urlscan.io logo urlscan.io
SecurityTrails logo

coolrea.link Open in urlscan Pro
104.21.69.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://coolrea.link/flash38
Submission: On February 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 37 HTTP transactions. The main IP is 104.21.69.67, located in and belongs to . The main domain is coolrea.link.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time coolrea.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.69.67 ()
1 192.243.61.227 39572 (ADVANCEDH...)
2 4 104.22.74.171 13335 (CLOUDFLAR...)
3 139.45.197.245 ()
4 104.21.4.124 13335 (CLOUDFLAR...)
1 104.20.79.99 13335 (CLOUDFLAR...)
1 54.39.128.162 16276 (OVH)
1 104.21.74.27 13335 (CLOUDFLAR...)
1 151.101.129.229 54113 (FASTLY)
2 172.67.206.156 ()
1 142.251.40.170 15169 (GOOGLE)
3 104.21.1.238 13335 (CLOUDFLAR...)
7 62.182.83.149 30860 (YURTEH-AS)
1 139.45.195.8 9002 (RETN-AS)
1 172.67.204.62 13335 (CLOUDFLAR...)
1 172.64.196.7 13335 (CLOUDFLAR...)
37 17
4    104.21.69.67 (None, )

ASN- ()
coolrea.link
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
commarevelation.com
4    104.22.74.171 (None, )

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
3    139.45.197.245 (United Kingdom)

ASN- ()
sheegiwo.com
4    104.21.4.124 (None, )

ASN13335 (CLOUDFLARENET, US)
candlenorth.net
1    104.20.79.99 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net
s4.histats.com
1    104.21.74.27 (None, )

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    172.67.206.156 (United States)

ASN- ()
awistats.com
1    142.251.40.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net
fonts.googleapis.com
3    104.21.1.238 (None, )

ASN13335 (CLOUDFLARENET, US)
vufzuld.com
7    62.182.83.149 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: smtp64-4.mailer.lifeandskills.com
hjprtmfykxdvqace.cdnrecruit.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    172.67.204.62 (United States)

ASN13335 (CLOUDFLARENET, US)
ctrtrk.com
1    172.64.196.7 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
Apex Domain
Subdomains		 Transfer
7 cdnrecruit.net
hjprtmfykxdvqace.cdnrecruit.net
1 MB
4 candlenorth.net
candlenorth.net
42 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 14172
widgets.amung.us — Cisco Umbrella Rank: 29387
4 KB
4 coolrea.link
coolrea.link
22 KB
3 vufzuld.com
vufzuld.com
113 KB
3 sheegiwo.com
sheegiwo.com
31 KB
2 awistats.com
awistats.com — Cisco Umbrella Rank: 321055
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12731
s4.histats.com — Cisco Umbrella Rank: 12280
5 KB
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31662
1 KB
1 ctrtrk.com
ctrtrk.com — Cisco Umbrella Rank: 35760
650 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
818 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9876 Failed
542 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
142 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 259595
134 KB
1 commarevelation.com
commarevelation.com
37 15
Domain Requested by
7 hjprtmfykxdvqace.cdnrecruit.net swarm.video
4 candlenorth.net coolrea.link
candlenorth.net
4 coolrea.link coolrea.link
3 vufzuld.com candlenorth.net
vufzuld.com
3 sheegiwo.com coolrea.link
sheegiwo.com
2 awistats.com candlenorth.net
awistats.com
2 widgets.amung.us coolrea.link
candlenorth.net
2 whos.amung.us 2 redirects
1 youradexchange.com vufzuld.com
1 ctrtrk.com vufzuld.com
1 fonts.googleapis.com candlenorth.net
1 my.rtmark.net sheegiwo.com
1 cdn.jsdelivr.net candlenorth.net
1 swarm.video candlenorth.net
1 s4.histats.com s10.histats.com
1 s10.histats.com coolrea.link
1 commarevelation.com coolrea.link
37 17

This site contains no links.

Subject Issuer Validity Valid
coolrea.link
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
commarevelation.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
sheegiwo.com
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
candlenorth.net
GTS CA 1P5		 2024-02-05 -
2024-05-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
swarm.video
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
awistats.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
vufzuld.com
GTS CA 1P5		 2024-02-12 -
2024-05-12		 3 months crt.sh
hjprtmfykxdvqace.cdnrecruit.net
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
ctrtrk.com
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://coolrea.link/flash38
Frame ID: 94B6BCEEE15E53C62DE27A58A3A6F248
Requests: 13 HTTP requests in this frame

Frame: https://candlenorth.net/embed/4o8n25qm1duhfl
Frame ID: 5FA6554A92570B86BA72926032BF4F13
Requests: 23 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: E8898834B977641A9651D4B67B959874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Live Footbal Streaming - Live Premier League

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

37
Requests

86 %
HTTPS

0 %
IPv6

15
Domains

17
Subdomains

17
IPs

5
Countries

1692 kB
Transfer

2937 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=6297&c=000000ffffff&p=left
Request Chain 14
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=47700&c=000000ffffff&p=left

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request flash38
coolrea.link/ 		60 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4abb800285efe6a886f26bea329699493bd25c1ad62c98a74ba3c384020ef42c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
856ee1be7fd27cdf-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 14:57:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLlu%2Bghn7bckO1GzWjnxGPi4flUi6oXl6efZXaSV%2Bg%2FDKISrYGCzGSAwMMVN181%2BKFrhJghsJ%2FXxZ9LajMQRPAivPpuvrCCpvqqpR5mKcm1ZcsYAcVD9pnaNyuUIlm8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
coolrea.link/css/ 		1 KB
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/style.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/flash38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Apr 2022 14:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8648
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B7O2O3mbO2MN8bcP60Ix8wb7UWCkd3iR%2Bb1RQj9tjaDLrmOuIID4J6s8%2BZB25ylQ5VDWuXZXDtfnkW5pXAmc6HGeQzKaFtAfDn%2Ff7Uqmp9xruNFpy8CR2sF40WS92c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
856ee1c18a957cdf-LAX
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 12:33:09 GMT
custom.css
coolrea.link/css/ 		1 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/custom.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6108f045cf10f60b5b00c58f7f941149e11208036b97a142492f39080e43fe8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/flash38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 11 Feb 2024 18:56:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8648
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqvT93gGdii2rpUa%2FJ%2Bo3XvVkrm1%2BHSVHJa07dxrk17sPG%2FWOyucJfj4yuOu9cDsRZnXkCvG8dVz1s0ts01qliFC%2Bm64p%2B3RK5Wr8k5vCeMnI7wJnhFnneRRwkzxtNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
856ee1c18a977cdf-LAX
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 12:33:09 GMT
b5d5e2cbaa884029b13637009b94e342.js
commarevelation.com/b5/d5/e2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://commarevelation.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:18 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=6297&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=6297&c=000000ffffff&p=left
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a645fe3ee104ffb2b87914fe4738f357b66e3a098e02c642096f418626ba120a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:17 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Feb 2024 02:40:44 GMT
server
cloudflare
age
44193
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
856ee1c508ff2b83-LAX
alt-svc
h3=":443"; ma=86400
expires
Sun, 18 Feb 2024 02:40:44 GMT

Redirect headers

date
Sat, 17 Feb 2024 14:57:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://widgets.amung.us/draw/?w=colored&n=6297&c=000000ffffff&p=left
cache-control
no-cache, no-store, must-revalidate
cf-ray
856ee1c3ffd22b83-LAX
alt-svc
h3=":443"; ma=86400
flash38
coolrea.link/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/flash38
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.69.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/flash38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmEOYkKrD4ijLbBbEEpYQYcaYapjzKh95UIV18%2B0eUNfvqRFlRK4maRIoQHP811zNi2aT5k9zxdqhytvW6FoQiNRphHpfQRcRRh3I98EglcKTASEUAuZv%2BU%2FFVZyJ0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
856ee1c92cef7cef-LAX
alt-svc
h3=":443"; ma=86400
/
sheegiwo.com/5/6837565/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/5/6837565/?oo=1&aab=1
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4b8694499b308c0e3beb5b30f192cff8b904741427b8f73bb4cbcaa7525ee3c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:18 GMT
content-encoding
gzip
x-trace-id
39ea5192a31727222c39c3fc17f40366
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://coolrea.link
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
sheegiwo.com/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/tag.min.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4422e8c4256ab653b06cb66029f442ede4086f099b111ed2a90631479ec5f6fa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
26232
x-trace-id
d50c70619f14dd71b318b08cd592ab18
pragma
no-cache
last-modified
Fri, 16 Feb 2024 14:58:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
4o8n25qm1duhfl
candlenorth.net/embed/ Frame 5FA6 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/embed/4o8n25qm1duhfl
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ef2029c5e339d3100313ea8ea606405eadcc87eda827c4aa9e4336b9e6fae6

Request headers

Referer
https://coolrea.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
856ee1ca8ed17c04-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 14:57:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNaQGpsOe72%2F71R1qSEhS1%2FuKC%2BarS5b%2FvWfQTk9NsEtGQ0WplvqwYfe9pm5BkczOmfb12iO5TUPlfRzA8yAEU4z9n2%2FuWckRXy5pRc6GOYOaGg7mbxEeY2Z2XF4BtH8olQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.79.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
1629
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
856ee1ca6d2c0fd1-LAX
content-length
4547
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1708181838556&@k0&@l1&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-115090307&@b3:1708181839&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fcoolrea.link%2Fflash38&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
28de2e6886cbe0d4e537a690fd35277601846d6674b30348d8f926893c1209a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:11 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
embed.min.css
candlenorth.net/css/ Frame 5FA6 		1 KB
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/css/embed.min.css?v=0.5
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/embed/4o8n25qm1duhfl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9632
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fX5hRKyc8jOjQK1aMGP2VlHFXBSNHNqLMTSk4Snamr%2FwhOwdBONT4P28eLyVil74RuqVQLl%2BmuHlVh3pcYEkX3%2BDS6XC41bv1H4irv%2BJXHSCPw4Lx0RMQC51hYcsrg6eSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
856ee1cea9487c04-LAX
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 13:16:47 GMT
jquery.min.js
candlenorth.net/js/ Frame 5FA6 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/js/jquery.min.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/embed/4o8n25qm1duhfl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9632
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Xqrda5kRLzjZ%2FAZy30alQaDOpGFKl3fgCMoksa9Q8%2FnK5YE0XgLd9vkO46MsBiyq7IdlFbWkqxYOEO1BIybhvnsi8aKN7nVmUXVim2h4t1o3yCwMR1%2BWKXrE%2BJag84OiPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
856ee1cea9497c04-LAX
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 13:16:47 GMT
j79z9kzty.js
swarm.video/ Frame 5FA6 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/j79z9kzty.js?v=1.1
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.74.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2924508
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 00:04:36 GMT
server
cloudflare
etag
W/"8533a-1893d1d4765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH49n0rmxX%2BK4KpdNV7Hs8XHblboSDYCZK2443h1I2g2ACbglcyEAbDEE4fWKaYJBqF7gYcOMFAnsdVW%2F%2BXFy7kuLR%2BJkfLTyMys4B%2BqXd%2B4rBMu%2B1I%2BAmDpNsE78A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
856ee1cffe9d7c9d-LAX
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5FA6 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Feb 2024 14:57:19 GMT
x-content-type-options
nosniff
content-encoding
br
age
12355
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
145133
x-served-by
cache-fra-etou8220029-FRA, cache-lax-kwhp1940060-LAX
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
widgets.amung.us/draw/ Frame 5FA6
Redirect Chain
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=47700&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=47700&c=000000ffffff&p=left
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H3
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef9fd5bfa105602db36a51612599f6173db37e3fdfdadcb67de9925f582d490

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 14:57:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
856ee1cfa912dbe9-LAX
alt-svc
h3=":443"; ma=86400
expires
Sun, 18 Feb 2024 14:57:19 GMT

Redirect headers

date
Sat, 17 Feb 2024 14:57:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://widgets.amung.us/draw/?w=colored&n=47700&c=000000ffffff&p=left
cache-control
max-age=295
cf-ray
856ee1ceba7d2b83-LAX
alt-svc
h3=":443"; ma=86400
script.js
awistats.com/js/ Frame 5FA6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awistats.com/js/script.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.206.156 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Feb 2024 03:19:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z863s2Vznofyyazu73eEVZSLeNaGLQPwR7TNifZWO7pG3tsU1Q5a0Pq4toSYpcWL63H2U7Ya0%2BqKNrZmbNhq4dIfVjaPXq%2FhA67e%2ByovVzmKi30xa4K%2FdnZ0%2FeuEYSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
856ee1cff95b08a7-LAX
deb.js
candlenorth.net/ Frame 5FA6 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/deb.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/embed/4o8n25qm1duhfl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9632
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPQyDFzmXr9nBCa74iOwmnis5%2FiOU%2Fw%2BYIH4EoXDYhWzjGb4YzayMvqhGzSwbxLcYbBPijFQyz4yuVmHRB3fIoiSvrwZIkKf2x5%2FVPzW3Q4BOLVki%2Bb6kY%2F2Kw2vhCwkASY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
856ee1ceb9547c04-LAX
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 13:16:47 GMT
gid.js
my.rtmark.net/ 		0
0
css
fonts.googleapis.com/ Frame 5FA6 		1 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/css/embed.min.css?v=0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
ESF /
Resource Hash
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 14:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 13:32:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 14:57:19 GMT
utils.js
vufzuld.com/script/ Frame 5FA6 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vufzuld.com/script/utils.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775a662d28178ba373b6341976835439d69881fe2e5c7b882b8a425bf3b41f64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3362
x-guploader-uploadid
ABPtcPoeRQmutuN5JAQtpCX5Dq3-DJdsrO4wvXL1uylGdNwzbtLNB_y60g3Rg5AxD1N-K1go0hZ4V5zJdw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 15 Feb 2024 14:16:59 GMT
server
cloudflare
etag
W/"140b9229a29ce1eee6c8300109b493ca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jx7nEg==, md5=FAuSKaKc4e7myDABCbSTyg==
x-goog-generation
1708006619286429
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ujiz%2B6j7P4FdZ4zVq6JYng38otWRa5vWrRGhQBUqvSWvc76fJpKKNpbedU1LjIP7MnGx5%2FSC4tcX3rjR726S0hKzu%2Bk5bLdkopIrP2S4Yd7s5mGldE28VeQGoFOzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
165937
cf-ray
856ee1d4cf980924-LAX
expires
Sat, 17 Feb 2024 14:28:07 GMT
event
awistats.com/api/ Frame 5FA6 		2 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awistats.com/api/event
Requested by
Host: awistats.com
URL: https://awistats.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.156 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://candlenorth.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLJw4LrbYly5si%2ByjbzTd1ddcc1mn0dxgKa8WDBQ4GhKMJxTO8Ih5ilzaWPMmeX8WgosgFnC02rbbL0Xd3LUdXOsCfrLdLFEe6Q5880ScIOfDujmO2mtR%2F6dGECNG9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
856ee1d4c9c32ad4-LAX
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F7SuVWZ6FfByefxf0mcE
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
dfdad15e9c9e512e1aa8f6a3fce579aa77d0ba6e5b7260132a6f6aaaa67c8de4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:20 GMT
Last-Modified
Sat, 17 Feb 2024 14:57:18 GMT
Server
nginx/1.24.0
ETag
"65d0c94e-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
gid.js
my.rtmark.net/ 		65 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=u4un653029yc335266326x0j8anws101
Requested by
Host: sheegiwo.com
URL: https://sheegiwo.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d469e0a996f1f759c6849741eee77d96cbd76e214bb457d557702ae86e3b2639
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://coolrea.link
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
sheegiwo.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/?rb=LX858sZGlyMkw4QR-QNtWWpVeRNO74d-yHQH3DLgS00ChKO42nKX34P-YSCGkDgxIbMcj_-0WkhGPiur-dgj3ihNM59v41MgI-EtbEvimgAVUNbYFa6it4gftAnneS1IWaFVpOENn6f-glF8dri-Kur4di2KFadTMwW_nqm45DZy2s51EQ1wRBbRno8VWlV2D98qsW1mL6Bc_oGl4q7HocV2Jeuo-vAhQvja_bOI_S9_esR7tUzexKRS6Ob94e3lIewDxC95h45xbzAfXRjwzi7NyuKHBFK7HzGUVzGCps9yMb1n4-b0JAqo5XcAcVUO&request_ab2=0&zoneid=6837565&js_build=iclick-v1.692.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=2&pl=https%3A%2F%2Fcoolrea.link%2Fflash38&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Pacific%2FHonolulu&bto=600&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.692.0&navlng=en-US&pnt=0&pnrc=0&bs=8bfc85db-5cc0-4d3e-a6f5-7a7a2d8279bf&userId=u4un653029yc335266326x0j8anws101&m=link
Requested by
Host: sheegiwo.com
URL: https://sheegiwo.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5d1bec0f77ba5ea8fe7338adac6cc01243d53072bef75cbdc983653087914477
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
448b719a90ff3782f7b71587dc211fe2
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://coolrea.link
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
ut.js
vufzuld.com/script/ Frame 5FA6 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vufzuld.com/script/ut.js?cb=1708181840404
Requested by
Host: vufzuld.com
URL: https://vufzuld.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3422
x-guploader-uploadid
ABPtcPpfMNHqllN3NFCiNWYywpb4bx5jhP6yfNlO7LvssYeT87CmP2WEgHcL57zdy5MO-zLYc_o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 09:11:15 GMT
server
cloudflare
etag
W/"f78273815ffccc0126bd3e83d2813f7c"
vary
Accept-Encoding
x-goog-hash
crc32c=0sa7rw==, md5=94JzgV/8zAEmvT6D0oE/fA==
x-goog-generation
1705569075555153
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UaEDqw4aXmka7XDZXOZ3VESvszvovWYsYWJhjvXZBwXMaLS4HnBJ11rWTShcHVtf6iS%2F15rT7X8FlxWyqiJ6cFT3jIFHpXk3i%2B2m6yhBdGFfKxwlSQs6v6oamjVlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
89230
cf-ray
856ee1d6b9770924-LAX
expires
Sat, 17 Feb 2024 14:06:44 GMT
suv5.js
vufzuld.com/script/ Frame 5FA6 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vufzuld.com/script/suv5.js
Requested by
Host: vufzuld.com
URL: https://vufzuld.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a7ae54da3a2a374045117bf0ca49d419ca2abbdc286caed3ea3016a7c893e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3399
x-guploader-uploadid
ABPtcPptdiNCvsk0luTqsZMIbAGi8CkT_70E96pEZaXbQGHzKKNiUqbnyATlY_gW2A3dawwlfkei-0ZboQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 15 Feb 2024 14:16:05 GMT
server
cloudflare
etag
W/"759d8b38c085af960657104a8d19c1a2"
vary
Accept-Encoding
x-goog-hash
crc32c=yKysnw==, md5=dZ2LOMCFr5YGVxBKjRnBog==
x-goog-generation
1708006565806041
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km6lLau%2FP8DAyXnEvVzzMi7GSILnVH4e82H63VFJ4SNP%2B1%2Fhy0fyHmdsGdIJ%2B%2BC39V6l7RLmCYvBXTcD4xv667nPmdKEnme7Yapc1EralQ6ei2DNmRPbfG%2Bsodadew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
103574
cf-ray
856ee1d6b97a0924-LAX
expires
Sat, 17 Feb 2024 14:25:32 GMT
ctr.php
ctrtrk.com/ut/ Frame E889 		166 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ctrtrk.com/ut/ctr.php
Requested by
Host: vufzuld.com
URL: https://vufzuld.com/script/ut.js?cb=1708181840404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2aa6054be58210371313a1c28d4008217b8bf553e85294cc982b8eaf87f8702

Request headers

Referer
https://candlenorth.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
856ee1da392b2a88-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 14:57:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhEmuZHbkU%2Btuj7HfV5BiJ%2BAuhFzaWqn2nmwwHX2fIDLr5vJsfm8mVJS%2B%2BAEg2vJ19NS3vKS4nMXyLEdcRGd2iJkC00YHhO7uRFk4bciM7aQa6AboOHiZsAjPwFb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
suurl5.php
youradexchange.com/script/ Frame 5FA6 		1010 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=7108866&chmob=%3F0&cbur=0.9051612486633573&cbiframe=1&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fcoolrea.link%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=vufzuld.com&ts=1708181840599&srs=08f412783604ca4d23fbcdba012c7ecd&atv=43.0-sw-adbl-suv5&abtg=1
Requested by
Host: vufzuld.com
URL: https://vufzuld.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7212417fa0f944ec044c4fc5593cb5e0d6b61b7e7734ffd15732014aff2adf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:57:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7NGmGFmVqfaBp3yPNgEXkmN8Bmb6ypw5L1gy7KgqiOQQlqZf3qsdcGRg8eeRCX2p2hlHAtq02XQP8wvLtPdZctCf%2BBGPvwRvjbDqkNO2cthcN9pp%2B3E3FMuoKD5aeeED%2BiAgkg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
856ee1da3e440fe4-LAX
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
dfdad15e9c9e512e1aa8f6a3fce579aa77d0ba6e5b7260132a6f6aaaa67c8de4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:20 GMT
Last-Modified
Sat, 17 Feb 2024 14:57:18 GMT
Server
nginx/1.24.0
ETag
"65d0c94e-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl-858067380.ts
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		589 KB
589 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl-858067380.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
e1a233b5ccd4b4e667c1712740b443feb04d52516929b04110cdef569ca62024

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:21 GMT
Last-Modified
Sat, 17 Feb 2024 14:56:21 GMT
Server
nginx/1.24.0
ETag
"65d0c915-93324"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
602916
4o8n25qm1duhfl-858351240.ts
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		599 KB
599 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl-858351240.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
b103d7f04348f2a966f56fc50d8900ec3b17051b53991a0468f704ced50f9293

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:21 GMT
Last-Modified
Sat, 17 Feb 2024 14:56:25 GMT
Server
nginx/1.24.0
ETag
"65d0c919-95b88"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
613256
cdd602b4-e0a9-4c48-ad5d-d2b43f9fe954
https://candlenorth.net/ Frame 5FA6 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://candlenorth.net/cdd602b4-e0a9-4c48-ad5d-d2b43f9fe954
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/4o8n25qm1duhfl
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
369fc73488b4a80d3231d410ce930b669aae8e2a67d52dc47081d5b7348473e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:22 GMT
Last-Modified
Sat, 17 Feb 2024 14:57:20 GMT
Server
nginx/1.24.0
ETag
"65d0c950-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
369fc73488b4a80d3231d410ce930b669aae8e2a67d52dc47081d5b7348473e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:23 GMT
Last-Modified
Sat, 17 Feb 2024 14:57:20 GMT
Server
nginx/1.24.0
ETag
"65d0c950-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.83.149 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
smtp64-4.mailer.lifeandskills.com
Software
nginx/1.24.0 /
Resource Hash
369fc73488b4a80d3231d410ce930b669aae8e2a67d52dc47081d5b7348473e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 14:57:25 GMT
Last-Modified
Sat, 17 Feb 2024 14:57:20 GMT
Server
nginx/1.24.0
ETag
"65d0c950-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl.m3u8
hjprtmfykxdvqace.cdnrecruit.net/hls/ Frame 5FA6 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?userId=00800553ab564fd9f825af0852cb8341
Domain
hjprtmfykxdvqace.cdnrecruit.net
URL
https://hjprtmfykxdvqace.cdnrecruit.net:8443/hls/4o8n25qm1duhfl.m3u8?s=wElEd7RfxRtPDD089h0_Ow&e=1708203438

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| k object| _8n58ouj4wtx object| 2voyija3mgu object| zfgformats function| setImmediate function| clearImmediate function| _omojwjd function| _kgwdohhc object| _Hasync function| vwu function| cbut function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks

14 Cookies

Domain/Path Name / Value
coolrea.link/ Name: HstCfa3681769
Value: 1708181838556
coolrea.link/ Name: HstCla3681769
Value: 1708181838556
coolrea.link/ Name: HstCmu3681769
Value: 1708181838556
coolrea.link/ Name: HstPn3681769
Value: 1
coolrea.link/ Name: HstPt3681769
Value: 1
coolrea.link/ Name: HstCnv3681769
Value: 1
coolrea.link/ Name: HstCns3681769
Value: 1
candlenorth.net/ Name: hf1
Value: 1
coolrea.link/ Name: prefetchAd_6837565
Value: true
my.rtmark.net/ Name: ID
Value: u4un653029yc335266326x0j8anws101
sheegiwo.com/ Name: OAID
Value: u4un653029yc335266326x0j8anws101
sheegiwo.com/ Name: oaidts
Value: 1708181840
sheegiwo.com/ Name: syncedCookie
Value: true
ctrtrk.com/ Name: uniqid
Value: 5d5d890b-ae21-4cb3-9062-531963e500df

19 Console Messages

Source Level URL
Text
security warning URL: https://coolrea.link/flash38
Message:
Mixed Content: The page at 'https://coolrea.link/flash38' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://commarevelation.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning URL: https://coolrea.link/flash38(Line 25)
Message:
Mixed Content: The page at 'https://coolrea.link/flash38' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
rendering warning URL: https://candlenorth.net/embed/4o8n25qm1duhfl(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash38
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awistats.com
candlenorth.net
cdn.jsdelivr.net
commarevelation.com
coolrea.link
ctrtrk.com
fonts.googleapis.com
hjprtmfykxdvqace.cdnrecruit.net
my.rtmark.net
s10.histats.com
s4.histats.com
sheegiwo.com
swarm.video
vufzuld.com
whos.amung.us
widgets.amung.us
youradexchange.com
hjprtmfykxdvqace.cdnrecruit.net
my.rtmark.net
104.20.79.99
104.21.1.238
104.21.4.124
104.21.69.67
104.21.74.27
104.22.74.171
139.45.195.8
139.45.197.245
142.251.40.170
151.101.129.229
172.64.196.7
172.67.204.62
172.67.206.156
192.243.61.227
54.39.128.162
62.182.83.149
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
23ef2029c5e339d3100313ea8ea606405eadcc87eda827c4aa9e4336b9e6fae6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28de2e6886cbe0d4e537a690fd35277601846d6674b30348d8f926893c1209a5
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
369fc73488b4a80d3231d410ce930b669aae8e2a67d52dc47081d5b7348473e3
4422e8c4256ab653b06cb66029f442ede4086f099b111ed2a90631479ec5f6fa
4abb800285efe6a886f26bea329699493bd25c1ad62c98a74ba3c384020ef42c
4b8694499b308c0e3beb5b30f192cff8b904741427b8f73bb4cbcaa7525ee3c7
5d1bec0f77ba5ea8fe7338adac6cc01243d53072bef75cbdc983653087914477
6108f045cf10f60b5b00c58f7f941149e11208036b97a142492f39080e43fe8b
775a662d28178ba373b6341976835439d69881fe2e5c7b882b8a425bf3b41f64
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec
9ef9fd5bfa105602db36a51612599f6173db37e3fdfdadcb67de9925f582d490
a645fe3ee104ffb2b87914fe4738f357b66e3a098e02c642096f418626ba120a
b103d7f04348f2a966f56fc50d8900ec3b17051b53991a0468f704ced50f9293
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
d469e0a996f1f759c6849741eee77d96cbd76e214bb457d557702ae86e3b2639
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018
db7212417fa0f944ec044c4fc5593cb5e0d6b61b7e7734ffd15732014aff2adf
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dfdad15e9c9e512e1aa8f6a3fce579aa77d0ba6e5b7260132a6f6aaaa67c8de4
e1a233b5ccd4b4e667c1712740b443feb04d52516929b04110cdef569ca62024
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a7ae54da3a2a374045117bf0ca49d419ca2abbdc286caed3ea3016a7c893e5
f2aa6054be58210371313a1c28d4008217b8bf553e85294cc982b8eaf87f8702
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc