urlscan.io logo urlscan.io
SecurityTrails logo

coolrea.link Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://coolrea.link/flash2
Submission: On February 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 15 domains to perform 35 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is coolrea.link.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time coolrea.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 172.240.108.84 7979 (SERVERS-COM)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 139.45.197.245 9002 (RETN-AS)
4 188.114.97.3 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 149.56.240.129 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e6:... 13335 (CLOUDFLAR...)
7 62.182.85.222 30860 (YURTEH-AS)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
35 16
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
coolrea.link
awistats.com
1    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
interimfish.com
4    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
sheegiwo.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
candlenorth.net
1    2606:4700:10::6814:4273 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net
s4.histats.com
1    2606:4700:3031::6815:4a1b (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:e6::ac40:cc13 (United States)

ASN13335 (CLOUDFLARENET, US)
mgxxuqp.com
7    62.182.85.222 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: host-222.dedicated.vsys.host
xmvtakdywcbqsrju.cdnorange.net
1    2606:4700:e6::ac40:c407 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
1    2606:4700:e2::ac40:8527 (United States)

ASN13335 (CLOUDFLARENET, US)
ctrtrk.com
Apex Domain
Subdomains		 Transfer
7 cdnorange.net
xmvtakdywcbqsrju.cdnorange.net
473 KB
4 candlenorth.net
candlenorth.net
42 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 14172
widgets.amung.us — Cisco Umbrella Rank: 29387
4 KB
4 coolrea.link
coolrea.link
22 KB
3 mgxxuqp.com
mgxxuqp.com
113 KB
3 sheegiwo.com
sheegiwo.com
32 KB
2 awistats.com
awistats.com — Cisco Umbrella Rank: 321055
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12731
s4.histats.com — Cisco Umbrella Rank: 12280
5 KB
1 ctrtrk.com
ctrtrk.com — Cisco Umbrella Rank: 35760
665 B
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31662
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
818 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
139 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 259595
134 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9876
542 B
1 interimfish.com
interimfish.com
35 15
Domain Requested by
7 xmvtakdywcbqsrju.cdnorange.net swarm.video
4 candlenorth.net coolrea.link
candlenorth.net
4 coolrea.link coolrea.link
3 mgxxuqp.com candlenorth.net
mgxxuqp.com
3 sheegiwo.com coolrea.link
sheegiwo.com
2 awistats.com candlenorth.net
awistats.com
2 widgets.amung.us coolrea.link
candlenorth.net
2 whos.amung.us 2 redirects
1 ctrtrk.com mgxxuqp.com
1 youradexchange.com mgxxuqp.com
1 fonts.googleapis.com candlenorth.net
1 cdn.jsdelivr.net candlenorth.net
1 swarm.video candlenorth.net
1 s4.histats.com s10.histats.com
1 my.rtmark.net sheegiwo.com
1 s10.histats.com coolrea.link
1 interimfish.com coolrea.link
35 17

This site contains no links.

Subject Issuer Validity Valid
coolrea.link
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
interimfish.com
R3		 2024-02-01 -
2024-05-01		 3 months crt.sh
sheegiwo.com
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
candlenorth.net
GTS CA 1P5		 2024-02-05 -
2024-05-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
swarm.video
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
awistats.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
mgxxuqp.com
E1		 2024-02-12 -
2024-05-12		 3 months crt.sh
xmvtakdywcbqsrju.cdnorange.net
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
ctrtrk.com
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://coolrea.link/flash2
Frame ID: 8EEC3C0784DFBEB0370A9E67C18636FE
Requests: 12 HTTP requests in this frame

Frame: https://candlenorth.net/embed/h1gn2
Frame ID: B9BE2785E139140BA08127272BFE4FC9
Requests: 22 HTTP requests in this frame

Frame: https://ctrtrk.com/ut/ctr.php
Frame ID: B405E217F97A04708B10FAE3BC2C969F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Live Footbal Streaming - Live Premier League

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

91 %
HTTPS

60 %
IPv6

15
Domains

17
Subdomains

16
IPs

6
Countries

967 kB
Transfer

2375 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=11000&c=000000ffffff&p=left
Request Chain 16
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=191300&c=000000ffffff&p=left

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request flash2
coolrea.link/ 		60 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13efb06740bbc55becfdc62aa7a7922b3662d5172abadd4fc3e1ba0e55136fdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8591f3002b169c5a-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Feb 2024 21:05:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMc2P%2Bnpw9OznqVu2QbqwTBzRT3Kq4ncS8hAIV1oKn6H2%2F9vP40jvWQi3Ap8ngVmwuGYWv1Su1oSH34KiLSWwI9jjYN7y7besmMILd8U%2BDF%2Bp1XCkYrcnlmo2XJ%2FKmrSwadFPCIqjtBT0SQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
coolrea.link/css/ 		1 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/style.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Apr 2022 14:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90782
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJPywIJRr%2FToqQmMIOmiJObvVUP5sH712wcrFCJgxYj76ezdPWbDeEQY0am9Oubsfdtg%2Famfi8N013Jw4leKvSBDlSVyIClCsvcxh6ii2K%2Bbi2FlBbgkd4PVocFvBOCICGMHWw9SnFbH3CA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8591f3033ed79c5a-IAD
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Feb 2024 19:52:43 GMT
custom.css
coolrea.link/css/ 		1 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/custom.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6108f045cf10f60b5b00c58f7f941149e11208036b97a142492f39080e43fe8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 11 Feb 2024 18:56:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
103518
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuvjmTx5LfnlUfcTPzb99Sum9HDp5cO8kvW%2FykJUZE1GBImW4CH%2BgeB%2F7FaFkzJg4UdoZM9Pb9fsqPQbBtLxabAzfSpDOrQXiAjkIoY8qWj3WkFnYmtwRNk9Lf0xlq41J%2Bk4lZyOce9CIXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8591f3033edc9c5a-IAD
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Feb 2024 16:20:27 GMT
posts
interimfish.com/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://interimfish.com/api/posts?token=L2I1L2Q1L2UyL2I1ZDVlMmNiYWE4ODQwMjliMTM2MzcwMDliOTRlMzQyLmpz
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:45 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=11000&c=000000ffffff&p=left
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=11000&c=000000ffffff&p=left
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7db3e7686060a0adf38c3eda179c3fc6930c2e1bb8962ad0b8d1bdd5484faf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 17:56:45 GMT
server
cloudflare
age
1134541
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
8591f3072c59198f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 09 Feb 2024 17:56:45 GMT

Redirect headers

date
Wed, 21 Feb 2024 21:05:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://widgets.amung.us/draw/?w=colored&n=11000&c=000000ffffff&p=left
cache-control
max-age=295
cf-ray
8591f3061b52198f-FRA
alt-svc
h3=":443"; ma=86400
flash2
coolrea.link/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/flash2
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Anb%2F6viUnnlLifBDx1TXNRY0iQHBMHhAkYsv9ZylVlsFSp5fzOBWcjzXzpQ03rXWTeM8J7PGfSJa5w6KC5C%2BMYuN0zJOBRJciiHdrmiz5ycO1%2BmE73Icw%2BSTXXJ6Z84M%2FrNZlPevsPT1W78%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8591f30579849c5a-IAD
alt-svc
h3=":443"; ma=86400
/
sheegiwo.com/5/6837565/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/5/6837565/?oo=1&aab=1
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
76b6e1d2bd2bb72bbf36df431e5bd12068e7ee44afa5360809c7009fbaac6c7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
gzip
x-trace-id
1180f2bc63059b5fd0741966672eaa9c
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://coolrea.link
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
sheegiwo.com/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/tag.min.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
349e50786497396d66932e5744c8a6e759646f2bf5fe8da230d1c7da97b12b4c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
26359
x-trace-id
fab64c7b94b7781b890ebedd7f2e5c0e
pragma
no-cache
last-modified
Wed, 21 Feb 2024 18:40:09 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
h1gn2
candlenorth.net/embed/ Frame B9BE 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/embed/h1gn2
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd8644d8878fbe5ae0b84f68f588a0b52c60ef849c016792e2c43999cdcc78f

Request headers

Referer
https://coolrea.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8591f306cc4f728d-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Feb 2024 21:05:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4gLV%2FdUe8QRuPpC0aeCtkVLYktyEQrB0S4jJW4VjM2AEFl01hqa7jvKLg6PwhQzU%2F9nLRkJFQxn4KRmXQRL9dKAFrsWTE3eGglFgX6YBEWCUi7IHaWrRI2GYCcsaptpE3c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
55538
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8591f3057b209268-FRA
content-length
4547
gid.js
my.rtmark.net/ 		65 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=008009d9478a4aa4f771021fd86bb531
Requested by
Host: sheegiwo.com
URL: https://sheegiwo.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8447469cb02128e56ca3d01af2691821b66a7d17a8552744dfc6e0d24857df42
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://coolrea.link
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
sheegiwo.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sheegiwo.com/?rb=tKa2QleyOi9cU9-KgOhftv_SWzBpcD0X3lIxIqqwk78mcgvb5bD15iOu73OyWAYXx_Mrpn2z6iOghyAlUhC-4W5siqp3B2-vGtQ-XlNVlSJd1YrQx1wKA_XdUMu1mu793iHDu_SpDbDamEQLhVXRVLy9Z2Y1Za3PcYH_hTGRfaeG9KJ-rSiz6FssD8MNr4GhK1Z5TGiAxNx-vMMltDE_EF_DYOz_ClpMsAOZjcHYgPJC8BffpFfQdKyOn2-N_4M1mfxlA_yudy3mTkx5MeS1aXGGItM-O8bziqkpYDmliyyQcPTkz0I6n8IDro8_PM-ugIlnfQ%3D%3D&request_ab2=0&zoneid=6837565&js_build=iclick-v1.696.1-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=2&pl=https%3A%2F%2Fcoolrea.link%2Fflash2&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.696.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=b63dc9b5-b9f7-4002-aca8-b15dcc42c8da&userId=008009d9478a4aa4f771021fd86bb531&m=link
Requested by
Host: sheegiwo.com
URL: https://sheegiwo.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d3846b54a37a2ab3673c319a10286c52c28e29a04e43358cf05d8f88b04f3477
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:45 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
f81a7ca4bd97ef7edaa7703726aa6d4c
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://coolrea.link
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1708549546402&@k0&@l1&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-3331385&@b3:1708549546&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fcoolrea.link%2Fflash2&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
891162e81a2b4d96aa0f65122575f851a0be07dfeba8f7a43e71cebc3692e6bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:46 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
embed.min.css
candlenorth.net/css/ Frame B9BE 		1 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/css/embed.min.css?v=0.5
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/embed/h1gn2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
399672
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFGludPsEXngkeXe9%2Br%2FHC1AllSo7HVzS38zdfFj9VliHcJyhxPwFc3cb6GrI2Rg71sYCvZ66ymuXJDDcSHVCK%2F4tPJesomnVk2UfiJ0qcLZmScbeAhM60r0nt8lMQFJMQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
8591f309a8f0728d-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 07:04:34 GMT
jquery.min.js
candlenorth.net/js/ Frame B9BE 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/js/jquery.min.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/embed/h1gn2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
398678
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JWc3fXv5JbJGsFOoTL5zxbsDAjTgymgTy26OPmlSs1FqjPRm%2BqjzWzLiRQbmX96NBwk9hs%2BNIoP%2BqcfM1icb9BUIzs7x%2BDsUC9Udp4D7YjTloedfC1bm4idivf03aZpbbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
8591f309a8f4728d-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 07:21:08 GMT
j79z9kzty.js
swarm.video/ Frame B9BE 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/j79z9kzty.js?v=1.1
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3292215
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 00:04:36 GMT
server
cloudflare
etag
W/"8533a-1893d1d4765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFVZUlxGEyZN67YcXoRnNjpgWvNvIiPlzmUPlxdIPLcoa0lVyHF4GgQgJHfL0a1Ld85n%2F5yOGXrhpqj25D1QRHNkYhbABU9wL8nMa8ah35CtoVA8yNedUgBXhEue0s4YXITW%2FZ53T3yxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8591f30e591f56b6-IAD
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame B9BE 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18238
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230071-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqtnsO36cTRH7jWesEJa1JhBuYEnytkyd6TYrnguYmhw7g5%2FjmdbspxITKRqtMkSWTA%2Fbb9%2BXL8JXlqIJe6pv8sRxdlrg8k%2BfBMudO8KWv5SwpFAJRLWlYMGDcWQ679YnuOYrbO01%2FYbUBPdmYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8591f30b3f913815-FRA
/
widgets.amung.us/draw/ Frame B9BE
Redirect Chain
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=191300&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=191300&c=000000ffffff&p=left
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590e79c5d2043ec14bad339eba509a84a090d7029a403b53b6a54fcf2bd062bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Feb 2024 20:04:42 GMT
server
cloudflare
age
3664
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
8591f30a3f1f198f-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 20:04:42 GMT

Redirect headers

date
Wed, 21 Feb 2024 21:05:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=UTF-8
location
https://widgets.amung.us/draw/?w=colored&n=191300&c=000000ffffff&p=left
cache-control
max-age=295
cf-ray
8591f3096e5e198f-FRA
alt-svc
h3=":443"; ma=86400
script.js
awistats.com/js/ Frame B9BE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awistats.com/js/script.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 21 Feb 2024 09:25:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xooXp5y03zXH%2BrhQ3SX8WAMfoRrhJ6MbdFvKT8YYGEq2WblL32G67ao1R8pCAjcnKKIxDWyBmSmbdOaxwpeHg4Ed97D7O0iTv6fK1AijVnkBc156tPVdZlFDSEZWm14L%2BvLGdW7kvmSc%2Boo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
8591f30a6d3966a2-AMS
deb.js
candlenorth.net/ Frame B9BE 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlenorth.net/deb.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/embed/h1gn2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
399674
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZEzHr8osmG0nxZ4VsvLv%2F%2FG5g5p4N6N9RwNc%2Bq93r4glCplN9Q82%2FKOsiz20xthyqKPB19t1eM%2B4%2FPHskJrg6fD7JQ9QnKEYsKUtBPhQCFm%2BrXazw9CBKShCYTsQnDcAu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
8591f309a8f5728d-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 24 Feb 2024 07:04:32 GMT
css
fonts.googleapis.com/ Frame B9BE 		1 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/css/embed.min.css?v=0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Feb 2024 21:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Feb 2024 20:48:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Feb 2024 21:05:46 GMT
utils.js
mgxxuqp.com/script/ Frame B9BE 		162 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mgxxuqp.com/script/utils.js
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775a662d28178ba373b6341976835439d69881fe2e5c7b882b8a425bf3b41f64

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315
x-guploader-uploadid
ABPtcPpa4qYXMtsfDlP34XE-rEmgwwUM29L30AU1RDfI9LQ63T02W6qIzX1E_HpWmqyGPMzrnPd0XhgRIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 15 Feb 2024 14:16:59 GMT
server
cloudflare
etag
W/"140b9229a29ce1eee6c8300109b493ca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jx7nEg==, md5=FAuSKaKc4e7myDABCbSTyg==
x-goog-generation
1708006619286429
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvPFhDpGPvR728RrcTRICw3h8e2iKKstPsyT%2FhroFvxFatohZYr6yA%2Bs8AuYWlgpAVfK7SwOMF4LPuozh6G8neIrXA6v6fAgcQnCbofMvuZQsudJiSv45gg%2FZPzdvw%2FRz7PnEc9p0jGoqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
165937
cf-ray
8591f312a9e56f1e-CDG
expires
Wed, 21 Feb 2024 21:11:14 GMT
event
awistats.com/api/ Frame B9BE 		2 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awistats.com/api/event
Requested by
Host: awistats.com
URL: https://awistats.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://candlenorth.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Feb 2024 21:05:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZXUS%2B3HJYyryw2le7KGlaQLqzR5w%2BY1qx6VNLHBcodveZYoTFmr3UfRAjeQFv0U9jmpjdSqwkfxnZQmR2bYPT4RQCoeejRZM4RPStIUKRNP0Gwz0%2FoH41KdVyBh%2Fc9zB9wr2H5J32L3xeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8591f312ad1e6fac-CDG
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F7X8wvfa2-EXlUODm9sF
h1gn2.m3u8
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		756 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2.m3u8?s=3frXh0mHtrVv9wgYy8YHgg&e=1708571146
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
5c885f3ebcda1f7c2e4b2039ad63210850d5166eb4a515e4f7043b10ce80fb6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:48 GMT
Last-Modified
Wed, 21 Feb 2024 21:05:47 GMT
Server
nginx/1.24.0
ETag
"65d665ab-2f4"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
756
h1gn2.m3u8
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		756 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2.m3u8?s=3frXh0mHtrVv9wgYy8YHgg&e=1708571146
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
5c885f3ebcda1f7c2e4b2039ad63210850d5166eb4a515e4f7043b10ce80fb6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:48 GMT
Last-Modified
Wed, 21 Feb 2024 21:05:47 GMT
Server
nginx/1.24.0
ETag
"65d665ab-2f4"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
756
h1gn2-734249970.ts
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		156 KB
156 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2-734249970.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
c003d68f85a0a2822e03ecd8eac5f5372010fd2f54c7f64e47b633d916b6ed77

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:48 GMT
Last-Modified
Wed, 21 Feb 2024 21:04:49 GMT
Server
nginx/1.24.0
ETag
"65d66571-27038"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
159800
h1gn2-734400000.ts
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		312 KB
312 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2-734400000.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
51b032ca46a8f037dcbd80e8605f77a0792e73544fc46042d1b3948f92baa257

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:48 GMT
Last-Modified
Wed, 21 Feb 2024 21:04:52 GMT
Server
nginx/1.24.0
ETag
"65d66574-4def8"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
319224
b6e0c041-f2e7-4b67-a63a-b98bc4c086e9
https://candlenorth.net/ Frame B9BE 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://candlenorth.net/b6e0c041-f2e7-4b67-a63a-b98bc4c086e9
Requested by
Host: candlenorth.net
URL: https://candlenorth.net/embed/h1gn2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
ut.js
mgxxuqp.com/script/ Frame B9BE 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mgxxuqp.com/script/ut.js?cb=1708549548358
Requested by
Host: mgxxuqp.com
URL: https://mgxxuqp.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3021
x-guploader-uploadid
ABPtcPod2Y5RXKFDXiBSLRrEb8fZJG5dZzymwt_GbERfRMjVBG0nAe1doUjcIHH75xyVKXr-Ek8BZHJR6g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 09:11:15 GMT
server
cloudflare
etag
W/"f78273815ffccc0126bd3e83d2813f7c"
vary
Accept-Encoding
x-goog-hash
crc32c=0sa7rw==, md5=94JzgV/8zAEmvT6D0oE/fA==
x-goog-generation
1705569075555153
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgucTunHZQ8TdVvGutm78%2BMWlMEs7VeQidu4Q03HUqbfIyqL5nYr4X3Ih5l7x9jVBxkMed1TxqWFD6XDDjZ2drRQiupQ3VTApuZCQemph5pzkMCofM%2BevgflduPQXMj7d%2BFxf66CCAFA7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
89230
cf-ray
8591f3154ead6f1e-CDG
expires
Wed, 21 Feb 2024 20:20:29 GMT
suv5.js
mgxxuqp.com/script/ Frame B9BE 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mgxxuqp.com/script/suv5.js
Requested by
Host: mgxxuqp.com
URL: https://mgxxuqp.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a7ae54da3a2a374045117bf0ca49d419ca2abbdc286caed3ea3016a7c893e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61
x-guploader-uploadid
ABPtcPp6CtIfUUENJz7OdpCqKc2A7CvhDylvK2t7KrzxkaRKuGO0WAnslToTphRY4cUR_FnhspE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 15 Feb 2024 14:16:05 GMT
server
cloudflare
etag
W/"759d8b38c085af960657104a8d19c1a2"
vary
Accept-Encoding
x-goog-hash
crc32c=yKysnw==, md5=dZ2LOMCFr5YGVxBKjRnBog==
x-goog-generation
1708006565806041
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKqU9BiROYTnt4rtceKae%2BzEiM0xj%2FCHQTet3hKhEhnyzpAVJf4nktrrZHy0GGxuv2wGxhAyKp6l3rbOdhxyRm4fybvoysP1NAkm5T83UMj7w66%2FE3cS0d8AaYRPb4bf6Xbfplb5XCvKhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
103574
cf-ray
8591f3155eaf6f1e-CDG
expires
Wed, 21 Feb 2024 21:20:18 GMT
suurl5.php
youradexchange.com/script/ Frame B9BE 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=7108866&chmob=%3F0&cbur=0.365636462165829&cbiframe=1&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fcoolrea.link%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=mgxxuqp.com&ts=1708549548551&srs=2f3796f7dad2254afb8a56aefe616edc&atv=43.0-sw-adbl-suv5&abtg=1
Requested by
Host: mgxxuqp.com
URL: https://mgxxuqp.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2869e390df98bbc51451999399afbd9ea10cca1d58203f47cd50fcd562b4ee2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 21:05:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQqPyT%2BUz5HeFnWEydks%2Fywal3TQ519oo5unwKu%2F%2B02HZzVqx6H0SPjsCuEBpbHeLR9lksJbOm8ysax8%2FoT2YwmZPUhOaJHcQnozV3wEi0vSRNvXQWz1A5wRMa1hR5nvEhMMPYrZpGFWWkbnvDY%2FDy8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
8591f317afec2a13-CDG
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
ctr.php
ctrtrk.com/ut/ Frame B405 		166 B
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ctrtrk.com/ut/ctr.php
Requested by
Host: mgxxuqp.com
URL: https://mgxxuqp.com/script/ut.js?cb=1708549548358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
305bc52d7771a2825cee1b671954bceaa7051b8493714a6608a8ab0816d02cfe

Request headers

Referer
https://candlenorth.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8591f3186c398ce8-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 21:05:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2e06Ux%2B7lnM5Mur%2F1EFBpEnFlSceIzuo5JjNlB35Q7G3sZnNtS%2F%2BeexMedOpGfSnuOjILmOw5KewWRrnCDQKwy%2F0d8N2fYIWhJWvUk4kwIn2WkeHVUvE8lC6kT7JnYG82kpZ23pVGt8p"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
h1gn2.m3u8
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		756 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2.m3u8?s=3frXh0mHtrVv9wgYy8YHgg&e=1708571146
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
5a6fc1f619d216f2c2f13de791f990997e1ebb75fb26bd229b730cdcd922a90d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:49 GMT
Last-Modified
Wed, 21 Feb 2024 21:05:48 GMT
Server
nginx/1.24.0
ETag
"65d665ac-2f4"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
756
h1gn2-734699970.ts
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		160 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2-734699970.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:50 GMT
Last-Modified
Wed, 21 Feb 2024 21:04:55 GMT
Server
nginx/1.24.0
ETag
"65d66577-4ce14"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
314900
h1gn2.m3u8
xmvtakdywcbqsrju.cdnorange.net/hls/ Frame B9BE 		756 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmvtakdywcbqsrju.cdnorange.net:8443/hls/h1gn2.m3u8?s=3frXh0mHtrVv9wgYy8YHgg&e=1708571146
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.85.222 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-222.dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
5a6fc1f619d216f2c2f13de791f990997e1ebb75fb26bd229b730cdcd922a90d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlenorth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 21:05:50 GMT
Last-Modified
Wed, 21 Feb 2024 21:05:48 GMT
Server
nginx/1.24.0
ETag
"65d665ac-2f4"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
756

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| k object| _scxu4oitkyl object| ytno57rogsa object| zfgformats function| setImmediate function| clearImmediate function| _omojwjd function| _kgwdohhc object| _Hasync function| vwu function| cbut object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

14 Cookies

Domain/Path Name / Value
sheegiwo.com/ Name: OAID
Value: 008009d9478a4aa4f771021fd86bb531
sheegiwo.com/ Name: oaidts
Value: 1708549545
my.rtmark.net/ Name: ID
Value: 008009d9478a4aa4f771021fd86bb531
coolrea.link/ Name: prefetchAd_6837565
Value: true
sheegiwo.com/ Name: syncedCookie
Value: true
coolrea.link/ Name: HstCfa3681769
Value: 1708549546402
coolrea.link/ Name: HstCla3681769
Value: 1708549546402
coolrea.link/ Name: HstCmu3681769
Value: 1708549546402
coolrea.link/ Name: HstPn3681769
Value: 1
coolrea.link/ Name: HstPt3681769
Value: 1
coolrea.link/ Name: HstCnv3681769
Value: 1
coolrea.link/ Name: HstCns3681769
Value: 1
candlenorth.net/ Name: hf1
Value: 1
ctrtrk.com/ Name: uniqid
Value: b0ac19dc-4da3-4213-8472-0b25880c7319

19 Console Messages

Source Level URL
Text
security warning URL: https://coolrea.link/flash2
Message:
Mixed Content: The page at 'https://coolrea.link/flash2' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://interimfish.com/api/posts?token=L2I1L2Q1L2UyL2I1ZDVlMmNiYWE4ODQwMjliMTM2MzcwMDliOTRlMzQyLmpz
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning URL: https://coolrea.link/flash2(Line 25)
Message:
Mixed Content: The page at 'https://coolrea.link/flash2' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
rendering warning URL: https://candlenorth.net/embed/h1gn2(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://coolrea.link/flash2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awistats.com
candlenorth.net
cdn.jsdelivr.net
coolrea.link
ctrtrk.com
fonts.googleapis.com
interimfish.com
mgxxuqp.com
my.rtmark.net
s10.histats.com
s4.histats.com
sheegiwo.com
swarm.video
whos.amung.us
widgets.amung.us
xmvtakdywcbqsrju.cdnorange.net
youradexchange.com
139.45.195.8
139.45.197.245
149.56.240.129
172.240.108.84
188.114.97.3
2606:4700:10::6814:4273
2606:4700:10::6816:4aab
2606:4700:3031::6815:4a1b
2606:4700::6810:5614
2606:4700:e2::ac40:8527
2606:4700:e6::ac40:c407
2606:4700:e6::ac40:cc13
2a00:1450:4001:81c::200a
2a06:98c1:3121::3
62.182.85.222
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
13efb06740bbc55becfdc62aa7a7922b3662d5172abadd4fc3e1ba0e55136fdf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
305bc52d7771a2825cee1b671954bceaa7051b8493714a6608a8ab0816d02cfe
349e50786497396d66932e5744c8a6e759646f2bf5fe8da230d1c7da97b12b4c
4fd8644d8878fbe5ae0b84f68f588a0b52c60ef849c016792e2c43999cdcc78f
51b032ca46a8f037dcbd80e8605f77a0792e73544fc46042d1b3948f92baa257
590e79c5d2043ec14bad339eba509a84a090d7029a403b53b6a54fcf2bd062bb
5a6fc1f619d216f2c2f13de791f990997e1ebb75fb26bd229b730cdcd922a90d
5c885f3ebcda1f7c2e4b2039ad63210850d5166eb4a515e4f7043b10ce80fb6d
6108f045cf10f60b5b00c58f7f941149e11208036b97a142492f39080e43fe8b
76b6e1d2bd2bb72bbf36df431e5bd12068e7ee44afa5360809c7009fbaac6c7d
775a662d28178ba373b6341976835439d69881fe2e5c7b882b8a425bf3b41f64
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
8447469cb02128e56ca3d01af2691821b66a7d17a8552744dfc6e0d24857df42
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88081c343743aad1158078961d80119501c1f97bbe28ced8a66cae8acc1e0bec
891162e81a2b4d96aa0f65122575f851a0be07dfeba8f7a43e71cebc3692e6bb
c003d68f85a0a2822e03ecd8eac5f5372010fd2f54c7f64e47b633d916b6ed77
c2869e390df98bbc51451999399afbd9ea10cca1d58203f47cd50fcd562b4ee2
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
ca7db3e7686060a0adf38c3eda179c3fc6930c2e1bb8962ad0b8d1bdd5484faf
d3846b54a37a2ab3673c319a10286c52c28e29a04e43358cf05d8f88b04f3477
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a7ae54da3a2a374045117bf0ca49d419ca2abbdc286caed3ea3016a7c893e5
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc