cricfree.live Open in urlscan Pro
185.233.186.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cricfree.live/update/super5.php
Submission: On February 11 via api (February 11th 2020, 7:26:11 am UTC) from US

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 3 domains to perform 7 HTTP transactions. The main IP is 185.233.186.104, located in Bromley, United Kingdom and belongs to YURTEH-AS, UA. The main domain is cricfree.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 20th 2020. Valid for: 3 months.

This is the only time cricfree.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.233.186.104 185.233.186.104	30860 (YURTEH-AS) (YURTEH-AS)
2	2606:4700:303... 2606:4700:3035::6812:383d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
7	4

3 185.233.186.104 (Bromley, United Kingdom)

ASN30860 (YURTEH-AS, UA)

cricfree.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6812:383d (United States)

ASN13335 (CLOUDFLARENET, US)

www.airhdx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.28 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cricfree.live cricfree.live	3 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	airhdx.com www.airhdx.com	561 B
7	3

	Domain	Requested by
3	cricfree.live	cricfree.live
2	www.airhdx.com	cricfree.live www.airhdx.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	cricfree.live
7	4

This site contains no links.

Subject Issuer	Validity	Valid
cricfree.sc Let's Encrypt Authority X3	`2020-01-20` - `2020-04-19`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-07-23` - `2020-07-22`	a year	crt.sh
histats.com Let's Encrypt Authority X3	`2019-12-27` - `2020-03-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://cricfree.live/update/super5.php
Frame ID: 593DC67694081ED7D50B4E31FE95E0E3
Requests: 5 HTTP requests in this frame

Frame: https://www.airhdx.com/embed.php?live=super5&vw=620&vh=490
Frame ID: 486E31BDC122D2F9E95410EB38771A15
Requests: 1 HTTP requests in this frame

Frame: https://cricfree.live/update/ad4.php
Frame ID: EDB1B99A551FD32F2A651D5FC5885907
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

4
Countries

8 kB
Transfer

14 kB
Size

42
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request super5.php Show response cricfree.live/update/	2 KB 1 KB	164ms 54ms	Document text/html	185.233.186.104 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://cricfree.live/update/super5.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.233.186.104 Bromley, United Kingdom, ASN30860 (YURTEH-AS, UA), Reverse DNS Software nginx / Resource Hash `f1c7503ee2f1305d6eb9562d57604c2f60514ceb26187a4c90fbece1a5ea599c` Request headers Host cricfree.live Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx Date Tue, 11 Feb 2020 07:25:52 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H2	200	player.js Show response www.airhdx.com/	309 B 561 B	67ms 25ms	Script application/javascript	2606:4700:3035::6812:383d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.airhdx.com/player.js Requested by Host: cricfree.live URL: https://cricfree.live/update/super5.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:383d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `494485ef89613609098f6efc205dbbfbdcf4d7c6b4962f58707604e60a9d8d9f` Request headers Referer https://cricfree.live/update/super5.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 07:25:52 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Aug 2019 16:42:25 GMT server cloudflare age 1457 etag W/"5d5196f1-135" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 563497657f73dfcb-FRA
GET H/1.1	200 OK	167ngnb.gif cricfree.live/update/	1 KB 1 KB	53ms 53ms	Image image/gif	185.233.186.104 YURTEH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cricfree.live/update/167ngnb.gif Requested by Host: cricfree.live URL: https://cricfree.live/update/super5.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.233.186.104 Bromley, United Kingdom, ASN30860 (YURTEH-AS, UA), Reverse DNS Software nginx / Resource Hash `b53df20c6ede5f7de5b4444e7fcd6fe0babc3b573293446e72a463ed62a4cf05` Request headers Referer https://cricfree.live/update/super5.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 11 Feb 2020 07:25:52 GMT Last-Modified Tue, 05 Sep 2017 10:20:31 GMT Server nginx ETag "59ae7a6f-44c" Content-Type image/gif Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 1100 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	embed.php www.airhdx.com/ Frame 486E	0 0	37ms 36ms	Document text/html	2606:4700:3035::6812:383d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.airhdx.com/embed.php?live=super5&vw=620&vh=490 Requested by Host: www.airhdx.com URL: https://www.airhdx.com/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:383d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.3.3 Resource Hash Request headers :method GET :authority www.airhdx.com :scheme https :path /embed.php?live=super5&vw=620&vh=490 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://cricfree.live/update/super5.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://cricfree.live/update/super5.php Response headers status 200 date Tue, 11 Feb 2020 07:25:52 GMT content-type text/html set-cookie __cfduid=d99b725073ed748a1017a1f56f511112d1581405952; expires=Thu, 12-Mar-20 07:25:52 GMT; path=/; domain=.airhdx.com; HttpOnly; SameSite=Lax; Secure x-powered-by PHP/5.3.3 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56349765afb8dfcb-FRA content-encoding br
GET H/1.1	200 OK	ad4.php Show response cricfree.live/update/ Frame EDB1	0 218 B	54ms 53ms	Document text/html	185.233.186.104 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://cricfree.live/update/ad4.php Requested by Host: cricfree.live URL: https://cricfree.live/update/super5.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.233.186.104 Bromley, United Kingdom, ASN30860 (YURTEH-AS, UA), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Host cricfree.live Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Referer https://cricfree.live/update/super5.php Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://cricfree.live/update/super5.php Response headers Server nginx Date Tue, 11 Feb 2020 07:25:52 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	93ms 30ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: cricfree.live URL: https://cricfree.live/update/super5.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash `1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668` Request headers Referer https://cricfree.live/update/super5.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 07:23:29 GMT content-encoding br last-modified Thu, 06 Dec 2018 14:12:12 GMT x-cdn-pop-ip 51.254.41.128/26 etag "-139234964" x-cacheable Matched cache content-type text/javascript status 200 x-cdn-pop rbx1 accept-ranges bytes content-length 4333 x-request-id 765495431
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	52 B 323 B	345ms 115ms	Script text/html	192.99.8.28 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?1602289&@f16&@g1&@h1&@i1&@j1581405953002&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-58878483&@b3:1581405953&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fcricfree.live%2Fupdate%2Fsuper5.php&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.8.28 Richmond Hill, Canada, ASN16276 (OVH, FR), Reverse DNS ns523448.ip-192-99-8.net Software / Resource Hash `247e57aa1a79c983a4d5eb687f10772c1000ea994457ae8be946737867c15f0d` Request headers Referer https://cricfree.live/update/super5.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 11 Feb 2020 07:25:53 GMT Connection close Content-Length 52 Content-Type text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ISH_Q Value: #[12102]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ISH Value: #{"12102":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IMH_Q Value: #[87036]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IMH Value: #{"87036":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IZH_Q Value: #[50959]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IUID Value: bbd873d8-a4c4-4c40-85f7-eef872654250
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ISPH_Q Value: #[12101]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPLH Value: #{"77547":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ISPH Value: #{"12101":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPLSH_Q Value: #[]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IMCH_Q Value: #[]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPLSH Value: #{}
cricfree.live/	1970-01-19 16:02:21	Name: HstPt1602289 Value: 1
engine.spotscenered.info/	1970-01-22 22:57:05	Name: BSWUID Value: #
engine.spotscenered.info/	1970-01-22 22:57:05	Name: MSSH Value: #{}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPMUID Value: #
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IZH Value: #{"50959":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IMCH Value: #{}
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPMPLU Value: #
engine.spotscenered.info/	1970-01-19 07:17:00	Name: ILMPF Value: #False
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ILP Value: null
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.spotscenered.info/	1970-01-22 22:57:05	Name: CHN Value: #[]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: MSRH Value: #{}
engine.spotscenered.info/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.spotscenered.info/	1969-12-31 23:59:59	Name: ISSH Value: 5124FD
cricfree.live/	1970-01-19 16:02:21	Name: HstPn1602289 Value: 1
engine.spotscenered.info/	1969-12-31 23:59:59	Name: VMI Value: 5910c800-7716-4235-988c-3d1c98df55a3
cricfree.live/	1970-01-19 16:02:21	Name: HstCnv1602289 Value: 1
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ICH Value: #{"39377":[{"SId":"5124FD","D":"2020-02-10T23:25:53"}]}
www.airhdx.com/	1969-12-31 23:59:59	Name: Value: __test
.airhdx.com/	1970-01-19 07:16:46	Name: _gat_gtag_UA_84664488_1 Value: 1
.airhdx.com/	1970-01-19 07:18:12	Name: _gid Value: GA1.2.2130652145.1581405953
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ILPLU Value: #1/1/0001 12:00:00 AM
.airhdx.com/	1970-01-20 00:47:57	Name: _ga Value: GA1.2.2103492522.1581405953
cricfree.live/	1970-01-19 16:02:21	Name: HstCmu1602289 Value: 1581405953002
cricfree.live/	1970-01-19 16:02:21	Name: HstCns1602289 Value: 1
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IPLH_Q Value: #[77547]
cricfree.live/	1970-01-19 16:02:21	Name: HstCla1602289 Value: 1581405953002
engine.spotscenered.info/	1970-01-22 22:57:05	Name: ICH_Q Value: #[39377]
engine.spotscenered.info/	1970-01-22 22:57:05	Name: IBL Value: #[]
cricfree.live/	1970-01-19 16:02:21	Name: HstCfa1602289 Value: 1581405953002

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cricfree.live
s10.histats.com
s4.histats.com
www.airhdx.com
185.233.186.104
192.99.8.28
2606:4700:3035::6812:383d
46.105.201.240
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
247e57aa1a79c983a4d5eb687f10772c1000ea994457ae8be946737867c15f0d
494485ef89613609098f6efc205dbbfbdcf4d7c6b4962f58707604e60a9d8d9f
b53df20c6ede5f7de5b4444e7fcd6fe0babc3b573293446e72a463ed62a4cf05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1c7503ee2f1305d6eb9562d57604c2f60514ceb26187a4c90fbece1a5ea599c

cricfree.live Open in urlscan Pro 185.233.186.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

4 Countries

8 kBTransfer

14 kBSize

42 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

42 Cookies

Indicators

cricfree.live Open in urlscan Pro
185.233.186.104 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

4
Countries

8 kB
Transfer

14 kB
Size

42
Cookies

7 HTTP transactions
0 data transactions