www.cimaclub.cc Open in urlscan Pro
2606:4700:3037::ac43:9fbb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%...
Submission: On May 23 via manual (May 23rd 2021, 8:31:38 am UTC) from RO

Summary HTTP 51 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3037::ac43:9fbb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cimaclub.cc.
TLS certificate: Issued by R3 on May 16th 2021. Valid for: 3 months.

This is the only time www.cimaclub.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3037::ac43:9fbb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::6815:595d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3033::ac43:8551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2600:9000:218... 2600:9000:2181:4600:c:6c1a:fcc0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	51.159.19.225 51.159.19.225	12876 (Online SAS) (Online SAS)
3	195.154.157.95 195.154.157.95	12876 (Online SAS) (Online SAS)
51	17

13 2606:4700:3037::ac43:9fbb (United States)

ASN13335 (CLOUDFLARENET, US)

www.cimaclub.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

ugroocuw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:595d (United States)

ASN13335 (CLOUDFLARENET, US)

kobatube.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:8551 (United States)

ASN13335 (CLOUDFLARENET, US)

vidhd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

paletteadulatory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2181:4600:c:6c1a:fcc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1ac2du043ydir.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.19.225 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-19-225.rev.poneytelecom.eu

api.govid.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.154.157.95 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-157-95.rev.poneytelecom.eu

ola-s901118-21.kobatube.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cimaclub.cc www.cimaclub.cc	691 KB
5	gstatic.com fonts.gstatic.com	53 KB
4	google-analytics.com www.google-analytics.com	38 KB
4	vidhd.org vidhd.org	197 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
4	kobatube.xyz kobatube.xyz	7 KB
4	ugroocuw.net ugroocuw.net	20 KB
3	kobatube.online ola-s901118-21.kobatube.online	2 MB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
1	govid.co api.govid.co	981 B
1	rtmark.net my.rtmark.net	491 B
1	cloudfront.net d1ac2du043ydir.cloudfront.net	66 KB
1	paletteadulatory.com paletteadulatory.com
1	rawgit.com cdn.rawgit.com	1 KB
51	15

	Domain	Requested by
13	www.cimaclub.cc	www.cimaclub.cc
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	vidhd.org	kobatube.xyz vidhd.org
4	kobatube.xyz	www.cimaclub.cc kobatube.xyz ajax.googleapis.com
4	ugroocuw.net	www.cimaclub.cc ugroocuw.net
3	ola-s901118-21.kobatube.online	vidhd.org
3	fonts.googleapis.com	www.cimaclub.cc
2	www.googletagmanager.com	www.cimaclub.cc kobatube.xyz
2	stackpath.bootstrapcdn.com	www.cimaclub.cc stackpath.bootstrapcdn.com
1	api.govid.co	vidhd.org
1	my.rtmark.net	ugroocuw.net
1	d1ac2du043ydir.cloudfront.net	kobatube.xyz
1	paletteadulatory.com	kobatube.xyz
1	ajax.googleapis.com	kobatube.xyz
1	cdn.rawgit.com	www.cimaclub.cc
51	16

This site contains links to these domains. Also see Links.

Domain
www.cimaclub.best
twitter.com
t.me
kobatube.xyz
1fichier.com
upbbom.com
sama-share.com
uptobox.com
xcliks.com

Subject Issuer	Validity	Valid
*.cimaclub.cc R3	`2021-05-16` - `2021-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
ugroocuw.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
cdn.rawgit.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.vidhd.org R3	`2021-05-09` - `2021-08-07`	3 months	crt.sh
paletteadulatory.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.govid.co Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2021-07-26`	a year	crt.sh
ola-s901118-21.kobatube.online R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
Frame ID: 6F353FB70312CB7F725E6F5988787287
Requests: 30 HTTP requests in this frame

Frame: https://kobatube.xyz/play/80859801
Frame ID: 0919C7EA1CF122EB2068B57B7007D60B
Requests: 19 HTTP requests in this frame

Frame: https://ugroocuw.net/fac.php
Frame ID: B7B90613FC50103F113E60597A55FC6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

51
Requests

98 %
HTTPS

63 %
IPv6

15
Domains

16
Subdomains

17
IPs

4
Countries

3437 kB
Transfer

5070 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cimaclub.best/category/%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA-%D8%B1%D9%85%D8%B6%D8%A7%D9%86-2021
Title: مسلسلات رمضان 2021

Search URL Search Domain Scan URL

URL: https://twitter.com/cimaclub_not

Search URL Search Domain Scan URL

URL: https://t.me/cimaclubofficial

Search URL Search Domain Scan URL

URL: https://kobatube.xyz/down/80859801
Title: جميع الجودات سيرفر مباشر

Search URL Search Domain Scan URL

URL: https://1fichier.com/?nppvxjc75r2dccd2qvjy
Title: الجودة 7201fichier.com

Search URL Search Domain Scan URL

URL: https://upbbom.com/1n7c3aq5ewt5/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac.mkv.html
Title: الجودة 720upbbom.com

Search URL Search Domain Scan URL

URL: https://sama-share.com/8wkn2g2yd99o
Title: الجودة 720sama-share.com

Search URL Search Domain Scan URL

URL: https://uptobox.com/tljmbj4jl6cs
Title: الجودة 720uptobox.com

Search URL Search Domain Scan URL

URL: https://xcliks.com/
Title: تصميم وبرمجة

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84... Show response
www.cimaclub.cc/watch/ 26 KB
5 KB 141ms
114ms Document
text/html 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566cd2884c3acf992ee3bfaa4a9125016c7b7e86559e45572534f023f6bfe368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cimaclub.cc
:scheme: https
:path: /watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; expires=Sun, 23-May-2021 18:31:22 GMT; Max-Age=36000; path=/ cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D; expires=Sun, 23-May-2021 18:31:22 GMT; Max-Age=36000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0a39f2bc1c0000d711f6aec000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g9MGo%2Fl0%2BQTNHz0FzBInz8UF4yj2l5C7uMTZED0jEMF7Bh0I8qt7nOcWz%2BZYEHdCbpXt8ybm6evYpeNfcJghYC3JlNtjipk2HI1Tm2hc%2BbJAn3qEIwQZqdBtYFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 653ced736f77d711-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 tornado-rtl.css
www.cimaclub.cc/themes/CimaClub/css/ 272 KB
41 KB 51ms
37ms Stylesheet
text/css 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61aef7d3955fb1311221e82daada09987889c91a0e3bccf6158c06738cca1817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/css/tornado-rtl.css?v=1.9.7
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1143
cf-polished: origSize=278425
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bca20000d6f98f972000000001
last-modified: Thu, 14 Jan 2021 15:57:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"600069db-43f99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RmvAnXnm8XZyi%2BLmlONvWpD3wZliuULpkH4dcXrvPk9E9B21dJXekfvLPYLe8a02I4GJYzDayiSX5%2BtWTr2A1IxWbwXmKXkNrUeYeX8%2FHmdb5W0T5RElsco%2F8xE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 653ced743f90d6f9-FRA
cf-bgj: minify

GET
H3-29 200 ionicons.min.css
www.cimaclub.cc/themes/CimaClub/css/ 44 KB
7 KB 50ms
37ms Stylesheet
text/css 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/css/ionicons.min.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c912aa817df149ee42ec55bf975e71af03944afd22b9fdd5475d02397c55d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/css/ionicons.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1143
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bca20000d6f9b02cf000000001
last-modified: Wed, 14 Oct 2020 02:09:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f865de3-aea2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sgyDixWn%2Ffc7BEskTDQb3o3tAKAsoGt34k6zeqpZ6BShQSt5X2zIeW7ATTEiqByovMiMeRP4pIkmVXzjRHltpKQim12BAALf2L1en80GlyiGNz9csaRL40ieAuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 653ced743f8ed6f9-FRA

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 15ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.cimaclub.cc
Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617, 617
age: 152428
cdn-cachedat: 2021-05-21 15:50:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bc9500004e4a9e0e2000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 99ed1cea70b8e66387458f1557733960
cf-ray: 653ced742a074e4a-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 4041149 Show response
ugroocuw.net/5/ 48 KB
19 KB 182ms
75ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ugroocuw.net/5/4041149
Requested by: Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c279d1602fe312a5f3b578e2e0a68eb3efe3d2895b45b066068233ed6e814a49

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-trace-id: 5381ad36ed8fc40a075847ef651c4ddb
pragma: no-cache, no-cache
date: Sun, 23 May 2021 08:31:19 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 download-folder-black.png
www.cimaclub.cc/themes/CimaClub/img/ 1 KB
2 KB 40ms
29ms Image
image/png 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cimaclub.cc/themes/CimaClub/img/download-folder-black.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

859a8055fa05e0f8f8ff4ca6c96f21832edbb654332a5b8201a5eb1e07de22c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/img/download-folder-black.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1082
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1055
cf-request-id: 0a39f2bca80000d6f985297000000001
last-modified: Tue, 26 Nov 2019 18:46:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ddd72f6-41f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SCDYKPk9heuEW%2F1bVhUPS0KqwzVW%2FV8iZ9MibYJeyLdyIrLCl7ZRU5dwzjbDfxIumORSlwFC5HfQW%2BSBdJlIO2%2FuKb0XsL9ySPAqYXvM%2B6hxCx9gPkl4ZNwv9gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced743f99d6f9-FRA

GET
H3-29 200 download-folder-white.png
www.cimaclub.cc/themes/CimaClub/img/ 950 B
2 KB 30ms
19ms Image
image/png 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cimaclub.cc/themes/CimaClub/img/download-folder-white.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc7d6c84f87d19fc26a755d24415d994548de55c7a4569f545aee68588a50cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/img/download-folder-white.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1082
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 950
cf-request-id: 0a39f2bca30000d6f9d32ad000000001
last-modified: Tue, 26 Nov 2019 18:46:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ddd72f6-3b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jkVuH5AVpF2Gk%2F3zm7ZZyJMdwMv8WkIXet1%2BNxCXLblh5klB%2FcbMc9p%2B5u3zWI5Z7ZmPE%2Ftm3T2XYv5HOdnzz95ZRZmLB81hKzuUMe%2Fgo4wWF%2FqdkqvbozycFmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced743f95d6f9-FRA

GET
H3-29 200 logo-x.png
www.cimaclub.cc/themes/CimaClub/img/ 2 KB
3 KB 30ms
19ms Image
image/png 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cimaclub.cc/themes/CimaClub/img/logo-x.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e165ed7760c8ca3fa852ed00b6f3516d6b86ac11d9016766891297bc34ecb4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/img/logo-x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1142
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2408
cf-request-id: 0a39f2bca30000d6f996bff000000001
last-modified: Sun, 21 Jun 2020 21:47:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5eefd566-968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lVX0SE%2F%2FDk5f5L%2F5nP5y7EEr%2FtbS2UGpBMQ2Jg5FzFaf8ZAOVdXrXd5%2BRmzZA2XWpE3i6PVU5Pm583hN9NyXsfcqic9xe6oWBtDlfqNO8JpKvyziPg4stkduSX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced743f93d6f9-FRA

GET
H3-29 200 jquery-3.3.1.min.js Show response
www.cimaclub.cc/themes/CimaClub/js/ 85 KB
29 KB 41ms
29ms Script
application/javascript 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/js/jquery-3.3.1.min.js?v=1.1.7
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1143
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bca40000d6f9a6a75000000001
last-modified: Sat, 06 Apr 2019 20:23:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca90adc-15339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=esJcJ3ExY%2FnKtyN7ZgY5kYVgmLvgHWToMTpXFFvU5VH8Lg2pDOCRQUkaW5vXVpL6TyDulNyeQcz2VWJAQj%2BzX%2F%2FxPhAgB0cYvJMgFq8wby1EIJ1snUf8iMlut0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 653ced743f9bd6f9-FRA

GET
H3-29 200 tornado.min.js Show response
www.cimaclub.cc/themes/CimaClub/js/ 186 KB
33 KB 56ms
44ms Script
application/javascript 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/js/tornado.min.js?v=1.2.2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b06f659aacaa1af97c624506d4a055993ebbcc15f04061b2e02272706420fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/js/tornado.min.js?v=1.2.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1143
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bca50000d6f9889eb000000001
last-modified: Tue, 17 Nov 2020 22:32:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fb44f7d-2e9b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gWmM64INXwDXQQP8FaRkvDYlRkfd5a9Q7h2H2zchk6%2FSpwOVqRnJkntZP6NoxdsyZUNnS9a%2B2Hek%2B2zYZDxc4biiL3RooDbUVfnK%2FSLvYhEFWzUfFdLpA82rU8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 653ced743fa1d6f9-FRA

GET
H3-29 200 pusher.min.js Show response
www.cimaclub.cc/themes/CimaClub/js/ 60 KB
15 KB 31ms
20ms Script
application/javascript 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/js/pusher.min.js?v=1.1.7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce1bd1df2dd32d3ad07cd5776fd9bd3deb3681b4cc4755be8ff32c13d5fe1569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/js/pusher.min.js?v=1.1.7
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1143
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bca40000d6f9b7279000000001
last-modified: Sat, 06 Apr 2019 20:24:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca90ae4-f0b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X1WfgwXDyXPdW1T1OEZLwEAkS8oWOzfIkVQWrgUgZHXqz2Doh4TPbz4qHoLctFWuteh1ZeaDtjwon%2F4M6FRpN9nPSeUZtui%2BPzCpFv5A45d6HRnXSXGLwB1PfNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 653ced743f9fd6f9-FRA

GET
H2 200 jquery.playSound.js Show response
cdn.rawgit.com/admsev/jquery-play-sound/master/ 912 B
1 KB 295ms
189ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/admsev/jquery-play-sound/master/jquery.playSound.js?v=1.1.7

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 /

Resource Hash

f1240c5e81a12bb4e90be775a237f76c9e54f0e9251cf4dede4621911bb23927

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 632, 617
access-control-allow-origin: *
cdn-cachedat: 2021-05-23 10:31:22
cdn-pullzone: 201235
rawgit-cache-status: HIT
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-robots-tag: none
vary: Accept-Encoding
sunset: Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache: MISS
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: f3aa4aad0c4ffd783b775639eaacd4b0
content-type: application/javascript;charset=utf-8
cdn-requestcountrycode: SE
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174083888-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a069d7528cbf7350df846572ac65e626a0ddb3cf911be015028428eb8e799e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35747
x-xss-protection: 0
last-modified: Sun, 23 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 May 2021 08:31:22 GMT

GET
H2 200 80859801 Show response
kobatube.xyz/play/ Frame 0919 3 KB
2 KB 149ms
122ms Document
text/html 2606:4700:3037::6815:595d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kobatube.xyz/play/80859801
Requested by: Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/watch/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3-%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-28-%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9-%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86-%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:595d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7922b2dbf8963dddc1950d9ce640a3b3ce82c2c50f73cfe0585f05aac38c9d0e

Request headers

:method: GET
:authority: kobatube.xyz
:scheme: https
:path: /play/80859801
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cimaclub.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://www.cimaclub.cc/

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkpXd01pWTFTUG92QzNhakRTcFBIZFE9PSIsInZhbHVlIjoidXFRWE1ncThCRERUOEE4VG5MWU41SDA3VGNyZW11YzlzaWFlV0xGZUI4VGpRNTE3MFl2WjZnQ3h4N2x4QVhDYSIsIm1hYyI6IjE3YjAyNTI1OTUxNGIxOWVjYzg4OTMyNmI2MWMxZDViZWU4MGM5OGY5M2NiNTM0ODc1MGQ5Zjk0NWJiYTNjYjEifQ%3D%3D; expires=Sun, 23-May-2021 10:31:22 GMT; Max-Age=7200; path=/ streamwhale_session=eyJpdiI6IlRzN2tIQXRqcFdQZnVuQzJZSnlBNEE9PSIsInZhbHVlIjoiZThEa2dGcFF4NmJwb1JpXC85WVRoSVBrNnp6SnhMdjRrSGxXVWNnRmM5K3VWblBXS3JIUDhyRjJPV3N0cjk3eFAiLCJtYWMiOiJkZmJiZWY0NGM1NjI2ZTEwMWU3MTZkNGEzODBiZGQ3Yzg4MjBjMzQxY2ZiMDJkMDIxZGRiNWM0MTI5MDMxM2FhIn0%3D; expires=Sun, 23-May-2021 10:31:22 GMT; Max-Age=7200; path=/; httponly
cf-cache-status: DYNAMIC
cf-request-id: 0a39f2bcb500002bf61314e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3K57HGFeFpW2JpCL7d6X%2B7JVzBEFqwZtSva3e8CwAL3fGRemCahuDvSKtyZOEZ7BklesUbzhs4gI7lCqexQVxO79b94hSpJpJf9GTj3QcnVZPDVG0cx9J0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 653ced745ab22bf6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 739 B
470 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Righteous&display=swap

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a706e640c0437e098694531dcc5dd681a9c77d4874cffedbd94d161cb683c311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 May 2021 08:31:22 GMT
server: ESF
date: Sun, 23 May 2021 08:31:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 May 2021 08:31:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
621 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d21e60f4e776d22159819b8fa7ea7fd844e15e0821d3569d92bf22e281ece87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 May 2021 08:31:22 GMT
server: ESF
date: Sun, 23 May 2021 08:31:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 May 2021 08:31:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
425 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

414551f001a38adea76d53819b2447aa0f1c5f6187ffa1a66ca43c66b576f132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 May 2021 08:31:22 GMT
server: ESF
date: Sun, 23 May 2021 08:31:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 May 2021 08:31:22 GMT

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320e2499b135bf59df36a3e414cfba8f58e2168d39ad1f1debb9616458dd3caf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 header-min.png
www.cimaclub.cc/themes/CimaClub/img/ 72 KB
73 KB 15ms
13ms Image
image/png 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cimaclub.cc/themes/CimaClub/img/header-min.png?v=1.2

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b980e173262fc4de59c1e3e2dbd0083bc71d7d05a4f52e176a94076a8fe873fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/img/header-min.png?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1166
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73722
cf-request-id: 0a39f2bcf10000d6f9802a9000000001
last-modified: Wed, 25 Nov 2020 10:18:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fbe2f81-11ffa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B0CqOujVg0P28LtVUEBCn5Pii7MRJJ1RVJuW5vrRgIciqjOmk70tWarJ1xVY9KQ5wLaZ0vLE9rrew6arUea2sOOeq7UGKbDpo%2BiOR%2FoI4FzxpI4YgsEYDJD81ks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced74b8a3d6f9-FRA

GET
H3-29 200 wall.jpg
www.cimaclub.cc/themes/CimaClub/img/ 216 KB
216 KB 20ms
17ms Image
image/jpeg 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cimaclub.cc/themes/CimaClub/img/wall.jpg?v=1

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95af33ff61348732377d4887d7ed1f7b87479eca15c6dc96a36324013fc8594d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/CimaClub/img/wall.jpg?v=1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1141
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 221009
cf-request-id: 0a39f2bcf20000d6f97d2b8000000001
last-modified: Wed, 25 Nov 2020 10:12:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fbe2e13-35f51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g8EdoZ7HKn7i9ni2EGcxi2ooWaRW7KmkCc5fql8Ed2Hpz%2Bo3D5uIQs9M0mfSFaDLBj4YhLg7sqLenuYLr2l4VlQ%2FMfmqEQJIH%2FvqrPKemvOqkhUvYZlE165c6jE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced74b8a7d6f9-FRA

GET
H2 200 Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v4/ 9 KB
9 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cimaclub.cc
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sat, 22 May 2021 23:18:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:28 GMT
server: sffe
age: 33198
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8948
x-xss-protection: 0
expires: Sun, 22 May 2022 23:18:04 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v4/ 10 KB
10 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cimaclub.cc
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 04:47:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:16 GMT
server: sffe
age: 13432
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9864
x-xss-protection: 0
expires: Mon, 23 May 2022 04:47:30 GMT

GET
H2 200 2-c79JNi2YuVOUcOarRPgnNGooxCZ0q2cjfj9w.woff2
fonts.gstatic.com/s/changa/v11/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changa/v11/2-c79JNi2YuVOUcOarRPgnNGooxCZ0q2cjfj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa:200,300,400,500,600,700,800&display=swap&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c559fc51f1089b99c0d63e628cc1109df43582156abe9d80c6c65ef541d1e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cimaclub.cc
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Thu, 20 May 2021 15:47:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:57:56 GMT
server: sffe
age: 233003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15476
x-xss-protection: 0
expires: Fri, 20 May 2022 15:47:59 GMT

GET
H3-29 200 tornado-icons.woff
www.cimaclub.cc/themes/CimaClub/fonts/ 215 KB
215 KB 16ms
14ms Font
font/woff 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/fonts/tornado-icons.woff

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dfd4e6302dc2e9519d84e59bf9d71f45c809c8e3b5f4e54a94e48d96dcf656a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.cimaclub.cc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
:path: /themes/CimaClub/fonts/tornado-icons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cimaclub.cc
Referer: https://www.cimaclub.cc/themes/CimaClub/css/tornado-rtl.css?v=1.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1082
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 219712
cf-request-id: 0a39f2bcf20000d6f9a6a7b000000001
last-modified: Fri, 22 Mar 2019 23:52:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5c957529-35a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B0dTQjWMvEMg7zfO3VOOEeAB2EWUBRw4X4F%2FK3ZW1mBH21oYRfPe4whYL5FNbkqzfV5Dqi00LsPQ7u2Dx4Cv7SS54qCzCOs6uitUBwZv69O4UWo8ZW0tkY4%2FBWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced74b8a4d6f9-FRA

GET
H3-29 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
12ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.cimaclub.cc
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617
age: 152428
cdn-cachedat: 2021-05-21 16:04:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 0a39f2bcfd00004a8b0088b000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 80d2014bb00c8047618f2762b175000b
accept-ranges: bytes
cf-ray: 653ced74ce9d4a8b-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 ionicons.woff2
www.cimaclub.cc/themes/CimaClub/css/ 49 KB
50 KB 32ms
30ms Font
font/woff2 2606:4700:3037::ac43:9fbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cimaclub.cc/themes/CimaClub/css/ionicons.woff2?v=4.5.9-1

Requested by

Host: www.cimaclub.cc
URL: https://www.cimaclub.cc/themes/CimaClub/css/ionicons.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9fbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.cimaclub.cc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9; cimaclub_session=eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
:path: /themes/CimaClub/css/ionicons.woff2?v=4.5.9-1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.cimaclub.cc
referer: https://www.cimaclub.cc/themes/CimaClub/css/ionicons.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cimaclub.cc
Referer: https://www.cimaclub.cc/themes/CimaClub/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1020
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50556
cf-request-id: 0a39f2bcf20000d6f9a7b21000000001
last-modified: Wed, 14 Oct 2020 02:11:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f865e4b-c57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fSQCaeS4icHAwm%2F6qCzk7uzPQ6QbwAqJltai%2BIGrW1TlkID3XB0x%2FjURa4yNWxyEkv4ZGMJd3%2BuYeYqaoJeLvhaAMKNk1rYzx7fnHFv40oTD1A6kB9zNSlNceVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 653ced74b8a6d6f9-FRA

GET
H2 200 Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v4/ 10 KB
10 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cimaclub.cc
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sat, 22 May 2021 23:18:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:13 GMT
server: sffe
age: 33198
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10580
x-xss-protection: 0
expires: Sun, 22 May 2022 23:18:04 GMT

GET
H3-29 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v4/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cimaclub.cc
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Thu, 20 May 2021 04:18:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:18 GMT
server: sffe
age: 274351
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8488
x-xss-protection: 0
expires: Fri, 20 May 2022 04:18:51 GMT

GET
H3-29 200 play.css
kobatube.xyz/assets/css/ Frame 0919 1 KB
982 B 34ms
13ms Stylesheet
text/css 2606:4700:3037::6815:595d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kobatube.xyz/assets/css/play.css
Requested by: Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:595d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec17e5c83bd9b0085f586913207a2b6a7b69df63fb9caf35b8f244920085936

Request headers

Referer: https://kobatube.xyz/play/80859801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1501
cf-polished: origSize=1493
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bdb400004d8985960000000001
last-modified: Wed, 28 Aug 2019 14:58:38 GMT
server: cloudflare
etag: W/"5d66969e-5d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a6FB8PkCJol8l1r9%2F50KicQ3hzpcBy3K%2F1SH4ae4UG5iE9%2Fr4oPlhwrrgQx%2BHpULpbkbrEmLekWx4kkAR8v6fqLpyc31cdbl039wAPJ7qMJlnCJJzuxHm0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 653ced75ef474d89-FRA
cf-bgj: minify

GET
H2 200 jwplayer.js Show response
vidhd.org/player8/ Frame 0919 99 KB
31 KB 66ms
39ms Script
application/javascript 2606:4700:3033::ac43:8551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vidhd.org/player8/jwplayer.js

Requested by

Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788ea69f598b4e7560b9cc2f8b91ec9601c09b07ab5ef2e4206f85ca781ba247

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 580827
cf-polished: origSize=101002
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2bdba00004eaf9c085000000001
last-modified: Fri, 04 Dec 2020 17:19:28 GMT
server: cloudflare
etag: W/"5fca6fa0-18a8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6kApqRgdK82LvfyYMFfzH38ROs9lHRW9Ib5He2sYm8t%2FTXB4jKQuJbgj0j2STIICMDADu11F5p%2BQicaS9K6DrVSFZzx56MoLbXuZ%2B3WqjlqpL6GvrQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: max-age=604800
cf-ray: 653ced75fc344eaf-FRA
expires: Sun, 23 May 2021 15:10:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 0919 84 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sat, 22 May 2021 16:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56144
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 16:55:38 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 0919 88 KB
35 KB 34ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129434320-2

Requested by

Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43ca536eb13032ae1aad6232d0bbb95990300eaed2fa2cffd1ea4758ddd9eb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35749
x-xss-protection: 0
last-modified: Sun, 23 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 May 2021 08:31:22 GMT

GET
H/1.1 403
Forbidden 5a857a570ad3cad3e91f7d6f955eb269.js
paletteadulatory.com/5a/85/7a/ Frame 0919 0
0 399ms
134ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://paletteadulatory.com/5a/85/7a/5a857a570ad3cad3e91f7d6f955eb269.js
Requested by: Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 May 2021 08:31:22 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 / Show response
d1ac2du043ydir.cloudfront.net/ Frame 0919 199 KB
66 KB 293ms
199ms Script
text/plain 2600:9000:2181:4600:c:6c1a:fcc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ac2du043ydir.cloudfront.net/?udcad=923896
Requested by: Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2181:4600:c:6c1a:fcc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 81528f9e34fcdee1ae44197373259c4125a4b397cab29828860ff27d43941716

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: gzip
x-amz-cf-pop: MRS52-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 67297
via: 1.1 d0945be30f5a4a7ae05683911a5fea2d.cloudfront.net (CloudFront)
x-amz-cf-id: Pvb5mM-6y4tgkINyOZSCxoQmkhh0_iI4zQx6HqwF9M6kNIFy6QZ8kQ==

GET
H2 200 fac.php Show response
ugroocuw.net/ Frame B7B9 203 B
647 B 47ms
47ms Document
text/html 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugroocuw.net/fac.php

Requested by

Host: ugroocuw.net
URL: https://ugroocuw.net/5/4041149

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5badb06854856c68a2dcaba7945893559d080bd77eb901754204c004d9db804c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ugroocuw.net
:scheme: https
:path: /fac.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cimaclub.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OAID=95ca1fad93c24490a9f973c08c1ead78; oaidts=1621758682
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: https://www.cimaclub.cc/

Response headers

server: nginx
date: Sun, 23 May 2021 08:31:19 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: ae831f1215abeb453a486d13ec29f5ba
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H3-29 200 jwplayer.core.controls.js Show response
vidhd.org/player8/ Frame 0919 270 KB
63 KB 44ms
32ms Script
application/javascript 2606:4700:3033::ac43:8551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vidhd.org/player8/jwplayer.core.controls.js

Requested by

Host: vidhd.org
URL: https://vidhd.org/player8/jwplayer.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fdd08df86d8ba45394999f4d6596c114e8b1a003d991997196e7b773bbd80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 580689
cf-polished: origSize=275997
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2be0e0000e007d3000000000001
last-modified: Fri, 04 Dec 2020 17:19:27 GMT
server: cloudflare
etag: W/"5fca6f9f-4361d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hj97otYWdNY%2FVkYHJsu9M8rT%2BP93yHYQH81naH5PrlFyE%2FPL5O2mx0GH4o85GKgLT5xkL7QL9KuvMTOyADsgSXds2rVgYGCQxJw2p7X3kAh%2BO17Plxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: max-age=604800
cf-ray: 653ced7679c6e007-FRA
expires: Sun, 23 May 2021 15:13:13 GMT

GET
H3-29 200 related.js Show response
vidhd.org/player8/ Frame 0919 115 KB
25 KB 36ms
25ms Script
application/javascript 2606:4700:3033::ac43:8551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vidhd.org/player8/related.js

Requested by

Host: vidhd.org
URL: https://vidhd.org/player8/jwplayer.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53820925a205433cc528a76c6661f4dcf4623fbdd7040241e3e175b84af91445

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 580828
cf-polished: origSize=117409
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2be0f0000e007a2b12000000001
last-modified: Fri, 04 Dec 2020 17:19:26 GMT
server: cloudflare
etag: W/"5fca6f9e-1caa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FU9JBRdP7cv0ZJw4AfEGFEjvgUWJfHdCFO1plovBzQqmkiNWToWbZdhiQSJlgliw7VorazVdA3J5UtrFwQO5IOtwqEK1DHmxtrUcy15d4Hsla4EYaKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: max-age=604800
cf-ray: 653ced7679cbe007-FRA
expires: Sun, 23 May 2021 15:10:54 GMT

GET
H3-29 200 provider.hlsjs.js Show response
vidhd.org/player8/ Frame 0919 305 KB
79 KB 48ms
37ms Script
application/javascript 2606:4700:3033::ac43:8551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vidhd.org/player8/provider.hlsjs.js

Requested by

Host: vidhd.org
URL: https://vidhd.org/player8/jwplayer.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a24436694f35b3314eba901eb000b76058e636e689433ed5c26f50f68aeb703

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 250508
cf-polished: origSize=312728
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2be0f0000e007db352000000001
last-modified: Fri, 04 Dec 2020 17:19:30 GMT
server: cloudflare
etag: W/"5fca6fa2-4c598"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7zcTI07QW6TG6qUknicNFAKIH7UrPU79GJ40BcVNBOT4P8ThHXL6sb2v32xxgyfXjABllUjGhztYZTtP5OvCBfnZwtBe8FPhSvp%2F4GQHWqan%2F4s1%2Fg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: max-age=604800
cf-ray: 653ced7679c9e007-FRA
expires: Thu, 27 May 2021 10:56:14 GMT

POST
H3-29 200 create Show response
kobatube.xyz/api/playerStatistics/ Frame 0919 1 B
681 B 83ms
83ms XHR
text/html 2606:4700:3037::6815:595d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kobatube.xyz/api/playerStatistics/create
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:595d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kobatube.xyz/play/80859801
X-CSRF-TOKEN: 9LhvzRanlcXa3ZNk7mP77lPdXcLpdqdUgapqObI9
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2be0600004d898217e000000001
allow: GET, POST, PUT, DELETE, OPTIONS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 58
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o0lGoUfxHWA1rpmTkWnI8DNx9c7tFUid4VyfCRp3ZwWLPQ1D2WCJLT6G1BR7oyQ%2FnnveCRRV3q1P24r1p3wltdt5x0wDVJP89634z6YT9S%2F4T0libF%2B5kzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 653ced7668684d89-FRA
access-control-allow-headers: : Accept, Content-Type, X-Auth-Token, Authorization, Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174083888-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3686
date: Sun, 23 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 23 May 2021 09:29:56 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame B7B9 43 B
491 B 146ms
48ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=95ca1fad93c24490a9f973c08c1ead78

Requested by

Host: ugroocuw.net
URL: https://ugroocuw.net/fac.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ugroocuw.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:20 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1187267018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cimaclub.cc%2Fwatch%2F%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-%25D8%25A7%25D9%2584%25D9%2585%25D8%25A4%25D8%25B3%25D8%25B3-%25D8%25B9%25D8%25AB%25D9%2585%25D8%25A7%25D9%2586-%25D8%25A7%25D9%2584%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-%25D8%25A7%25D9%2584%25D8%25AB%25D8%25A7%25D9%2586%25D9%258A-%25D8%25A7%25D9%2584%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-28-%25D8%25A7%25D9%2584%25D8%25AB%25D8%25A7%25D9%2585%25D9%2586%25D8%25A9-%25D9%2588%25D8%25A7%25D9%2584%25D8%25B9%25D8%25B4%25D8%25B1%25D9%2588%25D9%2586-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%25D8%25A9&ul=en-us&de=UTF-8&dt=%D9%85%D8%B3%D9%84%D8%B3%D9%84%20%D8%A7%D9%84%D9%85%D8%A4%D8%B3%D8%B3%20%D8%B9%D8%AB%D9%85%D8%A7%D9%86%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85%20%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A%20%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9%2028%20%D8%A7%D9%84%D8%AB%D8%A7%D9%85%D9%86%D8%A9%20%D9%88%D8%A7%D9%84%D8%B9%D8%B4%D8%B1%D9%88%D9%86%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=772445738&gjid=1234519874&cid=1425611503.1621758683&tid=UA-174083888-1&_gid=2002622014.1621758683&_r=1&gtm=2ou5c1&z=1293701271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cimaclub.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 0919 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129434320-2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3686
date: Sun, 23 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 23 May 2021 09:29:56 GMT

GET
H/1.1 200
OK list.m3u8 Show response
api.govid.co/api/list/mp4/80859801/604ab8b7ce9df3cc3c2bb53cbbda1e99/ Frame 0919 484 B
981 B 236ms
105ms XHR
application/vnd.apple.mpegurl 51.159.19.225
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.govid.co/api/list/mp4/80859801/604ab8b7ce9df3cc3c2bb53cbbda1e99/list.m3u8
Requested by: Host: vidhd.org
URL: https://vidhd.org/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.159.19.225 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-159-19-225.rev.poneytelecom.eu
Software: nginx/1.19.8 /
Resource Hash: d7ee09a63e5fff3b3ed495b977b9ed06423b84b606d060f4731e676676be9e31

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Sun, 23 May 2021 08:31:22 GMT
Server: nginx/1.19.8
Allow: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 59
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 60
Connection: keep-alive
Access-Control-Allow-Headers: : Accept, Content-Type, X-Auth-Token, Authorization, Origin

GET
H3-29 200 80859801
kobatube.xyz/play/ Frame 0919 3 KB
3 KB 103ms
103ms Image
text/html 2606:4700:3037::6815:595d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kobatube.xyz/play/80859801
Requested by: Host: kobatube.xyz
URL: https://kobatube.xyz/play/80859801
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:595d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kobatube.xyz/play/80859801
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 23 May 2021 08:31:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZtBdMhGlloHn7vzW4t4H7TSKVsMjzu5lOV%2Bn60pnVAL4c5uWAqeKJnXS2PUbADZBlQQD25F%2FTldtP17yV8zIH4ADg5ImNxD2tMMYnh55qTssm7P0TkJDLXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 653ced773adf4d89-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a39f2be8500004d896ea8f000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 0919 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1645933727&t=pageview&_s=1&dl=https%3A%2F%2Fkobatube.xyz%2Fplay%2F80859801&dr=https%3A%2F%2Fwww.cimaclub.cc%2F&ul=en-us&de=UTF-8&dt=Play&sd=24-bit&sr=1600x1200&vp=1340x750&je=0&_u=YEBAAUABAAAAAC~&jid=1386170427&gjid=1322306044&cid=243834816.1621758683&tid=UA-129434320-2&_gid=592654510.1621758683&_r=1&gtm=2ou5c1&z=350975238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 May 2021 08:31:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kobatube.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 options Show response
ugroocuw.net/ 0
449 B 49ms
49ms XHR
text/html 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugroocuw.net/options?option_args=CL3T9gESIDk1Y2ExZmFkOTNjMjQ0OTBhOWY5NzNjMDhjMWVhZDc4GipodHRwOi8vdWdyb29jdXcubmV0L2FwdS5waHA_em9uZWlkPTQwNDExNDkiGGh0dHBzOi8vd3d3LmNpbWFjbHViLmNjLzIkMzhhZmU3ZDUtY2FiNi00MGMwLWEzOGMtMTQ4MDI2NTMwMDhm

Requested by

Host: ugroocuw.net
URL: https://ugroocuw.net/5/4041149

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cimaclub.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: 31dac8034d0e1c043d50d5db6708ed32
pragma: no-cache
date: Sun, 23 May 2021 08:31:19 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://www.cimaclub.cc
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 204 options
ugroocuw.net/ Frame 0
0 163ms
69ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cimaclub.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 23 May 2021 08:31:17 GMT
access-control-allow-origin: https://www.cimaclub.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H/1.1 200
OK index.m3u8 Show response
ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/ Frame 0919 37 KB
6 KB 183ms
58ms XHR
application/vnd.apple.mpegurl 195.154.157.95
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/index.m3u8
Requested by: Host: vidhd.org
URL: https://vidhd.org/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.157.95 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-157-95.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 8e477b3953796a448ad1d7a094e34fb756aa0494d74d8dd05f3d4b834f10a3c3

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Sun, 23 May 2021 08:31:23 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-1-9324"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/ Frame 0919 937 KB
938 KB 67ms
67ms XHR
video/mp2t 195.154.157.95
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/seg-1-v1-a1.ts
Requested by: Host: vidhd.org
URL: https://vidhd.org/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.157.95 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-157-95.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 8f4e61b1844945256476f33c7d559d46c9ef5dab1bf7962dbc171be9cded4cdd

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Sun, 23 May 2021 08:31:23 GMT
Server: nginx
ETag: "-1-ea5b8"
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes, bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 959928

GET
BLOB 200
OK c2d3a926-ace7-49e7-9761-b30bbd03bc97
https://kobatube.xyz/ Frame 0919 66 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kobatube.xyz/c2d3a926-ace7-49e7-9761-b30bbd03bc97
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad89a1b72c630c398aff54c58e3370b57df4e189851220379bdea6d894b35008

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Length: 67996
Content-Type: text/javascript

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/ Frame 0919 1 MB
1 MB 60ms
58ms XHR
video/mp2t 195.154.157.95
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ola-s901118-21.kobatube.online/hls1/CimaClub.Cam-almosisi.osman.s01.ep55.720p.x264.aac-480.38232.mp4/seg-2-v1-a1.ts
Requested by: Host: vidhd.org
URL: https://vidhd.org/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.157.95 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-157-95.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 8b27d860679d5bab9eeb124846bbfa7a768abc0011fad2e0a613777b4ae55eac

Request headers

Referer: https://kobatube.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Sun, 23 May 2021 08:31:23 GMT
Via: 1.1 varnish-v4
Server: nginx
Age: 0
ETag: "-1-134878"
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
X-Varnish: 506593845
Connection: keep-alive
Accept-Ranges: bytes, bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 1263736

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kobatube.xyz/	1970-01-19 18:29:25	Name: _ga Value: GA1.2.243834816.1621758683
.kobatube.xyz/	1970-01-19 18:29:25	Name: _gid Value: GA1.2.592654510.1621758683
.cimaclub.cc/	1970-01-19 18:29:18	Name: _gat_gtag_UA_174083888_1 Value: 1
ugroocuw.net/	1970-01-20 03:14:54	Name: oaidts Value: 1621758682
ugroocuw.net/	1970-01-20 03:14:54	Name: OAID Value: 95ca1fad93c24490a9f973c08c1ead78
www.cimaclub.cc/	1970-01-19 18:29:54	Name: cimaclub_session Value: eyJpdiI6IlFHXC93YkZuTUxKbXRPZkRnclh6V2h3PT0iLCJ2YWx1ZSI6IiszcVZFVnhiXC9adERkcFNQZjBpUURpOFJraFN5dXhROXdJUmQ3cDF2MFwvUnBoalhoRmhHMVRzZG9mZjloS3FaeCIsIm1hYyI6IjBjOWY4ODgxYjg1ZTcyOGE0YmM2ODczYTExN2E4YTQ4YTAzMjg4Y2YxYzk3OWM2NjIyNTU2ZTBhYzRhOGJlMWUifQ%3D%3D
.cimaclub.cc/	1970-01-19 18:30:45	Name: _gid Value: GA1.2.2002622014.1621758683
.kobatube.xyz/	1970-01-19 18:29:25	Name: _gat_gtag_UA_129434320_2 Value: 1
.cimaclub.cc/	1970-01-20 12:00:30	Name: _ga Value: GA1.2.1425611503.1621758683
.www.cimaclub.cc/	1970-01-19 18:29:22	Name: __PPU_BACKCLCK_4041149 Value: true
www.cimaclub.cc/	1970-01-19 18:29:54	Name: XSRF-TOKEN Value: eyJpdiI6InRwV09NcnhYSHFjTFN2TWhVU0szMmc9PSIsInZhbHVlIjoiNFR0dFZiNjdxRGZQcCt2elBabWxWZElrYzhNRlwvSHV5WnZzM1QyV1Ezc3QzdWpNWUV5R1B6XC9UdnlaTWxLbFMwIiwibWFjIjoiZTc0NjVjYWQxNzNmMjliMzIyYThhNTkxOTgxMDU4ODY1MTdiZjBkYTM1NThhMDYwN2FlOTRmMTFlMTA0MjhlMiJ9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://vidhd.org/player8/jwplayer.js(Line 3) Message: JW Player Warning 301129. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#301129
console-api	log	URL: https://kobatube.xyz/play/80859801(Line 74) Message: playerStatistics control succeeded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.govid.co
cdn.rawgit.com
d1ac2du043ydir.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
kobatube.xyz
my.rtmark.net
ola-s901118-21.kobatube.online
paletteadulatory.com
stackpath.bootstrapcdn.com
ugroocuw.net
vidhd.org
www.cimaclub.cc
www.google-analytics.com
www.googletagmanager.com
139.45.195.8
139.45.197.239
185.59.220.194
192.243.59.20
195.154.157.95
2600:9000:2181:4600:c:6c1a:fcc0:21
2606:4700:3033::ac43:8551
2606:4700:3037::6815:595d
2606:4700:3037::ac43:9fbb
2606:4700::6812:acf
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
51.159.19.225
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c559fc51f1089b99c0d63e628cc1109df43582156abe9d80c6c65ef541d1e55
0dfd4e6302dc2e9519d84e59bf9d71f45c809c8e3b5f4e54a94e48d96dcf656a
1ec17e5c83bd9b0085f586913207a2b6a7b69df63fb9caf35b8f244920085936
2a24436694f35b3314eba901eb000b76058e636e689433ed5c26f50f68aeb703
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0
320e2499b135bf59df36a3e414cfba8f58e2168d39ad1f1debb9616458dd3caf
36fdd08df86d8ba45394999f4d6596c114e8b1a003d991997196e7b773bbd80e
3c912aa817df149ee42ec55bf975e71af03944afd22b9fdd5475d02397c55d4b
414551f001a38adea76d53819b2447aa0f1c5f6187ffa1a66ca43c66b576f132
43ca536eb13032ae1aad6232d0bbb95990300eaed2fa2cffd1ea4758ddd9eb9b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53820925a205433cc528a76c6661f4dcf4623fbdd7040241e3e175b84af91445
566cd2884c3acf992ee3bfaa4a9125016c7b7e86559e45572534f023f6bfe368
5badb06854856c68a2dcaba7945893559d080bd77eb901754204c004d9db804c
61aef7d3955fb1311221e82daada09987889c91a0e3bccf6158c06738cca1817
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
788ea69f598b4e7560b9cc2f8b91ec9601c09b07ab5ef2e4206f85ca781ba247
7922b2dbf8963dddc1950d9ce640a3b3ce82c2c50f73cfe0585f05aac38c9d0e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b06f659aacaa1af97c624506d4a055993ebbcc15f04061b2e02272706420fef
81528f9e34fcdee1ae44197373259c4125a4b397cab29828860ff27d43941716
859a8055fa05e0f8f8ff4ca6c96f21832edbb654332a5b8201a5eb1e07de22c6
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8b27d860679d5bab9eeb124846bbfa7a768abc0011fad2e0a613777b4ae55eac
8e477b3953796a448ad1d7a094e34fb756aa0494d74d8dd05f3d4b834f10a3c3
8f4e61b1844945256476f33c7d559d46c9ef5dab1bf7962dbc171be9cded4cdd
95af33ff61348732377d4887d7ed1f7b87479eca15c6dc96a36324013fc8594d
a069d7528cbf7350df846572ac65e626a0ddb3cf911be015028428eb8e799e69
a706e640c0437e098694531dcc5dd681a9c77d4874cffedbd94d161cb683c311
ad89a1b72c630c398aff54c58e3370b57df4e189851220379bdea6d894b35008
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
b980e173262fc4de59c1e3e2dbd0083bc71d7d05a4f52e176a94076a8fe873fb
c279d1602fe312a5f3b578e2e0a68eb3efe3d2895b45b066068233ed6e814a49
ce1bd1df2dd32d3ad07cd5776fd9bd3deb3681b4cc4755be8ff32c13d5fe1569
d21e60f4e776d22159819b8fa7ea7fd844e15e0821d3569d92bf22e281ece87a
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
d7ee09a63e5fff3b3ed495b977b9ed06423b84b606d060f4731e676676be9e31
e165ed7760c8ca3fa852ed00b6f3516d6b86ac11d9016766891297bc34ecb4f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc7d6c84f87d19fc26a755d24415d994548de55c7a4569f545aee68588a50cb
f1240c5e81a12bb4e90be775a237f76c9e54f0e9251cf4dede4621911bb23927

www.cimaclub.cc Open in urlscan Pro 2606:4700:3037::ac43:9fbb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

63 %IPv6

15 Domains

16 Subdomains

17 IPs

4 Countries

3437 kBTransfer

5070 kBSize

11 Cookies

9 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cimaclub.cc Open in urlscan Pro
2606:4700:3037::ac43:9fbb Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

63 %
IPv6

15
Domains

16
Subdomains

17
IPs

4
Countries

3437 kB
Transfer

5070 kB
Size

11
Cookies

51 HTTP transactions
1 data transactions