Submitted URL: http://stream.crichd.vip/update/skys1.php
Effective URL: https://stream.crichd.vip/update/skys1.php
Submission: On October 03 via manual from RO — Scanned from DE

Summary

This website contacted 17 IPs in 8 countries across 17 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3031::6815:888, located in United States and belongs to CLOUDFLARENET, US. The main domain is stream.crichd.vip. The Cisco Umbrella rank of the primary domain is 557855.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2022. Valid for: a year.
This is the only time stream.crichd.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 35.190.41.116 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a04:4e42:400... 54113 (FASTLY)
1 4 178.162.196.156 28753 (LEASEWEB-...)
2 192.99.8.27 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.197.239 9002 (RETN-AS)
6 185.209.15.66 213371 (SQUITTER-...)
1 51.77.64.70 16276 (OVH)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
40 17
Apex Domain
Subdomains
Transfer
6 cdn786.com
play3.cdn786.com — Cisco Umbrella Rank: 345197
1 MB
6 fclecteur.com
fclecteur.com — Cisco Umbrella Rank: 320025
27 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492
205 KB
4 histats.com
s10.histats.com — Cisco Umbrella Rank: 11345
s4.histats.com — Cisco Umbrella Rank: 9126
9 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 977
118 KB
2 ugroocuw.net
ugroocuw.net — Cisco Umbrella Rank: 69576
23 KB
2 uptimecdn.com
uptimecdn.com — Cisco Umbrella Rank: 186200
60 KB
2 vmuid.com
vmuid.com — Cisco Umbrella Rank: 81095
11 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 9635
2 KB
2 achcdn.com
achcdn.com — Cisco Umbrella Rank: 62063
60 KB
2 crichd.vip
stream.crichd.vip — Cisco Umbrella Rank: 557855
2 KB
1 web3-lab.com
asia.web3-lab.com — Cisco Umbrella Rank: 89797
749 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5857
317 B
1 tartator.com
tartator.com — Cisco Umbrella Rank: 27669
137 KB
1 origunix.com
origunix.com — Cisco Umbrella Rank: 107463
373 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1229
11 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
30 KB
40 17
Domain Requested by
6 play3.cdn786.com cdn.jsdelivr.net
6 fclecteur.com stream.crichd.vip
fclecteur.com
4 cdn.jsdelivr.net fclecteur.com
3 code.jquery.com fclecteur.com
2 ugroocuw.net fclecteur.com
2 uptimecdn.com fclecteur.com
uptimecdn.com
2 s4.histats.com s10.histats.com
2 vmuid.com fclecteur.com
vmuid.com
2 s10.histats.com stream.crichd.vip
fclecteur.com
2 youradexchange.com achcdn.com
uptimecdn.com
2 achcdn.com stream.crichd.vip
achcdn.com
2 stream.crichd.vip 1 redirects
1 asia.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 tartator.com fclecteur.com
1 origunix.com 1 redirects
1 maxcdn.bootstrapcdn.com fclecteur.com
1 ajax.googleapis.com fclecteur.com
40 18

This site contains links to these domains. Also see Links.

Domain
youradexchange.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-03
a year crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-20 -
2023-06-20
a year crt.sh
histats.com
R3
2022-09-30 -
2022-12-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh
vmuid.com
R3
2022-09-18 -
2022-12-17
3 months crt.sh
ugroocuw.net
R3
2022-09-01 -
2022-11-30
3 months crt.sh
play3.cdn786.com
R3
2022-09-27 -
2022-12-26
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-28 -
2022-11-27
a year crt.sh

This page contains 2 frames:

Primary Page: https://stream.crichd.vip/update/skys1.php
Frame ID: F367CC03A81F99CB75CC1968027680F2
Requests: 7 HTTP requests in this frame

Frame: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Frame ID: 42BC0E544F3BB42AB17DA9C05311BCC1
Requests: 33 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://stream.crichd.vip/update/skys1.php HTTP 301
    https://stream.crichd.vip/update/skys1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

95 %
HTTPS

56 %
IPv6

17
Domains

18
Subdomains

17
IPs

8
Countries

2024 kB
Transfer

3266 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://stream.crichd.vip/update/skys1.php HTTP 301
    https://stream.crichd.vip/update/skys1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://origunix.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113 HTTP 302
  • https://tartator.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request skys1.php
stream.crichd.vip/update/
Redirect Chain
  • http://stream.crichd.vip/update/skys1.php
  • https://stream.crichd.vip/update/skys1.php
941 B
925 B
Document
General
Full URL
https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
60d336b8b65426da35cb9baa392e9d142d1f3b8c51bfdb2509ff0a2e71e447f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75456f64a986904c-FRA
content-encoding
br
content-type
text/html
date
Mon, 03 Oct 2022 11:46:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUbecFKmpDpeH1PCRITtmVAZBVoCFH99a5WBxXdQlC5DwN5Um4tfRxROAXm6HzqHtTEO6OIMdvCm9KrEL21gb%2Fr1aQTdkF91Q23OCHiKnke%2B6VG7YNXtfUu5dq1ormiwSAa4N6l975IV%2BHiPh%2BTXkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

CF-RAY
75456f644bc9913c-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 03 Oct 2022 11:46:03 GMT
Expires
Mon, 03 Oct 2022 12:46:03 GMT
Location
https://stream.crichd.vip/update/skys1.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhNKJjSnMkpXigJSXD2jZ9gOQYcqsR9c0gLAHM6edSA7cLny1UuNkcR7E4cB7oM5ROP7xkXwdUb0JNr%2FPSEShDxp3FioSlEkFwoBiBfvUtwK2mlpNBuZwWDkLlQl%2Fd1b%2FvUlj7ZJ0KaPEBUK0I7m%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crichdws.js
fclecteur.com/
1020 B
1006 B
Script
General
Full URL
https://fclecteur.com/crichdws.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1839243e57d14543df861e5a282a5badafa82e8e33c685485cd1fcda976b304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4097
cf-polished
origSize=1250
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 02 Oct 2022 14:26:53 GMT
server
cloudflare
etag
W/"63399fad-4e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ehv3S%2B4E6jrqgDSD6f3g2CY6JFI5%2BUtpUd%2BtGC7QdPdYAIoku%2F6plRTIZzSvawHxlWe5nRfRsnEq7P%2BeSpJf0PgqHZNJ25r8xzuO2VqG%2BKTVUgb%2BJaqPshEfNg644hPYKZbKrthjd6ImwHM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75456f665c46bb53-FRA
suv4.js
achcdn.com/script/
98 KB
34 KB
Script
General
Full URL
https://achcdn.com/script/suv4.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2887
x-guploader-uploadid
ADPycdvP3IemmK8Vr_KitEwI_zMUJp1XJCPndt_vYc3nIlNXhbedm7YU3sxwr4nETPO1YpSNb8OZrwYsNwP0SVB9XxopTmU18t4R
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:41:05 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626465441111
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5u4%2FRgoANsK%2BmZLoofo6EI0rSsQTSPQsEjmyrOOxJVaOOLoUBYKLtcH6R4x1OKbk%2FwIqJnXFCeNPyGs5CfhrOCGHP45qEb8mJPY9jKGZ9dcw5iX3%2BN8OPuqFkPNWz6wi2%2FDKWKui%2FLO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
75456f668f04c2f0-VIE
expires
Mon, 03 Oct 2022 11:44:26 GMT
crichdws.php
fclecteur.com/ Frame 42BC
69 KB
23 KB
Document
General
Full URL
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
19ed7ad2c60c8a123d11fa2577994663d27992e82a0d16e490c6827c3514b80c

Request headers

Referer
https://stream.crichd.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75456f669cbdbb53-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 11:46:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLMxQk9RuVAqqLXgZM6fz9NnQ68hadmd18iv8ep3twKSG%2FqI%2F%2F0xl8uTvrJ0JU2%2BtqKeTHRz04sn%2FZvIcMXu3JVfRjGu1sguCtYKOBfTFwN2%2FXoQGfzfSv%2FCVl6ZXtapzLXsHj3YOtKR0sJQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
ut.js
achcdn.com/script/
70 KB
25 KB
Script
General
Full URL
https://achcdn.com/script/ut.js?cb=1664797563981
Requested by
Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2337
x-guploader-uploadid
ADPycdtsF6dORb567ZowlBPbKjyNFfkxeH0hbghA3PPugX0Gjju4ZAOTEXy7Xy64yZf8ZJJm0jGENoCv_uY5yqN1wT2jPLRCjNHG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibijhCwsaIPR5oT76pf3lORSGXymlKQfLydTUmnzLJporHMHgCjNBdjZ42yflauMlgtMFgawJ79srBg1%2Fhl7kMHebyLcfIfPpUztNX%2F5xYh%2BDil29do8Lr93%2BNI%2FPa1vh7cXbg2JFrpw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
75456f671daebb62-FRA
expires
Mon, 03 Oct 2022 11:57:15 GMT
suurl4.php
youradexchange.com/script/
1 KB
997 B
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5214935&cbur=0.029360816566903702&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fskys1.php&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=0&chmob=?0
Requested by
Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
622a9a12a289b2e494053dd56e26f1f761522505515787b058e57cca49229962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:38:38 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
686522599
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame 42BC
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 02:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30281
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 02:16:30 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 42BC
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
23274817
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
75456f678db45bf9-FRA
cdn-requestpullsuccess
True
jquery-latest.js
code.jquery.com/ Frame 42BC
276 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-4508e"
vary
Accept-Encoding
x-hw
1664797564.dop114.am5.t,1664797564.cds285.am5.hn,1664797564.cds291.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
embed.css
fclecteur.com/css/ Frame 42BC
428 B
723 B
Stylesheet
General
Full URL
https://fclecteur.com/css/embed.css?ver=1.4.4
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15646118b7d40c3133eb24f420b54a6c3d10e06437e71774847a1f8d18faa18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1694
cf-polished
origSize=537
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Oct 2021 09:08:53 GMT
server
cloudflare
etag
W/"617bba25-219"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm7zJl37j7vyuyhLKGjWpXpfaLsOk5S9G5HM8fYwpPtoPl1brpirLc8ftcVtRhuNGZTGJGJPfZckQHB2x6uIkZ9X5prJPIhmNW56B931oZf7G4bRZ8oUDcQyc4XSdwvesxIQWolD%2FUHDb2Ep"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75456f67688f916a-FRA
jquery-1.11.0.min.js
code.jquery.com/ Frame 42BC
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.0.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1787d"
vary
Accept-Encoding
x-hw
1664797564.dop114.am5.t,1664797564.cds285.am5.hn,1664797564.cds284.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33357
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame 42BC
7 KB
3 KB
Script
General
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1c1f"
vary
Accept-Encoding
x-hw
1664797564.dop114.am5.t,1664797564.cds285.am5.hn,1664797564.cds029.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
site.css
fclecteur.com/css/ Frame 42BC
165 B
606 B
Stylesheet
General
Full URL
https://fclecteur.com/css/site.css
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8baca2aa65818416aeee8065efcfb1e027fd9d851350b762fcedfae849e4af1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1710
cf-polished
origSize=199
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Oct 2021 09:54:42 GMT
server
cloudflare
etag
W/"617bc4e2-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITLhRqhxD3GZzqzFEi%2B2YbHJpDoU1tcAJTYTc%2BHBk5uhNUr1fGgxnyCIuxTU7Y%2FCZAksohPiw0y7pPgSLnFKfXmT%2FqAq0J%2BUfhqySzNhCXHJRiTk8SHmZM5pdRmiJEHC4wlNqMOnRc1zmzZK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75456f676894916a-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 42BC
513 KB
138 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 11:46:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
40320
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra19182-FRA, cache-hhn4040-HHN
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 42BC
185 KB
55 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67370894b8e5f8a4414f1d5663aa8351d76bcfd23aba88978dafa971116741b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 11:46:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
2933
x-jsd-version
2.4.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
56590
x-served-by
cache-fra19173-FRA, cache-hhn4040-HHN
x-jsd-version-type
version
etag
W/"2e37e-cQ2LoR0aMID1Sg18UALIOYGztzw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 42BC
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 11:46:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
27801
x-jsd-version
2.4.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1157
x-served-by
cache-fra19130-FRA, cache-hhn4040-HHN
x-jsd-version-type
version
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 42BC
30 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 11:46:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
35117
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10250
x-served-by
cache-fra19141-FRA, cache-hhn4040-HHN
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
script.js
vmuid.com/ Frame 42BC
10 KB
10 KB
Script
General
Full URL
https://vmuid.com/script.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
10176
sdk.js
tartator.com/ Frame 42BC
Redirect Chain
  • https://origunix.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
  • https://tartator.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
137 KB
137 KB
Script
General
Full URL
https://tartator.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
HTTP/1.1
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
9d44f70cb7568f94bbbf1239d394029176142cc14283197332a63711ee883c57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
140151

Redirect headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
Location
https://tartator.com/sdk.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
z-5246287
fclecteur.com/ Frame 42BC
935 B
1 KB
Script
General
Full URL
https://fclecteur.com/z-5246287
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20713eca8d7514104f1431dd682757454348c2a141e48dffabc030a594f0fe41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 03 Oct 2022 11:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"633ac0ed-3a7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umzZ66M3FADBpTa7cNYUDwXqqjiJocmXu9SxcstOP1Zfr1k0qtDYajaMx0mQZQLJ6l4t%2FSvOlct34ADIsWqyZHSLT4OuaeGCjfotDfofnhrH3pryj1aXdvMmtK0mhlNLxiQfBJHE7QI3ZFKz"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
75456f676895916a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
935
0.php
s4.histats.com/stats/
52 B
186 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4599824&@f16&@g1&@h1&@i1&@j1664797564057&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:43884349&@b3:1664797564&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fskys1.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
01b834f3524134435d4af478a7fd2295f73729aa6a695feac57b93aa4f51c283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
send
vmuid.com/uid/ Frame 42BC
65 B
700 B
Fetch
General
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=2f1144b3-a053-46f7-ad87-f99fb9720113
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
d3ad32d281a22d19424fbbd37e58f37c58351898de1c160bec21c95a990db03c

Request headers

Accept
application/json
Referer
https://fclecteur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryw6BdVpWYqsPqM5zj

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
Content-Type
application/json
Access-Control-Allow-Origin
https://fclecteur.com
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length
65
bootstrap.js
uptimecdn.com/script/ Frame 42BC
98 KB
34 KB
Script
General
Full URL
https://uptimecdn.com/script/bootstrap.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/z-5246287
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
483
x-guploader-uploadid
ADPycduI37KEPlpa7dhAN4STX9m-ZBO4Y32gaR3L6T8kNSA9aGUTdsjejcQNb213CG0L3bKHfuueOJtQ0XijxlZrTxbkBD5eMsBy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvQZoNb1wVOdYNzwWJWm5mSedT%2FvCf2FivpJXxFDKsuMguC5u9LYriRRYyE5UNmRij0QeHs0xtDtb0FBEeH84pUQTf6kxhl1gS5i02aVyN%2BuSmmrjVNCLZItV8PoUGlIYUeNK0a9nxan7CJC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
75456f6b293f9be2-FRA
expires
Mon, 03 Oct 2022 12:16:30 GMT
js15_as.js
s10.histats.com/ Frame 42BC
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:38:38 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
686522599
crichdws.php
fclecteur.com/ Frame 42BC
0
459 B
XHR
General
Full URL
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/crichdws.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvNv2ODGLNOFwLgCFaJC0s7Y0cNxPPhBxIlRCNIEY9sZQA%2FjAAIgCdXvpTGCzWHNFRFIm75hNmZAA%2FaUn0rKmP4cRUW%2Fk6HXeCZWaiVpdmQknhS45tIfALNaPFvMfz8l%2FyFmpkAaESVQQvnA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
75456f6b6a02916a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ugroocuw.net/5/4940138/ Frame 42BC
0
434 B
XHR
General
Full URL
https://ugroocuw.net/5/4940138/?oo=1&aab=1
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 03 Oct 2022 11:46:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://fclecteur.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
ugroocuw.net/ Frame 42BC
71 KB
23 KB
Script
General
Full URL
https://ugroocuw.net/tag.min.js
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c2a40f0558c123ab94048f28d292bca4a82a93ccae5d0cc4f7126c475eef3efc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
22987
x-trace-id
f5750268513f89704d8035dacbb592ee
pragma
no-cache
last-modified
Wed, 28 Sep 2022 07:56:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC
557 B
1 KB
XHR
General
Full URL
https://play3.cdn786.com:999/hls/skysme.m3u8?md5=tGuRcgGlPD1ju0NZ_GI6UQ&expires=1664804738
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
622d5ec6a06ac3bda469a4c09730ad7fc0868f1452739e9880fed881fec7a302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Last-Modified
Mon, 03 Oct 2022 11:46:01 GMT
Server
nginx/1.20.1
ETag
"633acb79-22d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
557
Expires
Mon, 03 Oct 2022 11:46:03 GMT
0.php
s4.histats.com/stats/ Frame 42BC
52 B
186 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4701487&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mfclecteur.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fstream.crichd.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-33753831&@b3:1664797565&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffclecteur.com%2Fcrichdws.php%3Fplayer%3Ddesktop%26live%3Dskysme&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
240477e385e8f697df1964640dbae3c8c7e0b8614a13efe7bc2296a70e55d2fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
ut.js
uptimecdn.com/script/ Frame 42BC
70 KB
26 KB
Script
General
Full URL
https://uptimecdn.com/script/ut.js?cb=1664797564759
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsngwk3IAADWShT2cR386Z-EABld38byahtQpyimZ6zu6eUBACV327YFHjhk0c6O5xLdVdBAlOLl-l5WnzbwS7UDwk79R00
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vMheYNxmXi%2BnL7ocYncnHnPilO8nCDVIh6zc11dyW6YwwmpPWnqTzi%2BSkn2zxzxEGWrewzZcb1VIh48OYnBP%2BlRkTRu0cZ74rwXR09HrryPM80k%2BgMBQQDhDBXgmS0ev7%2B8CT703pe9BRPy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
75456f6c0c9b9bb0-FRA
expires
Mon, 03 Oct 2022 11:57:15 GMT
suurl4.php
youradexchange.com/script/ Frame 42BC
1000 B
810 B
Fetch
General
Full URL
https://youradexchange.com/script/suurl4.php?r=5246287&cbur=0.8237498062302633&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0&chmob=?0
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
681ff1793be03b5223213c6249a2889e3c8376ba9d3e0b57aee5170d60baf10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 03 Oct 2022 11:46:04 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC
557 B
1 KB
XHR
General
Full URL
https://play3.cdn786.com:999/hls/skysme.m3u8?md5=tGuRcgGlPD1ju0NZ_GI6UQ&expires=1664804738
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
622d5ec6a06ac3bda469a4c09730ad7fc0868f1452739e9880fed881fec7a302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Last-Modified
Mon, 03 Oct 2022 11:46:01 GMT
Server
nginx/1.20.1
ETag
"633acb79-22d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
557
Expires
Mon, 03 Oct 2022 11:46:03 GMT
skysme-51198.ts
play3.cdn786.com/hls/ Frame 42BC
648 KB
648 KB
XHR
General
Full URL
https://play3.cdn786.com:999/hls/skysme-51198.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
682fedad3ef3014c2ff8b8beee3a55b8792a7aebff060e68b8db2efaff96c24c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Last-Modified
Mon, 03 Oct 2022 11:44:31 GMT
Server
nginx/1.20.1
ETag
"633acb1f-a2058"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
663640
Expires
Mon, 03 Oct 2022 11:46:03 GMT
json
pro.ip-api.com/ Frame 42BC
161 B
317 B
Fetch
General
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Oct 2022 11:46:04 GMT
Content-Length
161
Content-Type
application/json; charset=utf-8
7f93f4a6-e080-4286-8645-4f1073f545a5
https://fclecteur.com/ Frame 42BC
61 KB
0
Other
General
Full URL
blob:https://fclecteur.com/7f93f4a6-e080-4286-8645-4f1073f545a5
Requested by
Host: fclecteur.com
URL: https://fclecteur.com/crichdws.php?player=desktop&live=skysme
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
channel
asia.web3-lab.com/v1/ Frame 42BC
491 B
749 B
Fetch
General
Full URL
https://asia.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5e0d9a559757ba22da3a2fd30a4400dd1e42ebde6ad66fbbeb20784e77c064

Request headers

Referer
https://fclecteur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Oct 2022 11:46:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04ZOM2Zame3jaa59UBm9wy6Stm2lydNKAwwLCL01Y1MaR7nkZn4s7ejqSE0ZdsBCr%2B917LAr%2Fd1T396OUtwBJw7%2BVWMvyuhLtzrkabGfvhWtQiwmlzQqG8UZLF3aiMixEu6Rn3onhZrlsFXNfn%2F%2Bc4u5IyfR"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
75456f6d186e924d-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
skysme-51198.ts
play3.cdn786.com/hls/ Frame 42BC
1 B
400 B
XHR
General
Full URL
https://play3.cdn786.com:999/hls/skysme-51198.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

Referer
https://fclecteur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-0

Response headers

Date
Mon, 03 Oct 2022 11:46:04 GMT
Last-Modified
Mon, 03 Oct 2022 11:44:31 GMT
Server
nginx/1.20.1
ETag
"633acb1f-a2058"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/663640
Cache-Control
no-cache, no-cache
Connection
keep-alive
Content-Length
1
Expires
Mon, 03 Oct 2022 11:46:03 GMT
skysme-51199.ts
play3.cdn786.com/hls/ Frame 42BC
676 KB
676 KB
Fetch
General
Full URL
https://play3.cdn786.com:999/hls/skysme-51199.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d7617ab39105ffeabe649ad82d382e614d34cec5d513792066ca86d8c5e82503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:05 GMT
Last-Modified
Mon, 03 Oct 2022 11:44:41 GMT
Server
nginx/1.20.1
ETag
"633acb29-a8ff8"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
692216
Expires
Mon, 03 Oct 2022 11:46:04 GMT
skysme.m3u8
play3.cdn786.com/hls/ Frame 42BC
557 B
1 KB
XHR
General
Full URL
https://play3.cdn786.com:999/hls/skysme.m3u8?md5=tGuRcgGlPD1ju0NZ_GI6UQ&expires=1664804738
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.209.15.66 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
622d5ec6a06ac3bda469a4c09730ad7fc0868f1452739e9880fed881fec7a302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fclecteur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 11:46:09 GMT
Last-Modified
Mon, 03 Oct 2022 11:46:01 GMT
Server
nginx/1.20.1
ETag
"633acb79-22d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
557
Expires
Mon, 03 Oct 2022 11:46:08 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| fid string| v_width string| v_height object| isMobile string| embedded string| PlaySize object| regeneratorRuntime boolean| s2ss103 function| s2ss103ff object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| user_engagement103 string| utsid-send object| _HistatsCounterGraphics_0_setValues

8 Cookies

Domain/Path Name / Value
stream.crichd.vip/ Name: HstCfa4599824
Value: 1664797564057
stream.crichd.vip/ Name: HstCla4599824
Value: 1664797564057
stream.crichd.vip/ Name: HstCmu4599824
Value: 1664797564057
stream.crichd.vip/ Name: HstPn4599824
Value: 1
stream.crichd.vip/ Name: HstPt4599824
Value: 1
stream.crichd.vip/ Name: HstCnv4599824
Value: 1
stream.crichd.vip/ Name: HstCns4599824
Value: 1
.vmuid.com/ Name: guid
Value: 2a5284e7-d1a3-4df8-b70c-4148e5d735c2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

achcdn.com
ajax.googleapis.com
asia.web3-lab.com
cdn.jsdelivr.net
code.jquery.com
fclecteur.com
maxcdn.bootstrapcdn.com
origunix.com
play3.cdn786.com
pro.ip-api.com
s10.histats.com
s4.histats.com
stream.crichd.vip
tartator.com
ugroocuw.net
uptimecdn.com
vmuid.com
youradexchange.com
139.45.197.239
178.162.196.156
185.209.15.66
192.99.8.27
2001:4de0:ac18::1:a:3b
2606:4700:3030::6815:1ab6
2606:4700:3030::6815:2e74
2606:4700:3031::6815:888
2606:4700:3037::6815:1d36
2606:4700::6812:acf
2606:4700:e4::ac40:a70a
2a00:1450:400d:806::200a
2a04:4e42:400::485
35.190.41.116
46.105.201.240
51.77.64.70
01b834f3524134435d4af478a7fd2295f73729aa6a695feac57b93aa4f51c283
0e5e0d9a559757ba22da3a2fd30a4400dd1e42ebde6ad66fbbeb20784e77c064
15646118b7d40c3133eb24f420b54a6c3d10e06437e71774847a1f8d18faa18b
19ed7ad2c60c8a123d11fa2577994663d27992e82a0d16e490c6827c3514b80c
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20713eca8d7514104f1431dd682757454348c2a141e48dffabc030a594f0fe41
240477e385e8f697df1964640dbae3c8c7e0b8614a13efe7bc2296a70e55d2fd
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
60d336b8b65426da35cb9baa392e9d142d1f3b8c51bfdb2509ff0a2e71e447f0
622a9a12a289b2e494053dd56e26f1f761522505515787b058e57cca49229962
622d5ec6a06ac3bda469a4c09730ad7fc0868f1452739e9880fed881fec7a302
67370894b8e5f8a4414f1d5663aa8351d76bcfd23aba88978dafa971116741b9
681ff1793be03b5223213c6249a2889e3c8376ba9d3e0b57aee5170d60baf10b
682fedad3ef3014c2ff8b8beee3a55b8792a7aebff060e68b8db2efaff96c24c
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
8baca2aa65818416aeee8065efcfb1e027fd9d851350b762fcedfae849e4af1f
9d44f70cb7568f94bbbf1239d394029176142cc14283197332a63711ee883c57
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
b1839243e57d14543df861e5a282a5badafa82e8e33c685485cd1fcda976b304
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c2a40f0558c123ab94048f28d292bca4a82a93ccae5d0cc4f7126c475eef3efc
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d3ad32d281a22d19424fbbd37e58f37c58351898de1c160bec21c95a990db03c
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d7617ab39105ffeabe649ad82d382e614d34cec5d513792066ca86d8c5e82503
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc