26b9a63481f7a9a076d53"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
690666
x-amz-id-2
LPkLhpcZSj7pYO7qwZ3hpa80oERL4dC9QjUWYTfI0GGCOwvQjQv+p7WrIj001CFOHYzsTfj3MY0=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 5A3A
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/
Redirect Chain
  • https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2255&price=0.0049&is_cpm=0&cpm=0&ecpm=0.50551592...
  • https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
1 KB
1 KB
Image
General
Full URL
https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Server
168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.20.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:06 GMT
last-modified
Mon, 30 Nov 2020 08:59:32 GMT
server
nginx/1.18.0
etag
"5fc4b474-41c"
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
content-length
1052

Redirect headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:06 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
location
https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/
5 KB
5 KB
Image
General
Full URL
https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.20.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cricfree.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:06 GMT
last-modified
Mon, 30 Nov 2020 08:59:32 GMT
server
nginx/1.18.0
etag
"5fc4b474-1208"
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
content-length
4616
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0EAD
110 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4Y...
s-img.adskeeper.com/g/12581074/492x328/-/ Frame 0EAD
46 KB
46 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/12581074/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4YThjNDE2ZDJhOGFmZjU3NS5qcGVn.webp?v=1667731325-RyDq-q3cApGIl7SBD6Eq-om_nU2jzPa4qQVc1GQYDYE
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22dc44a33d600dd6f5e0eced981ee4961decd62d6aa58e4cf3c96f907d3132fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:06 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 09:41:42 GMT
x-mg-request-uuid
d0fb157e-3b63-4bdb-92aa-d69f895a5089
server
cloudflare
age
5633035
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
765d3877bdf6bbaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47266
truncated
/ Frame 0EAD
483 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
c
c.adskeeper.com/ Frame 0EAD
Redirect Chain
  • https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2749&price=0.00058&is_cpm=0&cpm=0&ecpm=0.0020050...
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a...
43 B
247 B
Image
General
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515
Requested by
Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol
H2
Server
2606:4700::6812:52a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:06 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a4671a1e-13f8-457a-8ad6-99627af5c060
server
cloudflare
content-type
image/gif
cf-ray
765d3877a8a15bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:06 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
location
https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
asd100.bin
pogothere.xyz/ Frame 5834
100 KB
101 KB
Fetch
General
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 06 Nov 2022 10:33:08 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://gocast2.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjKYZOFm2BE3%2FHbwhLrruyQBzfEKqk1RqlATaUgJo0EYQlzk0XnyrLFgfoXYFedYz0rAA8eJltJMWPI8%2Ba9EMaTah1C3ePGYdPUy4hX9AbmaWVkfYlMEpFLXFOVsb2tV"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
765d387e48539078-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ Frame 5834
26 B
369 B
Fetch
General
Full URL
https://pogothere.xyz/
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb56d22065e13ede08f7480ab3bfc0c46264f0070c3af3081b80349220d5ed9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY4j4v5N3PGN8F63FBxKkDwCdTe%2FHinMEDE0xvd4g6E8jEOeBSPjXYGjKYdcyYvLsTDUGlaNtuaV%2FeIhsOobbvYPbLkxDNv2xQ00rdITsyqGqa3yIQLZG5KS4aeHE64%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://gocast2.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
765d387e48559078-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
anwhocam.xyz/ Frame 5834
0
485 B
XHR
General
Full URL
https://anwhocam.xyz/utx?cb=3Bgd8YG8U7Zd&top=gocast2.com&tid=969390
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:07 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://gocast2.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
7ocZI4zjzjf7An4G7ptz_Azviy2b2TsRt7bmSotJ4cSJwrjWZhE7SA==
Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkP...
anwhocam.xyz/ Frame 50B0
3 KB
2 KB
Document
General
Full URL
https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-33.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e5b37e08160ce322948052d44c51f3229577a4e7025a7b3af0783e608c9c9dc9

Request headers

Referer
https://gocast2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1231
content-type
text/html
date
Sun, 06 Nov 2022 10:42:07 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-id
Qa0iLFmDW7wua8Ifcxqhdoj_gZ5aEXE5lAHU9bJOz_0G7PtmA7d6gg==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
Vh02CiFNUi5Rf15HbEJ9QFppSjtNRX4YPhETZV1oAAAsAHNBQm5beUNFa155Rk1g
redanludb.xyz/WGxOcHR3Uy0DSQ0qPiYjDAAgEiMOHg0dPjc1I0A4Al46GhYvKWgEHTxRd0ZNa1V+VgQxCHNBUisYLwQBK1F/ Frame 5834
0
411 B
Image
General
Full URL
https://redanludb.xyz/WGxOcHR3Uy0DSQ0qPiYjDAAgEiMOHg0dPjc1I0A4Al46GhYvKWgEHTxRd0ZNa1V+VgQxCHNBUisYLwQBK1F/Vh02CiFNUi5Rf15HbEJ9QFppSjtNRX4YPhETZV1oAAAsAHNBQm5beUNFa155Rk1g
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69YLnZsWQjFrEGzQaY2a5ajnBrmc%2BI0stxkS5KmiAS%2F1Z1wHewJaRMVB%2FFEFvZfu8ItzJjjjz%2Bpc5hHDWrYBhOrSX%2FIMM5p8iQfC%2F4LGM9s%2FizGXq7MS7%2FGV7wnwCIjj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
765d387e8ae1b8ba-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ Frame 5834
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

identifier
accounts.google.com/v3/signin/ Frame 5834
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Sun, 06 Nov 2022 10:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aVNe9g52-XqQs8RAXlxV0g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
396
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/ Frame 5834
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Sun, 06 Nov 2022 10:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xut1At0M-xHv8icTyiu5dw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
396
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
d27x9po2cfinm5.cloudfront.net/ Frame 5834
162 KB
53 KB
Fetch
General
Full URL
https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff6b56b663dfd32dc3ecb48f3cef1d167bd48a62d23fe239de52ebcb5d898792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
gzip
via
1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://gocast2.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
53943
x-amz-cf-id
Ygr1AAGvBb7K9OBPxovo__t8ZcSteNXyu6dJI3KpQmjUhacBj_hX5Q==
bootstrap.js
superfastcdn.com/script/ Frame 5834
98 KB
34 KB
Script
General
Full URL
https://superfastcdn.com/script/bootstrap.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2482
x-guploader-uploadid
ADPycdv6ZB2WhmWCPa_u0F9c9EuXkW3AgM7PIcuOjXMKXaODxuBZsGTwgtJmnivLnqW-0hJE5IZEacSFPOnez6_pY9NZDE-BUEh9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcoM6U3aY7lMnq92bKp1xzjtadFZC1rnMHKQyhi5Ems0u5N9dS1PC1CTwaTWQBCOR3Q8MAQYMHKwMDdIa5CbRR4ruu6TIivTUovmsXgFo5slm8pj4YRGMw1I4c48597vEoSk9tS29KjQ3EvzcNa6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
765d387e58066931-FRA
expires
Sun, 06 Nov 2022 11:00:28 GMT
gcrichd.php
gocast2.com/ Frame 5834
0
465 B
XHR
General
Full URL
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPtJ%2FISKWrdSfF3a2Nr9F9mTEnUOGxs%2BTqFe8RekABDr3JK5HNnsUvNO65GmFos0ra4DO%2BN%2Bcy4zXYkNAG44zbtijCn3L%2Brcxbis79MY%2BROmY0xD%2FSAZSP6qLr39eSxBeFR3o%2BJYpV6D1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
765d387e9ce69bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
waufooke.com/5/5492412/ Frame 5834
0
432 B
XHR
General
Full URL
https://waufooke.com/5/5492412/?oo=1&aab=1
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sun, 06 Nov 2022 10:42:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://gocast2.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
waufooke.com/ Frame 5834
72 KB
23 KB
Script
General
Full URL
https://waufooke.com/tag.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0ca8067ecda32d8eb63804ae83f2183c3ae3c49e9c05eaa50e15dc46f0735ee8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
23234
x-trace-id
55fb8feb4b27627050b02ef643205b89
pragma
no-cache
last-modified
Thu, 03 Nov 2022 15:02:17 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
js15_as.js
s10.histats.com/ Frame 5834
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:32:55 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
797541927
bbtsp1.m3u8
go2.gocast2.com/hls/ Frame 5834
551 B
1 KB
XHR
General
Full URL
https://go2.gocast2.com:999/hls/bbtsp1.m3u8?md5=mM9VAdlAc4e-N7DfWOXYjg&expires=1667738510
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified
Sun, 06 Nov 2022 10:42:06 GMT
Server
nginx/1.20.1
ETag
"63678f7e-227"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
551
Expires
Sun, 06 Nov 2022 10:42:06 GMT
ut.js
superfastcdn.com/script/ Frame 5834
70 KB
26 KB
Script
General
Full URL
https://superfastcdn.com/script/ut.js?cb=1667731327807
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsl6utTBTX3CF_v6j20qQioSCFwS_tC1Q6FQL47I_5hNAeLccduh7Iu96YYlrZDZ2n0joUvmTFJPTFBm7dn8DVWrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGVvF7UrkRicXUmqzExg56mv9tWh8HuDPbIyUEbS3w8BGLEvLJIMeuuoayx0b5fyMpE9EB6qlZO5BDEBK5uW7AzxB%2Bd0yIhyw7p3fkH10U6YB2mcwSTcbgFg4itrVcjEUmbELUDbrFnidG1rQ18R"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
765d387ec8f96931-FRA
expires
Sun, 06 Nov 2022 10:53:55 GMT
suurl4.php
youradexchange.com/script/ Frame 5834
1 KB
845 B
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=6330442&cbur=0.2322429278330631&cbiframe=1&cbWidth=666&cbHeight=474&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0&chmob=?0
Requested by
Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
02b2fcb691a3fa30071661e849e9ac1cc1b196b9ef16f33eed152aaa2bf5bb21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
0.php
s4.histats.com/stats/ Frame 5834
54 B
188 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4704973&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mgocast2.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fstream.crichd.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:94838076&@b3:1667731328&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgocast2.com%2Fgcrichd.php%3Fplayer%3Ddesktop%26live%3Dbbtsp1&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
56c7a8a04536db7cf11a22e100adda99fe0199f9c041f874b6e00c2a26960942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 06 Nov 2022 10:42:08 GMT
Connection
close
Content-Length
54
Content-Type
text/html;charset=UTF-8
aHMQYw1jcQUnJih1AXV8BGYHYDdwdxx1fX-YiRSAjIzRQMiQvNxBiCXNwAn58cGYHYGctK0E9I2NxdnV9di9cOypjcQU3KiUoWnlqdHNWOD0pLlB1fQByBWdhdm0AY39ybQ1nanRzRjEpJzFcdX0AdgZnYXV1EyVydw
d27x9po2cfinm5.cloudfront.net/4UE9GQzUzICglCiQmIn4MZnZ1egV2JTUsWyByFhJxPz8HN0YlNTcnEyQ1In4FdiMnLVJtaSMtVm1+YCJRMnJyZUEgIC1+UCI+KyBSOT0wLxMlLnsuWiomKi9UdX0AdhtganRzHScmKCdaJzxjcQU+O2NxBWF/ Frame 50B0
664 B
759 B
Script
General
Full URL
https://d27x9po2cfinm5.cloudfront.net/4UE9GQzUzICglCiQmIn4MZnZ1egV2JTUsWyByFhJxPz8HN0YlNTcnEyQ1In4FdiMnLVJtaSMtVm1+YCJRMnJyZUEgIC1+UCI+KyBSOT0wLxMlLnsuWiomKi9UdX0AdhtganRzHScmKCdaJzxjcQU+O2NxBWF/aHMQYw1jcQUnJih1AXV8BGYHYDdwdxx1fX-YiRSAjIzRQMiQvNxBiCXNwAn58cGYHYGctK0E9I2NxdnV9di9cOypjcQU3KiUoWnlqdHNWOD0pLlB1fQByBWdhdm0AY39ybQ1nanRzRjEpJzFcdX0AdgZnYXV1EyVydw
Requested by
Host: anwhocam.xyz
URL: https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
faa03c7fedd07d4259ce8cc60aec3f837a15c74275a74781fc581d336ccaf997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://anwhocam.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:07 GMT
content-encoding
gzip
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
482
x-amz-cf-id
Q2dj6cvaEJGGW6WYwGBjLgAyTRtL_krVeF6bR2TvyMLheYOe_Y8RHA==
bbtsp1.m3u8
go2.gocast2.com/hls/ Frame 5834
551 B
1 KB
XHR
General
Full URL
https://go2.gocast2.com:999/hls/bbtsp1.m3u8?md5=mM9VAdlAc4e-N7DfWOXYjg&expires=1667738510
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified
Sun, 06 Nov 2022 10:42:06 GMT
Server
nginx/1.20.1
ETag
"63678f7e-227"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
551
Expires
Sun, 06 Nov 2022 10:42:06 GMT
bbtsp1-23636.ts
go2.gocast2.com/hls/ Frame 5834
650 KB
650 KB
XHR
General
Full URL
https://go2.gocast2.com:999/hls/bbtsp1-23636.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0227e73bbc82473c853accd160b3a4ceed0a02f04d10c5e348c66d7366e86f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified
Sun, 06 Nov 2022 10:40:49 GMT
Server
nginx/1.20.1
ETag
"63678f31-a26f4"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
665332
Expires
Sun, 06 Nov 2022 10:42:06 GMT
json
pro.ip-api.com/ Frame 5834
178 B
334 B
Fetch
General
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
9360d6dc1a2fdec65b711956b244c4e78cf8f09a210ae84cce9ef0677fff42bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 06 Nov 2022 10:42:07 GMT
Content-Length
178
Content-Type
application/json; charset=utf-8
41ddff42-5110-449b-bdb3-84c77c3d6828
https://gocast2.com/ Frame 5834
61 KB
0
Other
General
Full URL
blob:https://gocast2.com/41ddff42-5110-449b-bdb3-84c77c3d6828
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
dW4weUVaUVMKeBY2chMgGwJ3K3Q7J2MSCzY4dUwJJwV2LxEwKxYNLBFTCU98RlcAXzUcCg1IYwYaUQ0wBlMDSXVESFkXIxpTAEl1REhGRHRbXQRXdkVAAV8wSFkBQHNDVgZPdkNXAUlxQEhECSQSUwFfNQEaXER0Q1gHTnZEXQJOfEFd
redanludb.xyz/ Frame 5834
0
430 B
Image
General
Full URL
https://redanludb.xyz/dW4weUVaUVMKeBY2chMgGwJ3K3Q7J2MSCzY4dUwJJwV2LxEwKxYNLBFTCU98RlcAXzUcCg1IYwYaUQ0wBlMDSXVESFkXIxpTAEl1REhGRHRbXQRXdkVAAV8wSFkBQHNDVgZPdkNXAUlxQEhECSQSUwFfNQEaXER0Q1gHTnZEXQJOfEFd
Requested by
Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:42:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqOIVscLSyBspCxrDM%2F86e0yFF%2FfLgPpJWAkPkMinY9OR%2FZUtj70qOUDQRIEpm7QSUkLkvU5l9Pr8pAZdsLBMUKwvdI%2BHX8aXEBL0jUQueziUXKhaq4DNug2pfuT%2FCI6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
765d387fce05b7a8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
channel
asia.web3-lab.com/v1/ Frame 5834
338 B
690 B
Fetch
General
Full URL
https://asia.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b8284f7e1c3967a53225fe4841208bfe3586dc09d0b0072a93cef8ee76788c

Request headers

Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 06 Nov 2022 10:42:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ8%2FQwvrDBrHHrvaycfJdsTzES2KQRc3O5%2Fz0ef9e06S0txt6P2ydLlMyyfpvo6TJvXXSKmq7H%2BRsuWgducJs6jzrxCeIu8So0EOzedkl2rsKu0hr8Y1bNlbp15qUuO%2FcGo8E5f68fzUT%2Bw1SXrshQKplkDN"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
765d387fff55915e-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
bbtsp1-23636.ts
go2.gocast2.com/hls/ Frame 5834
1 B
400 B
XHR
General
Full URL
https://go2.gocast2.com:999/hls/bbtsp1-23636.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-0

Response headers

Date
Sun, 06 Nov 2022 10:42:08 GMT
Last-Modified
Sun, 06 Nov 2022 10:40:49 GMT
Server
nginx/1.20.1
ETag
"63678f31-a26f4"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/665332
Cache-Control
no-cache, no-cache
Connection
keep-alive
Content-Length
1
Expires
Sun, 06 Nov 2022 10:42:07 GMT
popunder.gif
redanludb.xyz/ Frame 5834
35 B
504 B
Image
General
Full URL
https://redanludb.xyz/popunder.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
public
date
Sun, 06 Nov 2022 10:42:08 GMT
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 23:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40726
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPdsY7Sk5bgBPMRzMyNgKfY61w%2FZbtLURia7X3Zs1zox77t1b2JjMOpo552veuZ6Ezeqw80T2q8K1xzokezvPZxN3DmDbcC3aZCdLVqHi5NiWUgu3G7N2lt03fIpqwKU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
765d38814f8bb7a8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| R function| X string| checkStatus object| element object| devtools function| _0x6c17 function| _0xa516 function| dab object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| activesInpages function| __fp-init

4 Cookies

Domain/Path Name / Value
4dsbanner.net/ Name: viewed_300x250
Value: 1
4dsbanner.net/ Name: viewed_728x90
Value: 1
fp.metricswpsh.com/ Name: id
Value: 15112038202593677452
pogothere.xyz/ Name: csu
Value: 719668663691045@1@1667731327

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a9f0fde99.3bcd202415.com
4dsbanner.net
633678338f.3cb004e947.com
65eb50053b.3cb004e947.com
accounts.google.com
ad.a-ads.com
ajax.googleapis.com
anwhocam.xyz
asia.web3-lab.com
c.adskeeper.com
cdn.jsdelivr.net
code.jquery.com
cricfree.pw
d27x9po2cfinm5.cloudfront.net
dramacool.tube
fp.metricswpsh.com
go2.gocast2.com
gocast2.com
js.wpadmngr.com
maxcdn.bootstrapcdn.com
nereserv.com
pagead2.googlesyndication.com
pogothere.xyz
pro.ip-api.com
redanludb.xyz
s-img.adskeeper.com
s10.histats.com
s4.histats.com
static.a-ads.com
static.bookmsg.com
stream.crichd.vip
superfastcdn.com
waufooke.com
ww1.9anime.vip
www.facebook.com
youradexchange.com
139.45.197.238
144.76.28.254
157.90.84.242
168.119.25.20
168.119.25.22
172.64.106.19
172.67.138.9
192.99.8.27
2001:4de0:ac18::1:a:2a
2600:9000:237d:e000:14:63a1:c340:21
2606:4700:3030::6815:42d2
2606:4700:3031::6815:888
2606:4700:3032::ac43:bbd6
2606:4700:3034::ac43:959a
2606:4700:3034::ac43:b2a8
2606:4700:3035::6815:42d
2606:4700::6810:5814
2606:4700::6812:42a
2606:4700::6812:52a
2606:4700::6812:bcf
2a00:1450:4001:806::200d
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a01:4f8:e0:19cb::1
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
35.190.41.116
37.49.224.221
45.133.44.24
45.133.44.25
46.105.201.240
51.77.64.70
65.9.66.33
009addfcb02e1b173a6dd6cc83a82417f8b23c971480d87600473d9997779a00
0227e73bbc82473c853accd160b3a4ceed0a02f04d10c5e348c66d7366e86f43
02b2fcb691a3fa30071661e849e9ac1cc1b196b9ef16f33eed152aaa2bf5bb21
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
0ca8067ecda32d8eb63804ae83f2183c3ae3c49e9c05eaa50e15dc46f0735ee8
189dc16cc18c1cc5d571b94e745e9f55f84d4c30b117498d7f5ebf8c779caa44
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
22dc44a33d600dd6f5e0eced981ee4961decd62d6aa58e4cf3c96f907d3132fa
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
29e7c5257a418d2e0443211633b1dfbc36812a72ec9f73f313096ecefebb0e2f
2dd3ccdaf97312cae5795da4f1003b9bdb569a10076b80e7dfdbaf08b32bc728
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44
36c84d8894b17c340c1c398af71a4b2f6c7fcb1b1b446479576a0e58b3d2583d
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3c7a1c53396e4e1111eed4ffb4e61be65eeaf667df61dc855aee4aad738b471a
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
45743d79e226db1759aaf6452e4a5325ffe6f1687de1f53f5eac3e8c0a3d41b4
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4bfa8a7a3679231faaa4477043ad1065e09f4a9acb54856484da6dedb8e41471
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56c7a8a04536db7cf11a22e100adda99fe0199f9c041f874b6e00c2a26960942
63f8444c5cd956ff39912d8f8ef003d279928cabafbe62384c04ddf65a113712
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6f18e292da6e248331f150ecf9b6effa903acbe7cadcf175b68cf5da86b32ab0
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
88d3c35ed4dacca7d4ae8ca43494e21618390d22dd7dfdce2c8a2b410f39c876
8d666277aef4f050cbd97cd374d7c4f1851053730af2aaf94e533cef1a831b5f
8e321c1922f280086b0eb381999f9d90eeb334c6143784fad5d2b3de233c72ef
9360d6dc1a2fdec65b711956b244c4e78cf8f09a210ae84cce9ef0677fff42bd
97867cc54a1e7ae0de8fdcc7e3c8ac1b606c63d186cc529d26b3c24ef7306e35
9e2b19cb3a6b3ff4eb3047150c8a044fb1205c17b9f9824a81c2c9235e865f05
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a24d667576c16edf12d9700634499efa715c8854cb2cd85511162790ba4944ac
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b25bb52b1e268a41258688299cd14fd3d9b3dec26f35fdf978f54cf28b1d59cd
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c
bec822f91e7e14ce5a2bb23bdc971b9c5f7d63a63a0c63aef9baa5bf0082d0fa
c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd
c27b19d10fc675cfeef8c03f43008192ec4cd69556ad0d994b21826be7d57da9
ca5068bf4d0038f2fb3107d9e6fc326922073b8ac3bcaaa1724391f54f89b938
d145ad36fca557bc8c44ecbe631e295982f084cd123850b51177225766bf3825
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d3b8284f7e1c3967a53225fe4841208bfe3586dc09d0b0072a93cef8ee76788c
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d8411c291ce76ba4fc168aff129da83e7193dedd181b468436bb27157d817b46
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b37e08160ce322948052d44c51f3229577a4e7025a7b3af0783e608c9c9dc9
eb56d22065e13ede08f7480ab3bfc0c46264f0070c3af3081b80349220d5ed9c
f10953260c9ddeedd18d7ca3ce3cd3b16e97461dff4d178d4cf4159e5dd73069
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f8971375d4c672bf14e4a54be807ae4df6c31e2ac45baf217eb216356129fcdb
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
faa03c7fedd07d4259ce8cc60aec3f837a15c74275a74781fc581d336ccaf997
ff6b56b663dfd32dc3ecb48f3cef1d167bd48a62d23fe239de52ebcb5d898792