cricket.loremtechbd.xyz Open in urlscan Pro
2a00:1450:4001:80b::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cricket.loremtechbd.xyz/
Submission: On June 07 via api (June 7th 2024, 9:01:38 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 70 HTTP transactions. The main IP is 2a00:1450:4001:80b::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is cricket.loremtechbd.xyz.
TLS certificate: Issued by WR3 on June 5th 2024. Valid for: 3 months.

This is the only time cricket.loremtechbd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:80b::2013	15169 (GOOGLE) (GOOGLE)
7	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3036::ac43:c134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
12	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
4	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	185.49.145.45 185.49.145.45	35415 (WEBZILLA) (WEBZILLA)
1	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
5	2606:4700:10:... 2606:4700:10::6816:21ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
70	18

3 2a00:1450:4001:80b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cricket.loremtechbd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)

jurysupposedshooter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

alwingulla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

veepteero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gishejuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eedsaung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c134 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

moonoafy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

shoordaird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.49.145.45 (Netherlands)

ASN35415 (WEBZILLA, NL)

datatechonert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	moonoafy.net moonoafy.net — Cisco Umbrella Rank: 152409	63 KB
7	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 9704	566 KB
7	jurysupposedshooter.com jurysupposedshooter.com — Cisco Umbrella Rank: 693861
6	gishejuy.com gishejuy.com — Cisco Umbrella Rank: 72586	34 KB
5	offerimage.com offerimage.com — Cisco Umbrella Rank: 28710	79 KB
5	eedsaung.net eedsaung.net — Cisco Umbrella Rank: 39211	148 KB
4	gstatic.com fonts.gstatic.com	31 KB
4	shoordaird.com shoordaird.com	36 KB
3	veepteero.com veepteero.com — Cisco Umbrella Rank: 148820	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	271 KB
3	loremtechbd.xyz cricket.loremtechbd.xyz	24 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9436	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 354	33 KB
1	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 69171
1	datatechonert.com datatechonert.com — Cisco Umbrella Rank: 15155	492 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2406	260 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 16622	8 KB
1	alwingulla.com alwingulla.com — Cisco Umbrella Rank: 155315	26 KB
70	19

	Domain	Requested by
12	moonoafy.net	alwingulla.com moonoafy.net cricket.loremtechbd.xyz
7	blogger.googleusercontent.com
7	jurysupposedshooter.com	cricket.loremtechbd.xyz
6	gishejuy.com	alwingulla.com gishejuy.com
5	offerimage.com	cricket.loremtechbd.xyz gishejuy.com shoordaird.com
5	eedsaung.net	alwingulla.com eedsaung.net
4	fonts.gstatic.com	fonts.googleapis.com
4	shoordaird.com	alwingulla.com shoordaird.com
3	veepteero.com	alwingulla.com
3	www.googletagmanager.com	cricket.loremtechbd.xyz www.googletagmanager.com
3	cricket.loremtechbd.xyz	cricket.loremtechbd.xyz
2	fonts.googleapis.com	shoordaird.com
2	my.rtmark.net	alwingulla.com cricket.loremtechbd.xyz
2	cdn.jsdelivr.net	cricket.loremtechbd.xyz
1	interstitial-08.com	eedsaung.net
1	datatechonert.com	tzegilo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tzegilo.com	alwingulla.com
1	alwingulla.com	cricket.loremtechbd.xyz
70	19

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
loremtechbd.blogspot.com
www.loremtechbd.xyz
www.jettheme.com

Subject Issuer	Validity	Valid
cricket.loremtechbd.xyz WR3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
jurysupposedshooter.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
alwingulla.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
veepteero.com R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh
rtmark.net R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
moonoafy.net R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
shoordaird.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
gishejuy.com R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
eedsaung.net R3	`2024-06-01` - `2024-08-30`	3 months	crt.sh
datatechonert.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
interstitial-08.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
offerimage.com GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://cricket.loremtechbd.xyz/
Frame ID: E86C7DAD2FCAFC0A4E8E818DF06A8CD9
Requests: 55 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D3897819045%26z%3D7575646%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DLeJg94IB5No12J5sW-7e3Gdd8pbCD6yCqc9r9OgY0NV1lInOLDB7lzbByRtB6roydrpHWmdsFpOwnqpyfUxT6f4p07grIukyICKyp7MzjdMcI1ccQ4CJoKdTcXQx-wmyZAFoJa9HpX4UabgN7cLl2odMPYNN9QAUUVZp_AxPLhdP3cUZUW54B-0NRK1PHFTv4VKjyBb_OrfmpOLQE4StIdki3pcQ6Wmliyg9EAdCPjLeydqkaiX462137V9xXr2fu_usJz0cBU_SENWOWRS_irRYqsfzTfbLCiEMlKKHYWW_tfCOmNVi31QbqPk%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dd645ddea-7f18-46a0-9101-8efd81bac60e%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D125.0.6422.141%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcricket.loremtechbd.xyz%252F%26wy%3D370%26wx%3D370%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D125.0.6422.141%26tbc%3D0
Frame ID: EA597B5630C18EA9F2AF8533FE4F154C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 055086574E5066492AD97F4C148E5A63
Requests: 1 HTTP requests in this frame

Frame: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Frame ID: 33A40BDF2728E12FF2A3B506D8E2B74C
Requests: 1 HTTP requests in this frame

Frame: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Frame ID: 513D97DAAA73351BE706F305CAD61B89
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: EF204131BB975C23C0D7B99487DB35FD
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 067FFDC443327AF21061DCBEEE0F19FC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ICC T20 World Cup 2024

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

70
Requests

100 %
HTTPS

59 %
IPv6

19
Domains

19
Subdomains

18
IPs

4
Countries

1330 kB
Transfer

3158 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/blog/post/edit/3945183409030227305/8451617678115321574

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/3945183409030227305/6172499025021487450

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/3945183409030227305/5517582054058379816

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/3945183409030227305/4311838212457992893

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/3945183409030227305/5189675171432332144

Search URL Search Domain Scan URL

URL: https://loremtechbd.blogspot.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.loremtechbd.xyz/p/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jettheme.com/
Title: JetTheme.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cricket.loremtechbd.xyz/ 88 KB
21 KB 283ms
283ms Document
text/html 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0bd925e790b4afa08c5121cf31a95e5a90313a00d8961dbdf4d5c622cd774e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 21038
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 09:01:27 GMT
etag: W/"e9b6492d65779c7ba034e53678c39fa074124e71c9f4534d46a1876617791c52"
expires: Fri, 07 Jun 2024 09:01:27 GMT
last-modified: Thu, 06 Jun 2024 04:20:35 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all,noodp
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden 04a42d247ce24d9e706137f86aa03bdf.js
jurysupposedshooter.com/04/a4/2d/ 0
0 1031ms
97ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:28 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 tag.min.js Show response
alwingulla.com/88/ 82 KB
26 KB 91ms
37ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alwingulla.com/88/tag.min.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af260e1d58bf298abb2655985a029ebf6c95063ff45bf9f520270097c9cbedfe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71269
alt-svc: h3=":443"; ma=86400
x-trace-id: fc9e1b292eff9a3153345d50aa672a4a
pragma: no-cache
last-modified: Wed, 05 Jun 2024 12:58:48 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4t1hSvCNp0BTXzKD8oyFFHcFLA0DhrzyeEJZfaMx9Z8XEyy1EBWNtjHkfxThLqn419Lg0%2Bw83O1pQPX3V24f2mnicJpFENX3ow1Vr2WuG2hUHYanH1o7YmAM9ryiZ3BF5nPfCyXPJg06beQow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 88ff7527fc1b1c7a-AMS
expires: Fri, 07 Jun 2024 13:13:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 77ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYNBPMTXEF

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5684415a6758dddb00f59c540a3b4910a991a86fb61ce05c34017e446ef92759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 09:01:28 GMT

GET
H/1.1 403
Forbidden invoke.js
jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/ 0
0 1013ms
99ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/invoke.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:28 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 main.js Show response
cdn.jsdelivr.net/gh/jettheme/js@0.5.5/ 12 KB
7 KB 92ms
26ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/jettheme/js@0.5.5/main.js

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b103190c505e7ce35a8f196437db358e5d45c0071c0f65231c0e6211316826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2749414
x-jsd-version: 0.5.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6319
x-served-by: cache-fra-eddf8230104-FRA, cache-lga21925-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"3122-6kmtk52Xy6HP/Wr2Rx1SXQewc0A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkfZ5jT9%2B%2Feb1YKssliQiWt4wMObSNNEyyxqYfLCD3AG55o9C6PgEiMSbLw%2BqO05OnptI52Myto1n8mr4lF5n8BZkDm6hPhE2wPr4yn2L%2B8Ri0i9vjAYXoov6JCFId9mRVfOi%2Bnk%2B6XAafeJaFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ff75282d53663c-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
69 KB 74ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBV6647Q

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52027908cfee8c8a6f1636998e5a635aaa9edb2d3828a2c481d10455d62033e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 09:01:28 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
26 KB 27ms
26ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2818622
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26333
x-served-by: cache-fra-etou8220101-FRA, cache-lga21936-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhIWeqVx5shT9xtysWR8MgRsxuUFpLp40QyzxEPLWHcLhRTlTa3LD2E5Ztbk7GGB2oOrgGijwki%2B6uTwuoEU%2Fa0fMBJoeylKRU9x9s%2Bo3Eq1E1xJAIdJTeMSeCjlKNA5ZNCo18coqjgu%2BlN84nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ff752e1b4c663c-AMS

GET
H2 200 70815 Show response
veepteero.com/88/ 3 KB
2 KB 76ms
36ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://veepteero.com/88/70815
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 99681fa866968d5a4351e8c554e64e088fdfdf3a240e4e33cb0da0bd70597710

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache, no-cache
date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 70815 Show response
veepteero.com/88/ 3 KB
2 KB 142ms
23ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://veepteero.com/88/70815
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 47ffa1180408d459e74834d409f5c4d2843c5605d5cde4f5dfeedfe7d178aad4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache, no-cache
date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/ 0
0 109ms
109ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/invoke.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:28 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 43 B
43 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 74ms
26ms Script
application/javascript 2606:4700:3036::ac43:c134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4799
etag: W/"65c37cc1-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63s1TboFN%2FRB2YnfQ4o09WH7I9IY7weUYeT8lsYSaKSjZKlhYCxmfRAfI5DpDOCUh8As8ajP5R8fcIN%2BveYRC5UGlXrpXObeOiv9qYvPKK18ICgy5MFoZG%2FPD7kpGUGUW%2BCOOPjItJCt%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 88ff752f0caa656d-AMS
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
551 B 247ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=00807460b3634793fe017de65db6195d

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9fb7352a6866c15ab0564520ec74673d85370853e6d8f4a4c4a0e76e6681fe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 tag.min.js Show response
moonoafy.net/pfe/current/ 14 KB
6 KB 247ms
12ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/pfe/current/tag.min.js?z=7575648
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9ccb99820a752532cc41665805f025228ecdedfcf544d4171377252532d447fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 12:14:40 GMT
server: nginx
etag: W/"665f0530-39d7"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 7575647 Show response
shoordaird.com/401/ 87 KB
34 KB 269ms
34ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shoordaird.com/401/7575647

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

54ed9c9fcf9dbe5dc6cbc88c6136087a18d478c6e5ecaf9b5e56c114f095347c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 0199de4a705a627909b39fe2910f04a4
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 7575645 Show response
gishejuy.com/400/ 81 KB
31 KB 267ms
32ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/400/7575645

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3634ae807db0c6899b89a18e9200fd4f9a233dd9f8454342133fad82c88e3320

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: a7c72363c342365d3414500813b6f6cc
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
eedsaung.net/ 42 KB
16 KB 259ms
24ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/1?z=7575646
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 529f5caa809282b33a98c943dc80b024c71fb03f84841e10dca33dddfb12a7cd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: e97851eea951a2dbd07b99e120d9998f
pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
x-sc: c1Ea9MdGf7qV_PT3aQQKo0BdyQ6cKAw-HVbQZXd4MUCqGbWLj6Bb0Gc6ME8x1Mz5ImOGyexAk6EqqT2AVXYEEd5KQSQ=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 403
Forbidden 04a42d247ce24d9e706137f86aa03bdf.js
jurysupposedshooter.com/04/a4/2d/ 0
0 98ms
98ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:28 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYNBPMTXEF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBV6647Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9083e04ba19fa7c02016c155961a96dc2a7970eafd21b79a5fe27893885f37df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 09:01:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 146ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QYNBPMTXEF&gtm=45je4650v9183098319z89183055640za200zb9183055640&_p=1717750888642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=92271718.1717750889&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717750888&sct=1&seg=0&dl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&dt=ICC%20T20%20World%20Cup%202024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1985
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYNBPMTXEF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK add Show response
datatechonert.com/log/ 12 B
492 B 188ms
23ms XHR
application/json 185.49.145.45
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5fb9536a-38bc-4018-a258-50173f704a3e
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.49.145.45 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.25.3 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 07 Jun 2024 09:01:29 GMT
Server: nginx/1.25.3
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cricket.loremtechbd.xyz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 / Show response
veepteero.com/ 2 KB
3 KB 174ms
12ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://veepteero.com/?rb=SzJMs4l4rnhzIN7I1Wd_fEDQkK4DrMuj811R32wfhSrTrE2D90fpG15Ksk1oCAM7BkC_bDNdADwSOUth142q9SxCoROoiQksEAwOY5dJq3fPrTHeURc_3bXJ_omDBuZRK1ltQa6ODOYBfZ6jWugTnZq3M6UlN9Iy3q9VRyxATvH_whuJcHoVaKuWowTChD6svfGL6LUjxSx7fezegBkbArcJTeFsfGXydwuS1w8UpQm5UloejN4HXMuMvXD4RSkEFHKV-rpGh8oYemagGWYVCL_4a53G7ubeu5MZjd0Derja5U4XFthgIra0yFpdmxrHbWkrDQG1NwH0miko4aMhyg%3D%3D&request_ab2=0&zoneid=7575644&js_build=iclick-v1.813.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=370&wy=370&cw=1600&wfc=0&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FBerlin&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.813.0&navlng=de-DE&pnt=0&pnrc=0&bs=5fb9536a-38bc-4018-a258-50173f704a3e&wasm=1&userId=00807460b3634793fe017de65db6195d&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&m=link

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c68b6a81026385985fb8a00cb3ca6815a14f42e2bd8dbe2d6cf2d6eea553a33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 91b425a3e38962b2d62338e5cc1b756c
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 403
Forbidden 04a42d247ce24d9e706137f86aa03bdf.js
jurysupposedshooter.com/04/a4/2d/ 0
0 120ms
120ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:29 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 universal.min.js Show response
moonoafy.net/3bT/27mJf/ 88 KB
33 KB 84ms
32ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/3bT/27mJf/universal.min.js?v=3.1.518
Requested by: Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7575648
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 37cf8f0f436b7efea8cb63a2cd61353bb4031c228bb83b81361e6df342cf2744

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 12:14:42 GMT
server: nginx
etag: W/"665f0532-16016"
content-type: application/javascript
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 universal.min.js Show response
moonoafy.net/3bT/27mJf/ 88 KB
188 B 67ms
14ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/3bT/27mJf/universal.min.js?v=3.1.518
Requested by: Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7575648
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 37cf8f0f436b7efea8cb63a2cd61353bb4031c228bb83b81361e6df342cf2744

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 12:14:42 GMT
server: nginx
etag: W/"665f0532-16016"
content-type: application/javascript
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 7552beb94fc0bdff7bbb33cad3d1ab0a Show response
eedsaung.net/27/ 404 KB
128 KB 28ms
14ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eedsaung.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a

Requested by

Host: eedsaung.net
URL: https://eedsaung.net/1?z=7575646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 7e94347105e8171f2693f2f993fe19d9
date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Thu, 16 May 2024 06:01:31 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Thu, 15 Jun 2084 06:01:31 GMT

GET
H2 200 zone Show response
moonoafy.net/ 878 B
1 KB 18ms
18ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/zone?pub=0&zone_id=7575648&is_mobile=false&domain=cricket.loremtechbd.xyz&var=&ymid=&var_3=&tg=0&sw=3.1.518&drf=&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7575648

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f1ec2410fa5ffa1e0371cfc82c900bd3b08d513c80ce2ea6aeb20a16a9aa25ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 878

GET
H2 200 zone Show response
moonoafy.net/ 878 B
1 KB 23ms
22ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7575648

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f1ec2410fa5ffa1e0371cfc82c900bd3b08d513c80ce2ea6aeb20a16a9aa25ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 878

GET
H/1.1 403
Forbidden 04a42d247ce24d9e706137f86aa03bdf.js
jurysupposedshooter.com/04/a4/2d/ 0
0 109ms
109ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:29 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H2 200 9 Show response
eedsaung.net/ 6 KB
3 KB 46ms
40ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=7575646&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&wy=370&wx=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=00807460b3634793fe017de65db6195d
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ac7200ebdd5200b55528c7440c38484318b850cb382ec26731f54d980a94697d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 565c63308ebae4c20cd76a5757fef465
pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
eedsaung.net/ Frame 0
0 99ms
19ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=7575646&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&wy=370&wx=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=00807460b3634793fe017de65db6195d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Fri, 07 Jun 2024 09:01:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 7575645 Show response
gishejuy.com/500/ 2 KB
2 KB 114ms
113ms XHR
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/500/7575645?excludes=&oaid=00807460b3634793fe017de65db6195d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=370&wy=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&js_build=8&sw_version=v1.347.0

Requested by

Host: gishejuy.com
URL: https://gishejuy.com/400/7575645

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0aa2c136d85adfc2a15a934b61f873c6befdbf08eff7516fe5cafd0d7add24eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: a0725bba4e9a6a327ebec05dff409d73
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 7575645
gishejuy.com/500/ Frame 0
0 89ms
20ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 07 Jun 2024 09:01:29 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H/1.1 403
Forbidden 04a42d247ce24d9e706137f86aa03bdf.js
jurysupposedshooter.com/04/a4/2d/ 0
0 138ms
114ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 09:01:29 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H2 200 custom Show response
moonoafy.net/ 39 B
414 B 20ms
18ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2 404 sw.js
cricket.loremtechbd.xyz/ 66 KB
0 300ms
262ms Fetch
text/html 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cricket.loremtechbd.xyz/sw.js

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 18093
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 custom
moonoafy.net/ Frame 0
0 67ms
27ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 07 Jun 2024 09:01:29 GMT
server: nginx

GET
H2 200 7575647 Show response
shoordaird.com/500/ 2 KB
2 KB 175ms
174ms XHR
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shoordaird.com/500/7575647?excludes=&oaid=00807460b3634793fe017de65db6195d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=370&wy=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&js_build=8&sw_version=v1.347.0

Requested by

Host: shoordaird.com
URL: https://shoordaird.com/401/7575647

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b8ce7de2000e9de810a214f2237e9196cd04b8a6d8b45aba3969c01cc9f10010

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: d5313263c37c1e20117d356173ed686c
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 7575647
shoordaird.com/500/ Frame 0
0 64ms
17ms Preflight 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 07 Jun 2024 09:01:29 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 11 Show response
eedsaung.net/ 0
601 B 272ms
254ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/11?rnd=3586907133&z=7575646&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=LeJg94IB5No12J5sW-7e3Gdd8pbCD6yCqc9r9OgY0NV1lInOLDB7lzbByRtB6roydrpHWmdsFpOwnqpyfUxT6f4p07grIukyICKyp7MzjdMcI1ccQ4CJoKdTcXQx-wmyZAFoJa9HpX4UabgN7cLl2odMPYNN9QAUUVZp_AxPLhdP3cUZUW54B-0NRK1PHFTv4VKjyBb_OrfmpOLQE4StIdki3pcQ6Wmliyg9EAdCPjLeydqkaiX462137V9xXr2fu_usJz0cBU_SENWOWRS_irRYqsfzTfbLCiEMlKKHYWW_tfCOmNVi31QbqPk=&ruid=d645ddea-7f18-46a0-9101-8efd81bac60e&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&wy=370&wx=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=125.0.6422.141&ot=158
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 1ee795c64858557c3741ef997b8305cd
pragma: no-cache
date: Fri, 07 Jun 2024 09:01:29 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 404 /
interstitial-08.com/ Frame EA59 0
0 176ms
84ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D3897819045%26z%3D7575646%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DLeJg94IB5No12J5sW-7e3Gdd8pbCD6yCqc9r9OgY0NV1lInOLDB7lzbByRtB6roydrpHWmdsFpOwnqpyfUxT6f4p07grIukyICKyp7MzjdMcI1ccQ4CJoKdTcXQx-wmyZAFoJa9HpX4UabgN7cLl2odMPYNN9QAUUVZp_AxPLhdP3cUZUW54B-0NRK1PHFTv4VKjyBb_OrfmpOLQE4StIdki3pcQ6Wmliyg9EAdCPjLeydqkaiX462137V9xXr2fu_usJz0cBU_SENWOWRS_irRYqsfzTfbLCiEMlKKHYWW_tfCOmNVi31QbqPk%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dd645ddea-7f18-46a0-9101-8efd81bac60e%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D125.0.6422.141%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcricket.loremtechbd.xyz%252F%26wy%3D370%26wx%3D370%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D125.0.6422.141%26tbc%3D0
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://cricket.loremtechbd.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 09:01:29 GMT
location: https://zuhempih.com/4/557210?var={zoneid}&rsz={zoneid}
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ 79 KB
79 KB 304ms
43ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
cf-cache-status: HIT
age: 74049
content-length: 80638
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
etag: "664352d3-13afe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 88ff75370e3d1e6d-AMS
expires: Fri, 07 Jun 2024 12:27:21 GMT

POST
H2 200 event Show response
moonoafy.net/ 94 B
469 B 14ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/event

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f518ee128ebbeb2875eef96858e727c3e97f132ca6835fb0b0ab870b25f3915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 94

OPTIONS
H2 200 event
moonoafy.net/ Frame 0
0 29ms
28ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 07 Jun 2024 09:01:29 GMT
server: nginx

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
550 B 42ms
31ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=b327023a75d445fcb89964a627d34d97&zoneId=7575648&checkDuplicate=true&ymid=&var=&source=pusher

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9fb7352a6866c15ab0564520ec74673d85370853e6d8f4a4c4a0e76e6681fe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 defaultSkin.min.js Show response
moonoafy.net/3bT/27mJf/ 56 KB
19 KB 29ms
28ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/3bT/27mJf/defaultSkin.min.js
Requested by: Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d436bed719df011538c1544d4beeccafbc477b6d03889fe13c93b7b582cf8e2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 09:01:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2024 12:14:42 GMT
server: nginx
etag: W/"665f0532-df7c"
content-type: application/javascript
access-control-allow-origin: https://cricket.loremtechbd.xyz
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 custom Show response
moonoafy.net/ 39 B
414 B 22ms
22ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2 200 favicon.ico
cricket.loremtechbd.xyz/ 9 KB
3 KB 144ms
144ms Other
image/x-icon 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cricket.loremtechbd.xyz/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8152852f695772950e6ab0363ac24bc86ab0cf7dce65792c9462d1928a84a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2024 04:20:35 GMT
server: GSE
etag: W/"e9b6492d65779c7ba034e53678c39fa074124e71c9f4534d46a1876617791c52"
content-type: image/x-icon; charset=UTF-8
cache-control: private, max-age=86400
content-length: 3013
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 09:01:30 GMT

GET
DATA 200
OK truncated
/ Frame 0550 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 custom Show response
moonoafy.net/ 39 B
414 B 37ms
34ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: cricket.loremtechbd.xyz
URL: https://cricket.loremtechbd.xyz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2 200 namibia%20vs%20scotland.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNZ-SYlJgErdSULxazb8HhCuCGuBlqsZEzulN5JR978FghFE1Zb_nueIW1XHOMSFXeOYW3G2IggzxHKIiZoqJeIQGMZkmK11JDW885ft4PliTIZtLH8rf5yeZpDfSTZZcWYmozGgUXanfXhplu... 137 KB
137 KB 991ms
904ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNZ-SYlJgErdSULxazb8HhCuCGuBlqsZEzulN5JR978FghFE1Zb_nueIW1XHOMSFXeOYW3G2IggzxHKIiZoqJeIQGMZkmK11JDW885ft4PliTIZtLH8rf5yeZpDfSTZZcWYmozGgUXanfXhplut9emBjDNwhUsX0vvPHuFdTn_kFjzZUefDEQXGyq-Glo/w408-h408-c-rw/namibia%20vs%20scotland.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

197158f13d06d2b4ad58ff77190568890e3ef1a3476d0d9159e2e5344943f30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "vab"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="namibia vs scotland.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140270
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 namibia%20vs%20scotland.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNZ-SYlJgErdSULxazb8HhCuCGuBlqsZEzulN5JR978FghFE1Zb_nueIW1XHOMSFXeOYW3G2IggzxHKIiZoqJeIQGMZkmK11JDW885ft4PliTIZtLH8rf5yeZpDfSTZZcWYmozGgUXanfXhplu... 99 KB
99 KB 1196ms
1110ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fde090e61e568f24c11ee081e5ea7f04a4041dda0fb031e53a68c2010da9b4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "vab"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="namibia vs scotland.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101390
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 united%20states%20vs%20pakistan%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF2pv0X1q8oYQY5Wz7b9HoWbVyhlMyFStx5SzrBRTYQXsDsD4DL_RJQJF6rsxCO6AbfWquH1Wde8MvtJdzsbUTSkH-z4nwuS14r1QD9-JaylVrEkk1nl3JR-IKTKllVBO1BruLPh36AjHX39dy... 102 KB
102 KB 1359ms
1272ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF2pv0X1q8oYQY5Wz7b9HoWbVyhlMyFStx5SzrBRTYQXsDsD4DL_RJQJF6rsxCO6AbfWquH1Wde8MvtJdzsbUTSkH-z4nwuS14r1QD9-JaylVrEkk1nl3JR-IKTKllVBO1BruLPh36AjHX39dycU5d7Q33Kk9fcoF7Az9ntOdb8fGWgqeCgd4x9ZGfEf8/w410-h231-c-rw/united%20states%20vs%20pakistan%20(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02b5004934c385475527a061ad9283e379929d881053601a1a421df3648432f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "va9"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="united states vs pakistan (1).webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104746
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 austrailia%20vs%20oman%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7opSJuexvHB5LA5ZlSfBjQvlqfeVbGk3uUIXXUxIXsK7V-S1GMWc-2H6qQjepxKN8q71Em0VRZNkOEs4vz-WCCW-TYS46PanBXYYqNgjxd-5wozdmiF3iI_nqk8-9kC_MY-SucyHWreIXQb-6... 99 KB
99 KB 1200ms
1114ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7opSJuexvHB5LA5ZlSfBjQvlqfeVbGk3uUIXXUxIXsK7V-S1GMWc-2H6qQjepxKN8q71Em0VRZNkOEs4vz-WCCW-TYS46PanBXYYqNgjxd-5wozdmiF3iI_nqk8-9kC_MY-SucyHWreIXQb-6NlNdHdEH311RolzsRvCf00aXQCR2a_6HfGxhyta64ws/w410-h231-c-rw/austrailia%20vs%20oman%20(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e40c40e18d63b92e28b0836063195b309a935440ca1762b62ffeba3a79ea5f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "va7"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="austrailia vs oman (1).webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101214
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 ind%20vs%20ire%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglVB_geTZ9hBL8ogKDpRhlKFsGPTy2jnOO6wGOXesbsSuWlE8AMNz_ppcJkQyk9HAk-vWG_NeM2w8iS4pwmjBTzmyKPoPKJNo3YgARPAU-Z16dGmiMe9yw99_eUD42KlDcSm20sDRXbknn9Yey... 104 KB
104 KB 1301ms
1215ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglVB_geTZ9hBL8ogKDpRhlKFsGPTy2jnOO6wGOXesbsSuWlE8AMNz_ppcJkQyk9HAk-vWG_NeM2w8iS4pwmjBTzmyKPoPKJNo3YgARPAU-Z16dGmiMe9yw99_eUD42KlDcSm20sDRXbknn9YeyiaZ-SXir67_HfTv8N1XCXIYZtfoRVn9DicPHdylYhUk/w410-h231-c-rw/ind%20vs%20ire%20(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a34fcb8cda900fa458520fbe6c89ddc9b23161230ec694f4201a87f67be015e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "va5"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ind vs ire (1).webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106498
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 ind%20vs%20ire%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglVB_geTZ9hBL8ogKDpRhlKFsGPTy2jnOO6wGOXesbsSuWlE8AMNz_ppcJkQyk9HAk-vWG_NeM2w8iS4pwmjBTzmyKPoPKJNo3YgARPAU-Z16dGmiMe9yw99_eUD42KlDcSm20sDRXbknn9Yey... 11 KB
12 KB 978ms
892ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00ca43b5743cfe5726eddf6f4f854285a212c4fc39d077162b81448f84566f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "va5"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ind vs ire (1).webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11670
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 Ned%20vs%20nep.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV0SVyaapYlO7vu1fum_nLjcZdVzgLzHlA062aVQjoZdRjVJiSS8pLgYEQRxfOX_Hj9Kq60-88I_rtn8Z2AS51PBZ9W8v5qydCqzRqRsh3RUEau-tL9SP6vHJSFaltmDPv4SJzpMwrmcJppPvh... 12 KB
12 KB 1343ms
1340ms Image
image/webp 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV0SVyaapYlO7vu1fum_nLjcZdVzgLzHlA062aVQjoZdRjVJiSS8pLgYEQRxfOX_Hj9Kq60-88I_rtn8Z2AS51PBZ9W8v5qydCqzRqRsh3RUEau-tL9SP6vHJSFaltmDPv4SJzpMwrmcJppPvhx5zb-_ntP0Bf3V87NFM4v13cZR8SD8uSmOozKkJzmh_q/w85-h85-c-rw/Ned%20vs%20nep.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd614d91c44163c087a5a7f98d6873d01f6ce8c4973a15f371d8d99410d77095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:31 GMT
x-content-type-options: nosniff
server: fife
etag: "va0"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ned vs nep.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12140
x-xss-protection: 0
expires: Sat, 08 Jun 2024 09:01:31 GMT

GET
H2 200 Q97iuMNetWshhf73rJ_zhnohBx5kYPbssJUc9fO443iMxVJnzuSr8IlcSfDPfZf5BqrOLDGBSGdOoaVwte3V9lzqmn07mdt3EB0O87BFkx0WtDr2eIBdxIr-6ah2H2drS3IC88vTYsVxO1KkVbg2kDTXwBiAD2mStDS1jGnQsn4C2nrP_zVIj6hLGugLyPwzEktQq...
gishejuy.com/impression/ 43 B
531 B 36ms
17ms Image
image/gif 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gishejuy.com/impression/Q97iuMNetWshhf73rJ_zhnohBx5kYPbssJUc9fO443iMxVJnzuSr8IlcSfDPfZf5BqrOLDGBSGdOoaVwte3V9lzqmn07mdt3EB0O87BFkx0WtDr2eIBdxIr-6ah2H2drS3IC88vTYsVxO1KkVbg2kDTXwBiAD2mStDS1jGnQsn4C2nrP_zVIj6hLGugLyPwzEktQqL6inhJuy08XYd3EnVNbgdm0wScekLGDbJOw4hY9SRvFX7HGn60rTHZlajmqKEhaeccXB2xNAorkMWIgR9u3b9JsPHhda14pr8_yTFdQ2dPKbSAAvqNb4rEYz8F_xWCpKv7eXXh2aXKhj9lihFdVLsFWeS3Qu8iiNlKctIVsSpmv7khkYVTFX817yFfYT4-oftc1Jss=?_z=7575645&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=370&wy=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&js_build=8&sw_version=v1.347.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: b6cddcdb50078a46db8b289e220e57c5
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ Frame 33A4 79 KB
0 0ms
0ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
cf-cache-status: HIT
age: 74049
content-length: 80638
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
etag: "664352d3-13afe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 88ff75370e3d1e6d-AMS
expires: Fri, 07 Jun 2024 12:27:21 GMT

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ Frame 513D 79 KB
0 0ms
0ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Requested by: Host: gishejuy.com
URL: https://gishejuy.com/400/7575645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
cf-cache-status: HIT
age: 74049
content-length: 80638
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
etag: "664352d3-13afe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 88ff75370e3d1e6d-AMS
expires: Fri, 07 Jun 2024 12:27:21 GMT

GET
H2 200 6QezCcNTfR-8BOJi7rb1pQcTQJN_v6AUdtzW7cpnGhukzzqsPYWNdAQqvcgeewU7XHak6u-rSI7YKri3lYoa2RPnRrkwcGLne8_bpEsInADhhMq11RaqOAs3ArVMvf4IlLDhQT63aYNqmKjJ7X2tohYUMlx6yAMcfwHPKtiztTVXclun-fMIULYtgqeyGg6ePW7X7...
shoordaird.com/impression/ 43 B
531 B 31ms
31ms Image
image/gif 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoordaird.com/impression/6QezCcNTfR-8BOJi7rb1pQcTQJN_v6AUdtzW7cpnGhukzzqsPYWNdAQqvcgeewU7XHak6u-rSI7YKri3lYoa2RPnRrkwcGLne8_bpEsInADhhMq11RaqOAs3ArVMvf4IlLDhQT63aYNqmKjJ7X2tohYUMlx6yAMcfwHPKtiztTVXclun-fMIULYtgqeyGg6ePW7X7T959xLE5qNKUm8dC9C2DOMo9jg5QURxgOeYy2kayxaxaGbN5phID-BiQanfo2ZNHiUVs2y4KpAyj3n7t2qplIv0qtd3ezvhbdskU0sUIFsKamhKo6dtbkUyFDzq9a4M7Ezth0LzSYec_z1-YihofixlkI6gnBpvblaXhcHHTeaZx-tXE5q9Ajjk_tMrYjBaSniSgjrsnswmrp97fUCERvI5fOktiD2-APuByD7F0rzK5WJESLtRukIrQokpqf5xC5DhvBOLuF7KdBVafA==?_z=7575647&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=370&wy=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&js_build=8&sw_version=v1.347.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: 9aef6e7080c69434a7cec63b4cf869d4
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame EF20 11 KB
1 KB 76ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Requested by

Host: shoordaird.com
URL: https://shoordaird.com/401/7575647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:23:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 09:01:34 GMT

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ Frame EF20 79 KB
0 0ms
0ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Requested by: Host: shoordaird.com
URL: https://shoordaird.com/401/7575647
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
cf-cache-status: HIT
age: 74049
content-length: 80638
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
etag: "664352d3-13afe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 88ff75370e3d1e6d-AMS
expires: Fri, 07 Jun 2024 12:27:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 067F 11 KB
0 24ms
24ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Requested by

Host: shoordaird.com
URL: https://shoordaird.com/401/7575647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:23:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 09:01:34 GMT

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ Frame 067F 79 KB
0 0ms
0ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Requested by: Host: shoordaird.com
URL: https://shoordaird.com/401/7575647
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:01:30 GMT
cf-cache-status: HIT
age: 74049
content-length: 80638
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
etag: "664352d3-13afe"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 88ff75370e3d1e6d-AMS
expires: Fri, 07 Jun 2024 12:27:21 GMT

GET
H2 204 7575645 Show response
gishejuy.com/500/ 0
577 B 288ms
288ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/500/7575645?excludes=20998264&oaid=00807460b3634793fe017de65db6195d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=370&wy=370&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fcricket.loremtechbd.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.141&js_build=8&sw_version=v1.347.0

Requested by

Host: gishejuy.com
URL: https://gishejuy.com/400/7575645

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cricket.loremtechbd.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1b21a5a21a86bff7f2efe59c44edac39
pragma: no-cache
date: Fri, 07 Jun 2024 09:01:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 7575645
gishejuy.com/500/ Frame 0
0 14ms
14ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cricket.loremtechbd.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cricket.loremtechbd.xyz
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 07 Jun 2024 09:01:34 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF20 15 KB
16 KB 76ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://cricket.loremtechbd.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:11:12 GMT
x-content-type-options: nosniff
age: 240622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:11:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF20 15 KB
16 KB 73ms
11ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://cricket.loremtechbd.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:19:50 GMT
x-content-type-options: nosniff
age: 240104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:19:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 067F 15 KB
0 78ms
78ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://cricket.loremtechbd.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:11:12 GMT
x-content-type-options: nosniff
age: 240622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:11:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 067F 15 KB
0 76ms
76ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://cricket.loremtechbd.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:19:50 GMT
x-content-type-options: nosniff
age: 240104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:19:50 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.loremtechbd.xyz/	1970-01-21 06:45:10	Name: _ga_QYNBPMTXEF Value: GS1.1.1717750888.1.0.1717750888.0.0.0
.loremtechbd.xyz/	1970-01-21 06:45:10	Name: _ga Value: GA1.1.92271718.1717750889
my.rtmark.net/	1970-01-21 05:54:46	Name: ID Value: 00807460b3634793fe017de65db6195d
eedsaung.net/	1970-01-21 05:54:46	Name: scm Value: 1
eedsaung.net/	1970-01-21 05:54:46	Name: oaidts Value: 1717750889
cricket.loremtechbd.xyz/	1970-01-20 21:09:11	Name: prefetchAd_7575644 Value: true
veepteero.com/	1970-01-21 05:54:46	Name: OAID Value: 00807460b3634793fe017de65db6195d
veepteero.com/	1970-01-21 05:54:46	Name: oaidts Value: 1717750889
veepteero.com/	1970-01-20 21:19:15	Name: syncedCookie Value: true
eedsaung.net/	1970-01-21 05:54:46	Name: OAID Value: 00807460b3634793fe017de65db6195d
gishejuy.com/	1970-01-21 05:54:46	Name: OAID Value: 00807460b3634793fe017de65db6195d
shoordaird.com/	1970-01-21 05:54:46	Name: OAID Value: 00807460b3634793fe017de65db6195d

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://jurysupposedshooter.com/c9a37d6206a7deca7eefe810714d4834/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1299) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1299) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1299) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1299) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1464) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1464) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/(Line 1464) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://jurysupposedshooter.com/04/a4/2d/04a42d247ce24d9e706137f86aa03bdf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cricket.loremtechbd.xyz/sw.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cricket.loremtechbd.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alwingulla.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cricket.loremtechbd.xyz
datatechonert.com
eedsaung.net
fonts.googleapis.com
fonts.gstatic.com
gishejuy.com
interstitial-08.com
jurysupposedshooter.com
moonoafy.net
my.rtmark.net
offerimage.com
region1.google-analytics.com
shoordaird.com
tzegilo.com
veepteero.com
www.googletagmanager.com
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.244
139.45.197.250
172.240.253.132
185.49.145.45
2001:4860:4802:34::36
2606:4700:10::6816:21ac
2606:4700:3036::ac43:c134
2606:4700::6812:ba1f
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2013
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2008
2a06:98c1:3121::3
00ca43b5743cfe5726eddf6f4f854285a212c4fc39d077162b81448f84566f1d
02b5004934c385475527a061ad9283e379929d881053601a1a421df3648432f1
0aa2c136d85adfc2a15a934b61f873c6befdbf08eff7516fe5cafd0d7add24eb
197158f13d06d2b4ad58ff77190568890e3ef1a3476d0d9159e2e5344943f30f
2d436bed719df011538c1544d4beeccafbc477b6d03889fe13c93b7b582cf8e2
3634ae807db0c6899b89a18e9200fd4f9a233dd9f8454342133fad82c88e3320
37cf8f0f436b7efea8cb63a2cd61353bb4031c228bb83b81361e6df342cf2744
47ffa1180408d459e74834d409f5c4d2843c5605d5cde4f5dfeedfe7d178aad4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52027908cfee8c8a6f1636998e5a635aaa9edb2d3828a2c481d10455d62033e0
529f5caa809282b33a98c943dc80b024c71fb03f84841e10dca33dddfb12a7cd
54ed9c9fcf9dbe5dc6cbc88c6136087a18d478c6e5ecaf9b5e56c114f095347c
5684415a6758dddb00f59c540a3b4910a991a86fb61ce05c34017e446ef92759
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
8152852f695772950e6ab0363ac24bc86ab0cf7dce65792c9462d1928a84a952
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
9083e04ba19fa7c02016c155961a96dc2a7970eafd21b79a5fe27893885f37df
94b103190c505e7ce35a8f196437db358e5d45c0071c0f65231c0e6211316826
99681fa866968d5a4351e8c554e64e088fdfdf3a240e4e33cb0da0bd70597710
9ccb99820a752532cc41665805f025228ecdedfcf544d4171377252532d447fa
9fb7352a6866c15ab0564520ec74673d85370853e6d8f4a4c4a0e76e6681fe46
a34fcb8cda900fa458520fbe6c89ddc9b23161230ec694f4201a87f67be015e1
ac7200ebdd5200b55528c7440c38484318b850cb382ec26731f54d980a94697d
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af260e1d58bf298abb2655985a029ebf6c95063ff45bf9f520270097c9cbedfe
b0bd925e790b4afa08c5121cf31a95e5a90313a00d8961dbdf4d5c622cd774e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8ce7de2000e9de810a214f2237e9196cd04b8a6d8b45aba3969c01cc9f10010
c68b6a81026385985fb8a00cb3ca6815a14f42e2bd8dbe2d6cf2d6eea553a33e
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c40e18d63b92e28b0836063195b309a935440ca1762b62ffeba3a79ea5f48
f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217
f1ec2410fa5ffa1e0371cfc82c900bd3b08d513c80ce2ea6aeb20a16a9aa25ae
f518ee128ebbeb2875eef96858e727c3e97f132ca6835fb0b0ab870b25f3915f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd614d91c44163c087a5a7f98d6873d01f6ce8c4973a15f371d8d99410d77095
fde090e61e568f24c11ee081e5ea7f04a4041dda0fb031e53a68c2010da9b4b6
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

cricket.loremtechbd.xyz Open in urlscan Pro 2a00:1450:4001:80b::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

59 %IPv6

19 Domains

19 Subdomains

18 IPs

4 Countries

1330 kBTransfer

3158 kBSize

12 Cookies

8 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cricket.loremtechbd.xyz Open in urlscan Pro
2a00:1450:4001:80b::2013 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

59 %
IPv6

19
Domains

19
Subdomains

18
IPs

4
Countries

1330 kB
Transfer

3158 kB
Size

12
Cookies

70 HTTP transactions
3 data transactions