hls.hdv.fun Open in urlscan Pro
2606:4700:3038::6815:eb5d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Submission: On March 07 via manual (March 7th 2021, 6:13:22 am UTC) from US

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3038::6815:eb5d, located in United States and belongs to CLOUDFLARENET, US. The main domain is hls.hdv.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time hls.hdv.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3038::6815:eb5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3038::6815:eb5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2600:1901:0:9... 2600:1901:0:94b6::	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	163.172.155.175 163.172.155.175	12876 (Online SAS) (Online SAS)
44	16

4 2606:4700:3038::6815:eb5d (United States)

ASN13335 (CLOUDFLARENET, US)

hls.hdv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sub1.hdv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb5e (United States)

ASN13335 (CLOUDFLARENET, US)

img.hdv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sub1.hdv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

domicileperil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:94b6:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

rglink-29d5f.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-usc1c-nss-305.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.155.175 (France)

ASN12876 (Online SAS, FR)
PTR: 175-155-172-163.instances.scw.cloud

ws6.hdv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googleusercontent.com lh3.googleusercontent.com	43 MB
9	gstatic.com www.gstatic.com fonts.gstatic.com	629 KB
7	hdv.fun hls.hdv.fun sub1.hdv.fun img.hdv.fun ws6.hdv.fun	566 KB
6	firebaseio.com rglink-29d5f.firebaseio.com s-usc1c-nss-305.firebaseio.com	2 KB
4	google.com www.google.com	18 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	30 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	domicileperil.com domicileperil.com
1	googleapis.com ajax.googleapis.com	30 KB
44	10

	Domain	Requested by
10	lh3.googleusercontent.com	sub1.hdv.fun
7	www.gstatic.com	hls.hdv.fun www.google.com www.gstatic.com
5	s-usc1c-nss-305.firebaseio.com	www.gstatic.com
4	www.google.com	hls.hdv.fun www.gstatic.com www.google.com
3	hls.hdv.fun	sub1.hdv.fun
2	fonts.gstatic.com	www.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	hls.hdv.fun
2	sub1.hdv.fun	hls.hdv.fun
1	ws6.hdv.fun	sub1.hdv.fun
1	rglink-29d5f.firebaseio.com	www.gstatic.com
1	www.googletagmanager.com	hls.hdv.fun
1	domicileperil.com	hls.hdv.fun
1	img.hdv.fun	hls.hdv.fun
1	ajax.googleapis.com	hls.hdv.fun
44	15

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
domicileperil.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
firebaseio.com GTS CA 1O1	`2021-01-12` - `2021-07-11`	6 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.hdv.fun Sectigo RSA Domain Validation Secure Server CA	`2020-08-10` - `2021-08-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Frame ID: F08D8C455EBDDB299F15D260C1D9191D
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c
Frame ID: 21A375978D410AF825338EC0B47117C9
Requests: 8 HTTP requests in this frame

Frame: https://rglink-29d5f.firebaseio.com/.lp?start=t&ser=17723902&cb=1&v=5
Frame ID: E44B9C2730C82064A7BEA12DCD99275E
Requests: 5 HTTP requests in this frame

Frame: https://s-usc1c-nss-305.firebaseio.com/.lp?dframe=t&id=843422&pw=NEKsPUlLQT&ns=rglink-29d5f
Frame ID: FC83B5803E737F82BE55349E6DC35A06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

44
Requests

98 %
HTTPS

87 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

45248 kB
Transfer

47269 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tt7775622 Show response
hls.hdv.fun/imdb/ 36 KB
18 KB 277ms
250ms Document
text/html 2606:4700:3038::6815:eb5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b46761a3806c04031410c8700e6df4e3d810afe471352f6e18aa869fffe2ae7

Request headers

:method: GET
:authority: hls.hdv.fun
:scheme: https
:path: /imdb/tt7775622?raj=1&sub=off
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=db7c1db1612dd9ffd2939afd5bd3861191615097581; expires=Tue, 06-Apr-21 06:13:01 GMT; path=/; domain=.hdv.fun; HttpOnly; SameSite=Lax; Secure hdv_captcha=5; Domain=.hdv.fun; Expires=Sun, 07-Mar-2021 06:15:01 GMT; Max-Age=120; Secure; Path=/; SameSite=None hdv_user=MM9aDXoQ63qRcomb8SvcQOngO7PVXLDGjCfPq7nwT6TSYaFMY-WSSfSjIwvKNHgv; Domain=.hdv.fun; Expires=Sun, 07-Mar-2021 06:15:01 GMT; Max-Age=120; Secure; Path=/; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 08acea65ca0000d725b93df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4pbo%2FhOD%2B6sy%2BxDIO2ZovdbPtfTtqtpu4s9yA%2BfbnY83DpkRvcyRZkvMWHCObxiFgLZENIwURm6z1d%2FbztfeI7AxcEq1f9z%2F%2FbTQtfrycvcxgJ2V0xrDRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62c1ace948bfd725-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bundle37.js Show response
sub1.hdv.fun/js/ 243 KB
72 KB 27ms
14ms Script
application/x-javascript 2606:4700:3038::6815:eb5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sub1.hdv.fun/js/bundle37.js
Requested by: Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3829650e92bcdb3298ef4b92299d20c75b6d68dd7e3784cd31c9ce9f60a3a282

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4052353
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08acea66d50000d7259cbcd000000001
last-modified: Tue, 19 Jan 2021 08:33:14 GMT
server: cloudflare
etag: W/"6006994a-3cb0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jnh%2FkqIv2QacNUHaVt21MKCumL2JRuAimeF5OkZiHeXQ9weBvUoOBOJ0dYoGm4LPNmz%2Bfx6FazKS4aD3t1mAlT%2BAM1Nu6dsX7mmfwWVKmbs0iyN1oLHRpNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 62c1aceae9e2d725-FRA
expires: Wed, 19 Jan 2022 08:33:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 09:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73372
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Mar 2022 09:50:09 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 14ms
12ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228646
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19736
cf-request-id: 08acea66cc00004a5bc189c000000001
timing-allow-origin: *
last-modified: Wed, 13 Feb 2019 16:41:40 GMT
server: cloudflare
etag: "1550076100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62c1aceaecc64a5b-FRA

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
11 KB 16ms
15ms Script
text/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 157036
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10940
cf-request-id: 08acea66cc00004a5bad908000000001
timing-allow-origin: *
last-modified: Wed, 13 Feb 2019 16:41:46 GMT
server: cloudflare
etag: "1550076106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62c1aceaecc74a5b-FRA

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.19.1/ 19 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.19.1/firebase-app.js

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab917099ba3ce31a531f6cd73284dcb455716faf7be1577a304dd40c9fa350bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 23:52:25 GMT
server: sffe
age: 372921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6617
x-xss-protection: 0
expires: Wed, 02 Mar 2022 22:37:40 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/7.19.1/ 170 KB
54 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.19.1/firebase-auth.js

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77ec42caac4e585ed0088c6201fd57ef1449cd38968af17dabb8bd7569ebfc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 23:52:25 GMT
server: sffe
age: 495772
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55450
x-xss-protection: 0
expires: Tue, 01 Mar 2022 12:30:09 GMT

GET
H2 200 firebase-database.js Show response
www.gstatic.com/firebasejs/7.19.1/ 182 KB
49 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d71d2bd366c0be7384027d1bb0fbfdf01ad5bb9b764fd22f2cfd2cf5f4c54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 09:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 23:52:25 GMT
server: sffe
age: 248983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50088
x-xss-protection: 0
expires: Fri, 04 Mar 2022 09:03:18 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
677 B 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67350317242adcedeccc15fccb9140ecc2e7ac57b19ea758fe40a1ad2d9769ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Sun, 07 Mar 2021 06:13:01 GMT

GET
H2 200 tt7775622.jpg
img.hdv.fun/backdrop/ 223 KB
224 KB 74ms
51ms Image
image/jpeg 2606:4700:3038::6815:eb5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.hdv.fun/backdrop/tt7775622.jpg
Requested by: Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ad3df04c7ad9560d00dc23ebff9f27370b3ffbe8b7097eab4b2d5f638aaad4

Request headers

Origin: https://hls.hdv.fun
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228662
cf-request-id: 08acea670800004e506e288000000001
last-modified: Sat, 20 Jul 2019 10:25:16 GMT
server: cloudflare
etag: "5d32ec0c-37d36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qkhCMunzbwgxChe8%2FEa1Wv%2BXS6EaXujaaC7yzXmeWDsSDA7lmx53YCDVZcQugpKupjZb0DUrN5fJeAZMliskubi95hIAMz5F3f%2BIxepXe9JBx0Tz5a1mhA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62c1aceb3fa74e50-FRA
expires: Mon, 07 Mar 2022 06:13:01 GMT

GET
H/1.1 403
Forbidden 4fb9500014544d3524e2c4c15bdf99be.js
domicileperil.com/4f/b9/50/ 0
0 345ms
124ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://domicileperil.com/4f/b9/50/4fb9500014544d3524e2c4c15bdf99be.js
Requested by: Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 07 Mar 2021 06:13:01 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146288174-2

Requested by

Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8330edecc1ec76bb616a708d53fe79acfa616fd881390e6f7cec14f043dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39435
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:13:01 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ 331 KB
129 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hls.hdv.fun
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 04:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5875
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 04:35:06 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 21A3 19 KB
10 KB 55ms
42ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7644647788ceec2c330a96fd9d74bc0a2ca94cb1bd1adee20fa4a0924768fd15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-93CH6WKQHJckNLDkmhF7xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Mar 2021 06:13:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-93CH6WKQHJckNLDkmhF7xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9996
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rpDdET6Q63o.m3u8 Show response
hls.hdv.fun/m3u8/ 154 KB
155 KB 199ms
199ms XHR
application/vnd.apple.mpegurl 2606:4700:3038::6815:eb5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hls.hdv.fun/m3u8/rpDdET6Q63o.m3u8?u=PVVUYTFKamFrcEhhMXBXVE5sVFlFaDFiUlp6TXhKMVl2MW1ZNE1sZGpGMVR1ZDJUM0FsVll4RVJIcDJRbUJWYzM0MmRVWkRWVGxWWUcxVVd0YzFVVFoyVXFsMGQydGtUSWRtZA==
Requested by: Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170baabd870fe7631162d13083a71bb087cc5c002d77b0f4d7e556bf81dbb4a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Zr1dyXcNgaK8xcpJG8IXU2zveRvDsNAS5MM1sYOMJWNT3esUikSGTc2FweogPyz8AnuE0BsCcrjO%2B%2BMpwVU1HO6uQBPMsMEo185zFbGiTV88EY3YW6HBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cf-ray: 62c1aced7b76d725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157795
cf-request-id: 08acea686d0000d725450ae000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146288174-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 625
date: Sun, 07 Mar 2021 06:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 07 Mar 2021 08:02:36 GMT

GET
H2 200 1270104.vtt
sub1.hdv.fun/vtt1/ 96 KB
97 KB 49ms
48ms TextTrack
text/vtt 2606:4700:3038::6815:eb5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sub1.hdv.fun/vtt1/1270104.vtt
Requested by: Host: hls.hdv.fun
URL: https://hls.hdv.fun/imdb/tt7775622?raj=1&sub=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4ced3339e7278f849fe8c4bf4e5ee1cb17629f660077e3eaa14a6f324af2d0e

Request headers

Origin: https://hls.hdv.fun
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98808
cf-request-id: 08acea687a00004e506c283000000001
last-modified: Sat, 24 Oct 2020 15:00:56 GMT
server: cloudflare
etag: "5f9441a8-181f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MU8yPuvJa6dGAi9oWr48W3cu2cRkCa7nRxPqRSzEU3QfE7iUQUK142xGArshg%2Fb5wRi%2BLsJ7RF5845WmTBovyJ7cqUBphJ98OcAXcus3Th36baKv9G7Wevs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62c1aced9a3a4e50-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Mon, 07 Mar 2022 06:13:01 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
384 B 41ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=55621589&t=pageview&_s=1&dl=https%3A%2F%2Fhls.hdv.fun%2Fimdb%2Ftt7775622%3Fraj%3D1%26sub%3Doff&ul=en-us&de=UTF-8&dt=Watch%20movie%20online%20for%20free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1792986507&gjid=1964036408&cid=1093800577.1615097582&tid=UA-146288174-2&_gid=686060588.1615097582&_r=1&gtm=2ou2o0&z=409041783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:13:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hls.hdv.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 21A3 50 KB
25 KB 35ms
22ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 114466
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 05 Mar 2022 22:25:15 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 21A3 331 KB
332 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 05:45:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 1676
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339250
x-xss-protection: 0
expires: Mon, 07 Mar 2022 05:45:05 GMT

GET
H3-Q050 200 6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js Show response
www.google.com/js/bg/ Frame 21A3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 22:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 115942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6328
x-xss-protection: 0
expires: Sat, 05 Mar 2022 22:00:39 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 21A3 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 296430
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 10 Mar 2021 19:52:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 21A3 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 210696
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 21A3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 06:30:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 85353
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Sun, 06 Mar 2022 06:30:28 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 21A3 102 B
240 B 17ms
16ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcm_coZAAAAABf_1NR7bSKdGVQyaNGIR3gpwqp9&co=aHR0cHM6Ly9obHMuaGR2LmZ1bjo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=m0bjydrxji3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 07 Mar 2021 06:13:01 GMT

GET
H/1.1 200
OK .lp Show response
rglink-29d5f.firebaseio.com/ Frame E44B 421 B
663 B 272ms
112ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rglink-29d5f.firebaseio.com/.lp?start=t&ser=17723902&cb=1&v=5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

bc7a76e1639b3abc447acb1669c01870fed72f18095724da2dab80bd7b256478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:13:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 421
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 PoZymPgBdsx2sAB0R1RIHZUd9nNdA4ix1EHl2uEnmWjhRG2v9kA-Ov5Xdok-tOYwlFz8BpgxRw=s0 Show response
lh3.googleusercontent.com/proxy/ 2 MB
2 MB 1359ms
1341ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/PoZymPgBdsx2sAB0R1RIHZUd9nNdA4ix1EHl2uEnmWjhRG2v9kA-Ov5Xdok-tOYwlFz8BpgxRw=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5227a3cdccb7970097d273083b35a40b1b101e5fe2c89b69e81342ceccc8b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:03 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2322063
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:03 GMT

GET
BLOB 200
OK d34675db-f647-451a-8184-4e22032fc2ea
https://hls.hdv.fun/ 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hls.hdv.fun/d34675db-f647-451a-8184-4e22032fc2ea
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90583899ad03560e74693d011af1fe2ca353e6aa4e61da09376290f5811beca8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 63670
Content-Type: text/javascript

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-305.firebaseio.com/ Frame FC83 419 B
648 B 238ms
112ms Document
text/html 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-305.firebaseio.com/.lp?dframe=t&id=843422&pw=NEKsPUlLQT&ns=rglink-29d5f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

65d73b4fe12026972cde2217119afd4de8b94c3a11e59626cd11586313b0d49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Host: s-usc1c-nss-305.firebaseio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:13:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 419
Connection: keep-alive
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-305.firebaseio.com/ Frame E44B 15 B
256 B 242ms
118ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-305.firebaseio.com/.lp?id=843422&pw=NEKsPUlLQT&ser=27308246&ns=rglink-29d5f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:13:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 15
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-305.firebaseio.com/ Frame E44B 58 B
299 B 241ms
113ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-305.firebaseio.com/.lp?id=843422&pw=NEKsPUlLQT&ser=27308247&ns=rglink-29d5f&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjctMTktMSI6MX19fX0.

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:13:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-305.firebaseio.com/ Frame E44B 47 B
288 B 437ms
437ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-305.firebaseio.com/.lp?id=843422&pw=NEKsPUlLQT&ser=27308248&ns=rglink-29d5f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:13:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 47
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-305.firebaseio.com/ Frame E44B 38 B
279 B 113ms
113ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-305.firebaseio.com/.lp?id=843422&pw=NEKsPUlLQT&ser=27308249&ns=rglink-29d5f&seg0=1&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.19.1/firebase-database.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:13:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 38
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H3-Q050 200 _t-Nb6W8XI_jT65C8Ekh8BrjsGJojORnQhJ5A1VJsudBvHziKAgWRa40fs8Gx7darfnrVm5ogg=s0 Show response
lh3.googleusercontent.com/proxy/ 2 MB
2 MB 382ms
368ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/_t-Nb6W8XI_jT65C8Ekh8BrjsGJojORnQhJ5A1VJsudBvHziKAgWRa40fs8Gx7darfnrVm5ogg=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

18dc201d9a3efceacc5179674f58f3beaa82a634e28833af672c06d73fd6282c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:03 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001711
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:03 GMT

GET
H3-Q050 200 g668YlQFOsqVkZaS-FRJDcdMagJZcBtDqDQpmSzZEupnr6S1YM43HWXklVhY47FHQEsg0j5IEw=s0 Show response
lh3.googleusercontent.com/proxy/ 5 MB
5 MB 861ms
861ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/g668YlQFOsqVkZaS-FRJDcdMagJZcBtDqDQpmSzZEupnr6S1YM43HWXklVhY47FHQEsg0j5IEw=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce208748d21d0c00c71165fa3b9f4709293017e5daf63a0448603853257a34e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:04 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602099
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:04 GMT

GET
H3-Q050 200 sO30KBYGs35ioMFszMvs5eYYfVlGIsIfKLhwDWriWmvLM-3_hZy0mhcUkquN-F4_qmJbImHUvA=s0 Show response
lh3.googleusercontent.com/proxy/ 6 MB
6 MB 753ms
753ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/sO30KBYGs35ioMFszMvs5eYYfVlGIsIfKLhwDWriWmvLM-3_hZy0mhcUkquN-F4_qmJbImHUvA=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c439edbd9a45e9ffd135b643d89ea125891c93ffd7449ab47b5e28c7d887d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:05 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6766195
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:05 GMT

GET
H3-Q050 200 cG3LgSOSjUqqy2MHhQk_pChKZxVdfdjJFHBzY9fmHRts7JVXsdn65u6ksFOSY_r6tz-8XceYIw=s0 Show response
lh3.googleusercontent.com/proxy/ 5 MB
5 MB 590ms
589ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/cG3LgSOSjUqqy2MHhQk_pChKZxVdfdjJFHBzY9fmHRts7JVXsdn65u6ksFOSY_r6tz-8XceYIw=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d320e50886cc7c65860891db2dcf759d0009831d9c763c696e608fe55cb8ccbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:06 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5303179
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:06 GMT

POST
H2 200 captcha Show response
hls.hdv.fun/ 3 B
438 B 199ms
198ms Fetch
text/html 2606:4700:3038::6815:eb5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hls.hdv.fun/captcha
Requested by: Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80bd58cc6d5d42da53d0070dae5727a1eab31bb5955bf38c25f4e0b064eb93c1

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Mar 2021 06:13:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U950HtnhvXm14FRWTYTFSiMb3%2BLyXOaMAYAJSyZ4IoC1iNTxCQm6b2W248a4Rssk7Hu4lTkOWv6qeth7CYAB3p3lzd6M1rirYzhLodv3Hw%2Be3dZ8Shhedg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 62c1ad0ca8e5d725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08acea7be70000d7259c866000000001

GET
H3-Q050 200 hwiQPkdyl8FsyeVSMlu68LBS-s1tK53HacscBPWaFvLEyjYoa0p1p8Wk2t-MpoQ3Xh3pF38pYw=s0 Show response
lh3.googleusercontent.com/proxy/ 5 MB
5 MB 1018ms
1017ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/hwiQPkdyl8FsyeVSMlu68LBS-s1tK53HacscBPWaFvLEyjYoa0p1p8Wk2t-MpoQ3Xh3pF38pYw=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c8cd9db3177c2019b6420bb926f837ffb8f3279d48c82f6f729dc558869c536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:08 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5557919
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:08 GMT

GET
H3-Q050 200 qbB0kTCwPW-vNL8vMPHtIhzD9_hsCuAJNK19D1LxlrFIFVV2xhkD4i54E9hYGbo80Uet0qtbIQ=s0 Show response
lh3.googleusercontent.com/proxy/ 4 MB
4 MB 668ms
667ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/qbB0kTCwPW-vNL8vMPHtIhzD9_hsCuAJNK19D1LxlrFIFVV2xhkD4i54E9hYGbo80Uet0qtbIQ=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9108daa8b2c3ad7b190f530c99b423b2456e6b485779aa1d72ac982e51d1154b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:09 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294183
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:09 GMT

GET
H3-Q050 200 lzDQHQJTO6dXbqaPZ4gnC-A-n0XPEDYJBR2LHbiWDoXhEHYLFgHWq1Wxb0NpLzk0gTRsA38Jlg=s0 Show response
lh3.googleusercontent.com/proxy/ 4 MB
4 MB 363ms
362ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/lzDQHQJTO6dXbqaPZ4gnC-A-n0XPEDYJBR2LHbiWDoXhEHYLFgHWq1Wxb0NpLzk0gTRsA38Jlg=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b644e40a432696a3d0b7407ba1766cffb06210b40986bc583f938f09f829a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:09 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4553247
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:09 GMT

GET
H3-Q050 200 VTXw83VEH7UBo1P6jKLGVMRK9bKCrPxFwwA4W3Id8X405ImBU8SNDJka2ytRt1as4WYw4nEgRA=s0 Show response
lh3.googleusercontent.com/proxy/ 4 MB
4 MB 877ms
876ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/VTXw83VEH7UBo1P6jKLGVMRK9bKCrPxFwwA4W3Id8X405ImBU8SNDJka2ytRt1as4WYw4nEgRA=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75b96edcda82e951bec0ac9730f121ea1f4590cb157052c2c1283d9a2425b43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4368631
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:11 GMT

GET
H3-Q050 200 HiZnQFlT0yeiG5uUqUCWFcX5K3_ufJz0zmFyB272sCVWuTOC4ErlRVClC9xraUkgaBP0N1jOhA=s0 Show response
lh3.googleusercontent.com/proxy/ 4 MB
4 MB 372ms
372ms XHR
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/proxy/HiZnQFlT0yeiG5uUqUCWFcX5K3_ufJz0zmFyB272sCVWuTOC4ErlRVClC9xraUkgaBP0N1jOhA=s0

Requested by

Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29f3daedb2fa0743486bd5d11cb276076794148d1db916b125b372d107d2bca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:13:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform, must-revalidate
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4196611
x-xss-protection: 0
expires: Mon, 08 Mar 2021 06:13:11 GMT

GET
H2 200 GK_PwK-SzqnAaKdV9lPEosS4ZX3MrjYV7eaaS8SIGqQ6q6s601UaupH0Kho4eLpnq8eUubmEVeDvE31Dud2w_ALNaPajtqsemrpxXDXAORLLXts8BtSj7CfX3VMCyunhyjphHrDW-JaXLUqc13-bPLnpoDhNt5NMC9xbD-Y9QaE=--w--0--w--44961328--w--4...
ws6.hdv.fun/ios/ 1000 KB
0 1390ms
1287ms XHR
image/png 163.172.155.175
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ws6.hdv.fun/ios/GK_PwK-SzqnAaKdV9lPEosS4ZX3MrjYV7eaaS8SIGqQ6q6s601UaupH0Kho4eLpnq8eUubmEVeDvE31Dud2w_ALNaPajtqsemrpxXDXAORLLXts8BtSj7CfX3VMCyunhyjphHrDW-JaXLUqc13-bPLnpoDhNt5NMC9xbD-Y9QaE=--w--0--w--44961328--w--49888619--w--10.png
Requested by: Host: sub1.hdv.fun
URL: https://sub1.hdv.fun/js/bundle37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.172.155.175 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 175-155-172-163.instances.scw.cloud
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hls.hdv.fun
date: Sun, 07 Mar 2021 06:13:13 GMT
access-control-allow-credentials: true
server: nginx/1.17.10 (Ubuntu)
content-length: 4927292
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hdv.fun/	1970-01-19 16:38:17	Name: _gat_gtag_UA_146288174_2 Value: 1
.hdv.fun/	1970-01-19 17:21:29	Name: __cfduid Value: db7c1db1612dd9ffd2939afd5bd3861191615097581
.hdv.fun/	1970-01-19 16:39:43	Name: _gid Value: GA1.2.686060588.1615097582
.hdv.fun/	1970-01-19 16:48:22	Name: hdv_captcha Value: 5
.hdv.fun/	1970-01-20 10:09:29	Name: _ga Value: GA1.2.1093800577.1615097582
.hdv.fun/	1970-01-19 16:38:17	Name: hdv_user Value: MM9aDXoQ63qRcomb8SvcQOngO7PVXLDGjCfPq7nwT6TSYaFMY-WSSfSjIwvKNHgv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
domicileperil.com
fonts.gstatic.com
hls.hdv.fun
img.hdv.fun
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
rglink-29d5f.firebaseio.com
s-usc1c-nss-305.firebaseio.com
sub1.hdv.fun
ws6.hdv.fun
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
163.172.155.175
192.243.59.13
2600:1901:0:94b6::
2606:4700:3038::6815:eb5d
2606:4700:3038::6815:eb5e
2606:4700::6812:bcf
2a00:1450:4001:801::2001
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
0c8cd9db3177c2019b6420bb926f837ffb8f3279d48c82f6f729dc558869c536
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
170baabd870fe7631162d13083a71bb087cc5c002d77b0f4d7e556bf81dbb4a6
18dc201d9a3efceacc5179674f58f3beaa82a634e28833af672c06d73fd6282c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
29f3daedb2fa0743486bd5d11cb276076794148d1db916b125b372d107d2bca1
3829650e92bcdb3298ef4b92299d20c75b6d68dd7e3784cd31c9ce9f60a3a282
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
4b46761a3806c04031410c8700e6df4e3d810afe471352f6e18aa869fffe2ae7
5227a3cdccb7970097d273083b35a40b1b101e5fe2c89b69e81342ceccc8b2a8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
65d73b4fe12026972cde2217119afd4de8b94c3a11e59626cd11586313b0d49b
67350317242adcedeccc15fccb9140ecc2e7ac57b19ea758fe40a1ad2d9769ec
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
75b96edcda82e951bec0ac9730f121ea1f4590cb157052c2c1283d9a2425b43a
7644647788ceec2c330a96fd9d74bc0a2ca94cb1bd1adee20fa4a0924768fd15
77ec42caac4e585ed0088c6201fd57ef1449cd38968af17dabb8bd7569ebfc07
80bd58cc6d5d42da53d0070dae5727a1eab31bb5955bf38c25f4e0b064eb93c1
90583899ad03560e74693d011af1fe2ca353e6aa4e61da09376290f5811beca8
9108daa8b2c3ad7b190f530c99b423b2456e6b485779aa1d72ac982e51d1154b
96ad3df04c7ad9560d00dc23ebff9f27370b3ffbe8b7097eab4b2d5f638aaad4
9b644e40a432696a3d0b7407ba1766cffb06210b40986bc583f938f09f829a18
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
ab917099ba3ce31a531f6cd73284dcb455716faf7be1577a304dd40c9fa350bb
ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20
b5d71d2bd366c0be7384027d1bb0fbfdf01ad5bb9b764fd22f2cfd2cf5f4c54a
bc7a76e1639b3abc447acb1669c01870fed72f18095724da2dab80bd7b256478
c439edbd9a45e9ffd135b643d89ea125891c93ffd7449ab47b5e28c7d887d3c3
ce208748d21d0c00c71165fa3b9f4709293017e5daf63a0448603853257a34e2
d320e50886cc7c65860891db2dcf759d0009831d9c763c696e608fe55cb8ccbf
d8330edecc1ec76bb616a708d53fe79acfa616fd881390e6f7cec14f043dac64
e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
f4ced3339e7278f849fe8c4bf4e5ee1cb17629f660077e3eaa14a6f324af2d0e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

hls.hdv.fun Open in urlscan Pro 2606:4700:3038::6815:eb5d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

87 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

45248 kBTransfer

47269 kBSize

6 Cookies

2 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hls.hdv.fun Open in urlscan Pro
2606:4700:3038::6815:eb5d Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

87 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

45248 kB
Transfer

47269 kB
Size

6
Cookies

44 HTTP transactions
7 data transactions