cricfree.pw Open in urlscan Pro
2606:4700:3035::6815:42d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cricfree.pw/update/bt1
Submission: On November 06 via manual (November 6th 2022, 10:42:10 am UTC) from RU — Scanned from DE

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 31 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3035::6815:42d, located in United States and belongs to CLOUDFLARENET, US. The main domain is cricfree.pw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time cricfree.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::6815:42d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::ac43:b2a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:888	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3034::ac43:959a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:42d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
4	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
1	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
2 4	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:303... 2606:4700:3032::ac43:bbd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:237... 2600:9000:237d:e000:14:63a1:c340:21	16509 (AMAZON-02) (AMAZON-02)
2	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
2	168.119.25.20 168.119.25.20	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:42a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:52a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.106.19 172.64.106.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.66.33 65.9.66.33	16509 (AMAZON-02) (AMAZON-02)
3	172.67.138.9 172.67.138.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
4	37.49.224.221 37.49.224.221	213371 (SQUITTER-...) (SQUITTER-NETWORKS)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
76	34

3 2606:4700:3035::6815:42d (United States)

ASN13335 (CLOUDFLARENET, US)

cricfree.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:b2a8 (United States)

ASN13335 (CLOUDFLARENET, US)

4dsbanner.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:888 (United States)

ASN13335 (CLOUDFLARENET, US)

stream.crichd.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

0a9f0fde99.3bcd202415.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
633678338f.3cb004e947.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:959a (United States)

ASN13335 (CLOUDFLARENET, US)

dramacool.tube	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ww1.9anime.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asia.web3-lab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:42d2 (United States)

ASN13335 (CLOUDFLARENET, US)

gocast2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.28.254 (Freiburg im Breisgau, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:e0:19cb::1 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

65eb50053b.3cb004e947.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:bbd6 (United States)

ASN13335 (CLOUDFLARENET, US)

superfastcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:e000:14:63a1:c340:21 (United States)

ASN16509 (AMAZON-02, US)

d27x9po2cfinm5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.8.27 (Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.25.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.20.25.119.168.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:42a (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:52a (United States)

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.106.19 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-33.fra56.r.cloudfront.net

anwhocam.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.138.9 (United States)

ASN13335 (CLOUDFLARENET, US)

redanludb.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

waufooke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.49.224.221 (Belize)

ASN213371 (SQUITTER-NETWORKS, NL)

go2.gocast2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gocast2.com gocast2.com — Cisco Umbrella Rank: 94648 go2.gocast2.com — Cisco Umbrella Rank: 310336	706 KB
5	3cb004e947.com 2 redirects 633678338f.3cb004e947.com 65eb50053b.3cb004e947.com	14 KB
4	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 126	2 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	208 KB
4	histats.com s10.histats.com — Cisco Umbrella Rank: 12131 s4.histats.com — Cisco Umbrella Rank: 9462	9 KB
4	superfastcdn.com superfastcdn.com — Cisco Umbrella Rank: 33574	120 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 15357 static.a-ads.com — Cisco Umbrella Rank: 36047	1 MB
3	redanludb.xyz redanludb.xyz	1 KB
3	cloudfront.net d27x9po2cfinm5.cloudfront.net	107 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 959	118 KB
3	3bcd202415.com 0a9f0fde99.3bcd202415.com	102 KB
3	cricfree.pw cricfree.pw	10 KB
2	waufooke.com waufooke.com — Cisco Umbrella Rank: 142780	24 KB
2	anwhocam.xyz anwhocam.xyz	2 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 17381	101 KB
2	adskeeper.com s-img.adskeeper.com — Cisco Umbrella Rank: 14057 c.adskeeper.com — Cisco Umbrella Rank: 13505	47 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 31421	6 KB
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 11033	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 26975	400 B
2	crichd.vip stream.crichd.vip — Cisco Umbrella Rank: 345173	2 KB
2	4dsbanner.net 4dsbanner.net — Cisco Umbrella Rank: 728699	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 447	63 KB
1	web3-lab.com asia.web3-lab.com — Cisco Umbrella Rank: 97447	690 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5233	334 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165	11 KB
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 25613	201 B
1	9anime.vip ww1.9anime.vip	664 B
1	dramacool.tube dramacool.tube	656 B
1	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 17171	238 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	54 KB
76	31

	Domain	Requested by
6	gocast2.com	stream.crichd.vip gocast2.com
4	go2.gocast2.com	cdn.jsdelivr.net
4	accounts.google.com	2 redirects gocast2.com
4	cdn.jsdelivr.net	gocast2.com
4	superfastcdn.com	stream.crichd.vip superfastcdn.com gocast2.com
4	65eb50053b.3cb004e947.com	2 redirects 0a9f0fde99.3bcd202415.com
3	redanludb.xyz	gocast2.com
3	d27x9po2cfinm5.cloudfront.net	gocast2.com anwhocam.xyz
3	code.jquery.com	gocast2.com
3	0a9f0fde99.3bcd202415.com	cricfree.pw 0a9f0fde99.3bcd202415.com
3	cricfree.pw	cricfree.pw
2	waufooke.com	gocast2.com
2	anwhocam.xyz	d27x9po2cfinm5.cloudfront.net
2	pogothere.xyz	d27x9po2cfinm5.cloudfront.net
2	static.bookmsg.com	cricfree.pw
2	s4.histats.com	s10.histats.com
2	youradexchange.com	superfastcdn.com
2	s10.histats.com	stream.crichd.vip gocast2.com
2	static.a-ads.com	ad.a-ads.com
2	ad.a-ads.com	dramacool.tube ww1.9anime.vip
2	fp.metricswpsh.com	0a9f0fde99.3bcd202415.com
2	stream.crichd.vip	cricfree.pw stream.crichd.vip
2	4dsbanner.net	cricfree.pw
2	ajax.googleapis.com	cricfree.pw gocast2.com
1	asia.web3-lab.com	cdn.jsdelivr.net
1	pro.ip-api.com	cdn.jsdelivr.net
1	www.facebook.com	gocast2.com
1	c.adskeeper.com	cricfree.pw
1	s-img.adskeeper.com	cricfree.pw
1	maxcdn.bootstrapcdn.com	gocast2.com
1	nereserv.com	0a9f0fde99.3bcd202415.com
1	633678338f.3cb004e947.com	0a9f0fde99.3bcd202415.com
1	ww1.9anime.vip	4dsbanner.net
1	dramacool.tube	4dsbanner.net
1	js.wpadmngr.com	0a9f0fde99.3bcd202415.com
1	pagead2.googlesyndication.com	cricfree.pw
76	36

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
0a9f0fde99.3bcd202415.com R3	`2022-11-03` - `2023-02-01`	3 months	crt.sh
js.wpadmngr.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.gocast2.com E1	`2022-10-07` - `2023-01-05`	3 months	crt.sh
notification.tubecup.net R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh
633678338f.3cb004e947.com R3	`2022-11-03` - `2023-02-01`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
3cb004e947.com R3	`2022-11-03` - `2023-02-01`	3 months	crt.sh
*.superfastcdn.com E1	`2022-11-04` - `2023-02-02`	3 months	crt.sh
histats.com R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
bookmsg.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.pogothere.xyz E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
anwhocam.xyz Amazon RSA 2048 M02	`2022-10-23` - `2023-11-21`	a year	crt.sh
*.redanludb.xyz E1	`2022-10-23` - `2023-01-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-15` - `2022-11-13`	3 months	crt.sh
waufooke.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
go2.gocast2.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://cricfree.pw/update/bt1
Frame ID: 6F40EA0284AE4858D0502F301795CBD7
Requests: 15 HTTP requests in this frame

Frame: https://4dsbanner.net/banner/static/300x250
Frame ID: 65D66FAE64DAF229356068FFA49B273C
Requests: 1 HTTP requests in this frame

Frame: https://4dsbanner.net/banner/native/728x90
Frame ID: FE9922333405BD8955CDE7EC19BFDFF7
Requests: 1 HTTP requests in this frame

Frame: https://stream.crichd.vip/update/bt1.php
Frame ID: EDF62D083FF08048B469344A07315544
Requests: 8 HTTP requests in this frame

Frame: https://dramacool.tube/banner_300x250
Frame ID: FFACDF020582385CA6EF0D5B347E8916
Requests: 1 HTTP requests in this frame

Frame: https://ww1.9anime.vip/banner_728x90
Frame ID: 11E521546536A7FCCBE647681823754A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2003357?size=300x250
Frame ID: CFAE49873825393E56B13F332C80ACFA
Requests: 3 HTTP requests in this frame

Frame: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Frame ID: 5834FF1D7E14C0180A0F16D1FF74CC95
Requests: 39 HTTP requests in this frame

Frame: https://ad.a-ads.com/1804593?size=728x90
Frame ID: 5A3A4B0D9C8DCEAA4C30FD1EFA442EB9
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0EAD91BB6B1B51F9C882F8546557DCD4
Requests: 19 HTTP requests in this frame

Frame: https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Frame ID: 50B08F826AA2226362FA2C8CF5754CA2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Player

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

76
Requests

93 %
HTTPS

55 %
IPv6

31
Domains

36
Subdomains

34
IPs

7
Countries

3007 kB
Transfer

4967 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2255&price=0.0049&is_cpm=0&cpm=0&ecpm=0.5055159291660788&crid=&crtid=a248c2bc2b5718538c9d2d00088493cc&tcid=0&out_id=1&ver=7.13.0&ver_c=&refdom=cricfree.pw&hostname=auc-inpage-hz-3-c&site_id=3131515&spot_id=31515&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-06&is_native=2&auction_queue=0&burl=9e0j5VScwUgAJmzbJ879JO5vaC6QhvnXPMasxyAjYcMU47atyqToFw&pop_winurl=&ip=178.162.209.140&testab=0&px_id=3131515&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB17-17&min_cpm=0.0014358324975306902&placement_type_id=&skin_test=0&verify_hash=e6742a85cb86c1e6fd92fa281cde99ae&score=81.79400963029482&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2110042838%26spot_id%3D31515%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fcricfree.pw%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.0049&user_fp=0&v2_track=0&url=2SIqJLmaCt_-s8sQHCcZMPUcWtceeYzUO-jJ1pzr2NzMLND3t0YKNfqlKGgZWQx9JOXJmUfFWI0Z7ZdbRYHV6I5rkFZMefx8cLj2Vr8tbZj7fbHhA7nkv3g2PLyj4v9vQHIHfvFp5MYV2bwnc1CtnJW-Lo1O1O5vFwoWY7YP9gwhdB7npQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&skin_id=2&vertical_id=0&real_bid=0.00413217&pr=&user_keywords=&auc_type=1&aid=401&ext_cid=0&device_theme=light&keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=fdc56a3e-8466-43ea-ac1f-2437a9248519 HTTP 302
https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp

Request Chain 66

https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2749&price=0.00058&is_cpm=0&cpm=0&ecpm=0.0020050895188883154&crid=Brainberries&crtid=d81d5a03f1d219ad08a0bb4282c7dca8&tcid=0&out_id=0&ver=7.13.0&ver_c=&refdom=cricfree.pw&hostname=auc-inpage-hz-3-c&site_id=3131515&spot_id=31515&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1667767325&created_at=2022-11-06&is_native=1&auction_queue=0&burl=qyd7Tnhb7wEWGOA1cEVkIG8WHChDVLPbnRI0nWPAT3zq_vBSAAqDlg&pop_winurl=&ip=178.162.209.140&testab=0&px_id=7331515&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB17-17&min_cpm=5.126275798684744e-05&placement_type_id=&skin_test=0&verify_hash=80c9ece107ed522f964311e6d55419c9&score=81.79400963029482&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D2110042838%26spot_id%3D31515%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fcricfree.pw%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=c&original_bid=0.00058&user_fp=0&v2_track=0&url=TEz3Ub85_kptxyhYFHZnSMu5XXe6zjYsR7Ic5llv1h-3pudRHPQXu2jivuhs72RUQ-8NAaWxjGAalMyIo8Hu9RnFTbDXSn1sC6rv1rJYnjj_q5hLPHKd93HHMl8ObfvlQfnOL3CXABY13TvA2U-wwgpUEotpOHBpkQZs3otg2uycGp63V8qr3x42vPB9NTjiAWhn1SuRKCBZfH6YyM3C7Pg24ngfbSuMjWWTu3cp5xytW-Cz5_tgeAEcVVb_wQ4ddm1Eugq0B1fIuyTgYIehhaFOjHMDzD_KgKrWovH3WDvomdqBYDvi1prS79-3f4XJCztda9F3d8pMiorAlNWPZR_AJrYb3GxsjD_UxlEaMd2HdvyqzEqNl2wiVJLK&image_url=https%3A%2F%2Fs-img.adskeeper.com%2Fg%2F12581074%2F492x328%2F-%2FaHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4YThjNDE2ZDJhOGFmZjU3NS5qcGVn.webp%3Fv%3D1667731325-RyDq-q3cApGIl7SBD6Eq-om_nU2jzPa4qQVc1GQYDYE&skin_id=2&vertical_id=0&real_bid=0.00045907&pr=&user_keywords=&auc_type=1&aid=62&ext_cid=0&device_theme=light&keywords=&format=default-slide-b_r-body&cpa=a1717087-0c46-4ed7-9e39-027ca9960fe5 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515

Request Chain 73

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w

Request Chain 74

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw

76 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bt1 Show response
cricfree.pw/update/ 11 KB
4 KB 173ms
122ms Document
text/html 2606:4700:3035::6815:42d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f18e292da6e248331f150ecf9b6effa903acbe7cadcf175b68cf5da86b32ab0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386c7aed922c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIr6UiidvKAbErYwEyBX%2F7dNpJoaz8rTdWzRIbOfQzRDvu5ZaSfE3kIH%2BKasrDjaqQq54OXZRyG7HOC01H1MjvV8VV8jKDXCUaI98VutnvdzzllgYlaZLKOXSQEMbfqmhIhfL%2Furzkiwhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.2)
x-varnish: 413369887 356557132

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: cricfree.pw
URL: https://cricfree.pw/update/bt1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 09:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 09:24:32 GMT

GET
H2 200 close-ads.png
cricfree.pw/images/ 1 KB
2 KB 117ms
116ms Image
image/png 2606:4700:3035::6815:42d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cricfree.pw/images/close-ads.png
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8971375d4c672bf14e4a54be807ae4df6c31e2ac45baf217eb216356129fcdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/update/bt1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1193
last-modified: Sat, 07 May 2022 15:01:48 GMT
server: cloudflare
etag: "627689dc-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZODPeaVnaYNBo1loHCYee195hYb5TlN4wvTKK23GEfTlc%2FphnfAbB42WWvWiMGRK%2BAdRhbJRKitOZs2dX%2FlwBMFQ7vpkRtm6KdVNi0RbS9I%2BW1MQk6PXemGpe3rPn0f9RVh1k5J7RwVYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 213816186
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 765d386d3c39922c-FRA

GET
H3 200 dab.min.js Show response
cricfree.pw/js/ 11 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:3035::6815:42d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cricfree.pw/js/dab.min.js
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:42d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8411c291ce76ba4fc168aff129da83e7193dedd181b468436bb27157d817b46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/update/bt1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
via: 1.1 varnish (Varnish/5.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Apr 2022 13:48:12 GMT
server: cloudflare
etag: W/"6254319c-2bdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwgIikCbyBWW%2F8pauuAO0Vc7m9nBMWrCqrIQY2LdnWBv896MXeXTa%2FlEfQR7Q6I0B2nLgHNmLzQykRTv3Lmln1wOWceo5%2Bvi4yWWFj2p9%2BUoalMHvvJOQ5%2Bi35cqdx9SDLklqJx0DvNMag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 103426126
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 765d386dacd0995c-FRA

GET
H2 200 300x250 Show response
4dsbanner.net/banner/static/ Frame 65D6 250 B
694 B 97ms
56ms Document
text/html 2606:4700:3034::ac43:b2a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://4dsbanner.net/banner/static/300x250
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b2a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97867cc54a1e7ae0de8fdcc7e3c8ac1b606c63d186cc529d26b3c24ef7306e35

Request headers

Referer: https://cricfree.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386dfec86939-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7I0si3G3Cv90w9tgttTQvFPJFLeFiFGHU3L1DT4jQZ7uVqXsrqazYBWPl9p9LT3BG6552mfFc4Ni%2FP329afAaaUcmk7aFuRef8FDbtmqBRVkQZ%2FgNRUuQHqid10I2t1hbiC%2B2qs1qU6xjey"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 728x90 Show response
4dsbanner.net/banner/native/ Frame FE99 248 B
500 B 111ms
71ms Document
text/html 2606:4700:3034::ac43:b2a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://4dsbanner.net/banner/native/728x90
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b2a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2b19cb3a6b3ff4eb3047150c8a044fb1205c17b9f9824a81c2c9235e865f05

Request headers

Referer: https://cricfree.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386e0ecb6939-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcq68u8YPXjDSV%2FnuDZVB%2FHI6bSR%2FiVHTxYG5nwVWqToBrurihkRaXpeHDgusc%2FEGA%2BfqOWk9%2FabFpK40qaxKuUl8gqjWDrnV9TOJ%2FlQX%2BOXLRM3QJzWN4MnUe7C0E3L%2B7uSU2pew9tmm9G4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bt1.php Show response
stream.crichd.vip/update/ Frame EDF6 1 KB
976 B 167ms
133ms Document
text/html 2606:4700:3031::6815:888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.crichd.vip/update/bt1.php
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: a24d667576c16edf12d9700634499efa715c8854cb2cd85511162790ba4944ac

Request headers

Referer: https://cricfree.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386dffbb9b21-FRA
content-encoding: br
content-type: text/html
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXIqvPjs1X6dhqn9MRONiXusumvmK6qD9NPhFbddfNJlWIT3m3uYiqb0Bwmvl0i3gs4t8TZZGuHrKZy8USWSElm7BOjgDiIt3fJ%2BR%2BLyDq68YYHT7mDDyeTkodd%2B3UB4HaH65NQLnL4OSxzl%2FHvXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
54 KB 91ms
48ms Fetch
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cricfree.pw
URL: https://cricfree.pw/js/dab.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e7c5257a418d2e0443211633b1dfbc36812a72ec9f73f313096ecefebb0e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55228
x-xss-protection: 0
server: cafe
etag: 1732045442113744308
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Nov 2022 10:42:05 GMT

GET
H2 200 0a348d3f46c951ada0c150d7d5043bb9.js Show response
0a9f0fde99.3bcd202415.com/ 92 KB
34 KB 56ms
8ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f10953260c9ddeedd18d7ca3ce3cd3b16e97461dff4d178d4cf4159e5dd73069

Request headers

Referer: https://cricfree.pw/
Origin: https://cricfree.pw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 06 Nov 2022 10:47:05 GMT
date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 13:27:00 GMT
server: nginx/1.18.0
etag: W/"63611ea4-171bc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 44045 Show response
0a9f0fde99.3bcd202415.com/a401b5bb4b6b0804bdacecabf4cddf7e/ 874 B
1 KB 81ms
81ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0a9f0fde99.3bcd202415.com/a401b5bb4b6b0804bdacecabf4cddf7e/44045?version_name=c
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bec822f91e7e14ce5a2bb23bdc971b9c5f7d63a63a0c63aef9baa5bf0082d0fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 06 Nov 2022 10:47:05 GMT
date: Sun, 06 Nov 2022 10:42:05 GMT
server: nginx/1.18.0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 874
x-proxy-cache: EXPIRED

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 27ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 06 Nov 2022 10:47:05 GMT
date: Sun, 06 Nov 2022 10:42:05 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 banner_300x250 Show response
dramacool.tube/ Frame FFAC 214 B
656 B 117ms
73ms Document
text/html 2606:4700:3034::ac43:959a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramacool.tube/banner_300x250
Requested by: Host: 4dsbanner.net
URL: https://4dsbanner.net/banner/static/300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:959a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c84d8894b17c340c1c398af71a4b2f6c7fcb1b1b446479576a0e58b3d2583d

Request headers

Referer: https://4dsbanner.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2922
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386edb82163f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztD0yF6%2F7gsSq1e6BVUCwadbhLdZpeZ%2FonfV%2BlX83D%2B5tdo8RCJgtLXNsV07N3Je5fGlgH%2FwW8FXjDxVtCFvwsRgVD2unIPY2g%2F%2BdQ0B%2BT8dmjc2iLjnsfSXaSM%2FYOQcPrGaVBhKhA5rgKgpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.2)
x-varnish: 412976845 366167338

GET
H2 200 banner_728x90 Show response
ww1.9anime.vip/ Frame 11E5 220 B
664 B 326ms
269ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.9anime.vip/banner_728x90
Requested by: Host: 4dsbanner.net
URL: https://4dsbanner.net/banner/native/728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d666277aef4f050cbd97cd374d7c4f1851053730af2aaf94e533cef1a831b5f

Request headers

Referer: https://4dsbanner.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386ee8069247-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GSRV06EG1zEXt8vx4x97qBld7OK5Wn38FO1%2FnCmBbz5cY8KXmFh2CzCL%2B4DLyejbwf9mkVMAwvB9rNJB7ivbLCloBpFVvgU6vhEXrRL8ZUoFDEwCgSrwwkfAqyrF5q%2BIwoiJng3Yd43LZwnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.2)
x-varnish: 402887571 404196332

GET
H2 200 gcrichd.js Show response
gocast2.com/ Frame EDF6 1 KB
1 KB 57ms
24ms Script
application/javascript 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/gcrichd.js
Requested by: Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d145ad36fca557bc8c44ecbe631e295982f084cd123850b51177225766bf3825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Nov 2022 03:24:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2510
etag: W/"636728e2-4df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDIjpYlMPlky%2BUpxC9986EuVEbMo1HdZGRwEZ%2BQ9e7t7AidQeQ0v2PYT10dVhoMR8Ql%2B%2FPY8Q%2BFSttoN9sLVujHwcQxa0ONX5aKH0N9BqdG6OvP8%2FU%2FtM3WPK6OiH%2BcMGB3tKXsNNy390A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 765d386f3af89b64-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 z-5214935 Show response
stream.crichd.vip/ Frame EDF6 938 B
1 KB 174ms
155ms Script
application/octet-stream 2606:4700:3031::6815:888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.crichd.vip/z-5214935
Requested by: Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:888 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7a1c53396e4e1111eed4ffb4e61be65eeaf667df61dc855aee4aad738b471a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/update/bt1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 06 Nov 2022 10:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636785dd-3aa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e6%2FJvMikyH5Gqo5SDrMKxbmDPxkKN3irX6PeVDmZ9eY4SiSzpxVG9fuHLWNQKtNiEJ8zmz%2BDgdA0IrFPtfXnF9BzTUHEvfggznM5F0V0g6alB1EqKjrlDPfTwbZpZi%2FZq3XRhCsKG4y3tCXD0pzww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 765d386f1be09bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 67ms
11ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=44045
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cricfree.pw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://cricfree.pw
Connection: keep-alive
Date: Sun, 06 Nov 2022 10:42:05 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 28 B
400 B 91ms
68ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=44045
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b25bb52b1e268a41258688299cd14fd3d9b3dec26f35fdf978f54cf28b1d59cd

Request headers

Referer: https://cricfree.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sun, 06 Nov 2022 10:42:05 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://cricfree.pw
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 28

GET
H2 200 track Show response
633678338f.3cb004e947.com/in/ 0
207 B 53ms
23ms XHR
text/plain 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://633678338f.3cb004e947.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjI2Nzg1MTM0ODM0OTg5NTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE1LjEiLCJ0YWdfaWQiOjQ0MDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiUGxheWVyJTIwIn0=
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:05 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 a92613f64e707b0d9422cc699cecabc2.js Show response
0a9f0fde99.3bcd202415.com/ 263 KB
67 KB 22ms
7ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/0a348d3f46c951ada0c150d7d5043bb9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 45743d79e226db1759aaf6452e4a5325ffe6f1687de1f53f5eac3e8c0a3d41b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 06 Nov 2022 10:47:05 GMT
date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 09:52:54 GMT
server: nginx/1.18.0
etag: W/"63638f76-41bd2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 2003357 Show response
ad.a-ads.com/ Frame CFAE 12 KB
5 KB 78ms
24ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2003357?size=300x250

Requested by

Host: dramacool.tube
URL: https://dramacool.tube/banner_300x250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

63f8444c5cd956ff39912d8f8ef003d279928cabafbe62384c04ddf65a113712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dramacool.tube/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 06 Nov 2022 10:42:05 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://dramacool.tube/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 gcrichd.php Show response
gocast2.com/ Frame 5834 130 KB
49 KB 153ms
114ms Document
text/html 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 8e321c1922f280086b0eb381999f9d90eeb334c6143784fad5d2b3de233c72ef

Request headers

Referer: https://stream.crichd.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765d386fab529bf4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 10:42:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thTtagxP9Ap66jnqXf3A5OeIk8oqp1s%2FNVhjnl36J3EpJ1VN%2FhUuCdKr4Esl0fV1R6fygqs4x7RQZ%2BhtXhuG1ZAT3fRV98BTZbiI57r36%2B%2B2BGF2oANKBObJUeSh0v12pzx%2BjD9%2BPQLjkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 151ms
15ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=0&event_id=1049e986-b3e8-4f5f-911c-04be9f36614b&subid=2110042838&sid=3918551584&spot_id=31515&created_at=2022-11-06&timezone=0&ver=7.13.0&is_native=1
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:05 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
65eb50053b.3cb004e947.com/in/ 13 KB
13 KB 1170ms
1169ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://65eb50053b.3cb004e947.com/in/multy
Requested by: Host: 0a9f0fde99.3bcd202415.com
URL: https://0a9f0fde99.3bcd202415.com/a92613f64e707b0d9422cc699cecabc2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 189dc16cc18c1cc5d571b94e745e9f55f84d4c30b117498d7f5ebf8c779caa44

Request headers

Referer: https://cricfree.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:06 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 13247

OPTIONS
H2 204 multy
65eb50053b.3cb004e947.com/in/ Frame 0
0 46ms
10ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://65eb50053b.3cb004e947.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cricfree.pw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sun, 06 Nov 2022 10:42:05 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393780/ Frame CFAE 609 KB
610 KB 55ms
22ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2003357?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
x-amz-version-id: jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4
last-modified: Tue, 31 May 2022 13:36:40 GMT
server: nginx
x-amz-request-id: 02FDADRGGR0ZDXHD
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: JPyRBEag82LALOcmJzFwaevqQqGg8iM5pew/0wkhf7b/MCsRMki9uz1N67f/h2Oo5Esdw4xOhXs=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame CFAE 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bootstrap.js Show response
superfastcdn.com/script/ Frame EDF6 98 KB
35 KB 71ms
37ms Script
application/javascript 2606:4700:3032::ac43:bbd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superfastcdn.com/script/bootstrap.js
Requested by: Host: stream.crichd.vip
URL: https://stream.crichd.vip/z-5214935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2344
x-guploader-uploadid: ADPycdt4b_PWjJRXIJiq1hdJwjcyLXpmhv8hZJ6_nF_IuOV6vEkU7kObu9aD4i-O1PnZ5ivx0bzdJrOUPkZu6ZtmV38V9sIyKmbb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626315119008
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df39N7N5mtSpe3XBlHs7Gy%2F%2Bt9GX9OvuLNDSejsVXaV4rcTCw7YPKWFtBPuzVgF7hfBgbAFYiTCHsgZr7o5JcHluWz8KEEqKws7hYss611V9ibUD9W3PjftqjiV2iMX8mowdJl6nSwmAPsGdw9mj"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100523
cf-ray: 765d38704f2d9271-FRA
expires: Sun, 06 Nov 2022 10:48:59 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame EDF6 11 KB
5 KB 115ms
17ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/bt1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:32:55 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 797541927

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame 5834 85 KB
30 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 04:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30281
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 04:35:50 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 5834 36 KB
11 KB 49ms
25ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 26208578
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 48135f30fbfcba704628453df5764d8f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 765d38709abc92c6-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery-latest.js Show response
code.jquery.com/ Frame 5834 276 KB
82 KB 2063ms
1983ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.js
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-4508e"
vary: Accept-Encoding
x-hw: 1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds254.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H3 200 embed.css
gocast2.com/css/ Frame 5834 537 B
698 B 27ms
24ms Stylesheet
text/css 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/css/embed.css?ver=1.4.4
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 09:08:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2502
etag: W/"617bba25-219"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6YFtu7SCWFDYZF7L1rGLSyMXwuolDB0EpIX7Ihs4CI3FiiVKl3OWA7nEJlI%2Fk5QQzlXb2ThA6XVDAV%2Bw5PjKuD6VtbjHtOzOawN9slZ1KA0kQACdFXV0%2FoLqK0eb4kboD%2FZdD84nZjWIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 765d38707d9d9bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 5834 94 KB
33 KB 2078ms
1998ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
x-hw: 1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds154.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ Frame 5834 7 KB
3 KB 2086ms
2007ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1c1f"
vary: Accept-Encoding
x-hw: 1667731325.dop161.fr8.t,1667731325.cds166.fr8.hn,1667731325.cds161.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H3 200 site.css
gocast2.com/css/ Frame 5834 199 B
596 B 27ms
24ms Stylesheet
text/css 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/css/site.css
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 09:54:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2509
etag: W/"617bc4e2-c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMDJmHHAzOgzD%2B8b33DxbIEsCQjqXbFAHJzZCBTvnWYo87q7PzqSllmx9mdCjycHfr%2B%2Bt8luGkZr6HcHe%2Bo%2B9YXZ3x24voDLaQgTwd1il%2FtLgZtYgTd081bTx56pKp7AdPV1Fd9kNIl5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 765d38707da09bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5834 513 KB
139 KB 60ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 933
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViJegrmyBBoyrpNz6BBHVobzQ6zL79wMnWp6bO1Hf77qcoGH1%2BRxcNkdI%2Bb9w%2F9LQ%2FuygNvSTvlGFd3oCGttbU9x5knld0vL8r%2BPh3wXqITBdupFvO6gKqv7EXzjDlyhwe61T%2BnmujrewzjBglc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 765d38709e9d929f-FRA

GET
H2 200 p2p-engine.min.js Show response
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5834 186 KB
57 KB 52ms
24ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5068bf4d0038f2fb3107d9e6fc326922073b8ac3bcaaa1724391f54f89b938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8201
x-jsd-version: 2.5.1
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230033-FRA, cache-yyz4568-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2e94b-GaSKxxXX+FG4zeRkuruQuN50UKE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LXIQ5YJD4kJGhMg%2FSNEQnU%2BGpZAQTcQ%2FoIdyhZ1n7kjI88u0uHbrulX9RGwIA5ziuhrJBjcCrVqy8aOpXLmoc7b8I9ZKkc3y42PofDy%2FxJOzGz1oyz6df5nP33yjAK2Bw9ANkLzf7sO7V4JaVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 765d38709e9f929f-FRA

GET
H2 200 clappr-p2p-plugin.min.js Show response
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 5834 3 KB
2 KB 49ms
21ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18927
x-jsd-version: 2.0.2
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA, cache-iad-kiad7000110-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLwU5dlpm4dT1CqediBAMEKJIPadW7P3WzNxaDMkrrQo7sGCYh9YLZHmiJW29yKY0qv33YkZx6r4a%2BYupmz5gDRm%2FxBYarmP6HwPrwv8O%2FlgotxhCbuFf%2BHHWgM9RSrFHs4mClP6uc3EweaoBxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 765d38709ea2929f-FRA

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 5834 30 KB
11 KB 51ms
23ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15329
x-jsd-version: 0.3.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-itm18844-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6K%2B9F9hZVw5WN%2F0%2BSxyJB%2B%2B3DAs8ExfoFHXHVcRTShTSmJJtN3XeVL7gZIr6KLG%2BqCUo3YArT%2FbP34ZhtnXXKqhxuUuGP%2Fo0TtPKZ3P4CR%2FieDSGxiw1hZlOglhkGZKVpvjWEcGd938UjkKGbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 765d38709ea4929f-FRA

GET
H2 200 / Show response
d27x9po2cfinm5.cloudfront.net/ Frame 5834 162 KB
53 KB 216ms
170ms Script
text/plain 2600:9000:237d:e000:14:63a1:c340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 009addfcb02e1b173a6dd6cc83a82417f8b23c971480d87600473d9997779a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53944
x-amz-cf-id: tmuSaHIwQYhzEGSvxY8vpqqyGCcXEwr3zam1zCqfzzrD4ebyVfF4Fw==

GET
H3 200 z-6330442 Show response
gocast2.com/ Frame 5834 938 B
1 KB 60ms
59ms Script
application/octet-stream 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/z-6330442
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88d3c35ed4dacca7d4ae8ca43494e21618390d22dd7dfdce2c8a2b410f39c876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 06 Nov 2022 10:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636785e0-3aa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFWS%2F357lVO0sOHtisYhy3tTJjNLUpF2xPNY8PM7cVJTsEdsnnuaJyPpVVStXm5rB9Wuh4uWtPd1X9LbM%2FpEfhYmYVgwkWeQjHDb9j%2BBsYCxULywgXrG9YngGpsu1G7nGDRkMFCJRUUGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 765d38708dc89bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938

GET
H3 200 ut.js Show response
superfastcdn.com/script/ Frame EDF6 70 KB
26 KB 49ms
34ms Script
application/javascript 2606:4700:3032::ac43:bbd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superfastcdn.com/script/ut.js?cb=1667731325567
Requested by: Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsl6utTBTX3CF_v6j20qQioSCFwS_tC1Q6FQL47I_5hNAeLccduh7Iu96YYlrZDZ2n0joUvmTFJPTFBm7dn8DVWrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwDtbX1dAnSPQKBp%2BEHRCuDp0UcRSUuHqGSfwXdsOrnHpoDwQGTEXsZ85C7BwNRaZKDqpyFBgZD7i5WYI3O6vL2YpDntcCJVFymiumRHIbU%2FvwCvyNxIMSKO01Q5cdNmkhFt7ASCse4BR5BDV6qa"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71356
cf-ray: 765d3870fe976931-FRA
expires: Sun, 06 Nov 2022 10:53:55 GMT

GET
H2 200 1804593 Show response
ad.a-ads.com/ Frame 5A3A 12 KB
5 KB 33ms
25ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1804593?size=728x90

Requested by

Host: ww1.9anime.vip
URL: https://ww1.9anime.vip/banner_728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

4bfa8a7a3679231faaa4477043ad1065e09f4a9acb54856484da6dedb8e41471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww1.9anime.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 06 Nov 2022 10:42:05 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ww1.9anime.vip/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame EDF6 1 KB
1 KB 264ms
203ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5214935&cbur=0.5166918466757926&cbiframe=1&cbWidth=682&cbHeight=490&cbtitle=&cbpage=https%3A%2F%2Fcricfree.pw%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0&chmob=?0
Requested by: Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2dd3ccdaf97312cae5795da4f1003b9bdb569a10076b80e7dfdbaf08b32bc728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Nov 2022 10:42:05 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame EDF6 53 B
187 B 325ms
99ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4599824&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fcricfree.pw%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:169256149&@b3:1667731326&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fbt1.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: c27b19d10fc675cfeef8c03f43008192ec4cd69556ad0d994b21826be7d57da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stream.crichd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 10:42:05 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame 5A3A 674 KB
676 KB 55ms
39ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1804593?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:05 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: 0VE498QY9AD8TBY9
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: LPkLhpcZSj7pYO7qwZ3hpa80oERL4dC9QjUWYTfI0GGCOwvQjQv+p7WrIj001CFOHYzsTfj3MY0=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 5A3A 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/
Redirect Chain

https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2255&price=0.0049&is_cpm=0&cpm=0&ecpm=0.50551592...
https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp

1 KB
1 KB

100ms
12ms

Image
image/webp

168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:06 GMT
last-modified: Mon, 30 Nov 2020 08:59:32 GMT
server: nginx/1.18.0
etag: "5fc4b474-41c"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1052

Redirect headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:06 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
location: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/ 5 KB
5 KB 144ms
11ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cricfree.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:06 GMT
last-modified: Mon, 30 Nov 2020 08:59:32 GMT
server: nginx/1.18.0
etag: "5fc4b474-1208"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 4616

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EAD 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4Y...
s-img.adskeeper.com/g/12581074/492x328/-/ Frame 0EAD 46 KB
46 KB 109ms
28ms Image
image/webp 2606:4700::6812:42a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/12581074/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC85YWRiYTYxOWY0YzFjYjk4YThjNDE2ZDJhOGFmZjU3NS5qcGVn.webp?v=1667731325-RyDq-q3cApGIl7SBD6Eq-om_nU2jzPa4qQVc1GQYDYE
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22dc44a33d600dd6f5e0eced981ee4961decd62d6aa58e4cf3c96f907d3132fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:06 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:41:42 GMT
x-mg-request-uuid: d0fb157e-3b63-4bdb-92aa-d69f895a5089
server: cloudflare
age: 5633035
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765d3877bdf6bbaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47266

GET
DATA 200
OK truncated
/ Frame 0EAD 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

c
c.adskeeper.com/ Frame 0EAD
Redirect Chain

https://65eb50053b.3cb004e947.com/in/show/?mid=1094762785&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=2110042838&sid=3918551584&cid=2749&price=0.00058&is_cpm=0&cpm=0&ecpm=0.0020050...
https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a...

43 B
247 B

83ms
50ms

Image
image/gif

2606:4700::6812:52a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515
Requested by: Host: cricfree.pw
URL: https://cricfree.pw/update/bt1
Protocol: H2
Server: 2606:4700::6812:52a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:06 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a4671a1e-13f8-457a-8ad6-99627af5c060
server: cloudflare
content-type: image/gif
cf-ray: 765d3877a8a15bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:06 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
location: https://c.adskeeper.com/c?pv=2&v=0|0|0|ICajudwi72RQfXNAj6oUMHM9n1u4v6F4i4EN51E1qg7VWRtj5cBzX1kgtORJogNh3DOJQ20nJZGAC-M6KyysfA**&cid=1156384&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=a7f225f4-5dbf-11ed-af5a-e4434b15122e&psid=7331515
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 asd100.bin Show response
pogothere.xyz/ Frame 5834 100 KB
101 KB 46ms
16ms Fetch
binary/octet-stream 172.64.106.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Nov 2022 10:33:08 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://gocast2.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjKYZOFm2BE3%2FHbwhLrruyQBzfEKqk1RqlATaUgJo0EYQlzk0XnyrLFgfoXYFedYz0rAA8eJltJMWPI8%2Ba9EMaTah1C3ePGYdPUy4hX9AbmaWVkfYlMEpFLXFOVsb2tV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 765d387e48539078-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ Frame 5834 26 B
369 B 142ms
112ms Fetch
text/plain 172.64.106.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb56d22065e13ede08f7480ab3bfc0c46264f0070c3af3081b80349220d5ed9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY4j4v5N3PGN8F63FBxKkDwCdTe%2FHinMEDE0xvd4g6E8jEOeBSPjXYGjKYdcyYvLsTDUGlaNtuaV%2FeIhsOobbvYPbLkxDNv2xQ00rdITsyqGqa3yIQLZG5KS4aeHE64%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://gocast2.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 765d387e48559078-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
anwhocam.xyz/ Frame 5834 0
485 B 128ms
98ms XHR
text/plain 65.9.66.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anwhocam.xyz/utx?cb=3Bgd8YG8U7Zd&top=gocast2.com&tid=969390
Requested by: Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-33.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:07 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://gocast2.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 7ocZI4zjzjf7An4G7ptz_Azviy2b2TsRt7bmSotJ4cSJwrjWZhE7SA==

GET
H2 200 Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkP... Show response
anwhocam.xyz/ Frame 50B0 3 KB
2 KB 105ms
99ms Document
text/html 65.9.66.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Requested by: Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-33.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e5b37e08160ce322948052d44c51f3229577a4e7025a7b3af0783e608c9c9dc9

Request headers

Referer: https://gocast2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1231
content-type: text/html
date: Sun, 06 Nov 2022 10:42:07 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-id: Qa0iLFmDW7wua8Ifcxqhdoj_gZ5aEXE5lAHU9bJOz_0G7PtmA7d6gg==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 204 Vh02CiFNUi5Rf15HbEJ9QFppSjtNRX4YPhETZV1oAAAsAHNBQm5beUNFa155Rk1g
redanludb.xyz/WGxOcHR3Uy0DSQ0qPiYjDAAgEiMOHg0dPjc1I0A4Al46GhYvKWgEHTxRd0ZNa1V+VgQxCHNBUisYLwQBK1F/ Frame 5834 0
411 B 158ms
113ms Image
text/plain 172.67.138.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redanludb.xyz/WGxOcHR3Uy0DSQ0qPiYjDAAgEiMOHg0dPjc1I0A4Al46GhYvKWgEHTxRd0ZNa1V+VgQxCHNBUisYLwQBK1F/Vh02CiFNUi5Rf15HbEJ9QFppSjtNRX4YPhETZV1oAAAsAHNBQm5beUNFa155Rk1g
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69YLnZsWQjFrEGzQaY2a5ajnBrmc%2BI0stxkS5KmiAS%2F1Z1wHewJaRMVB%2FFEFvZfu8ItzJjjjz%2Bpc5hHDWrYBhOrSX%2FIMM5p8iQfC%2F4LGM9s%2FizGXq7MS7%2FGV7wnwCIjj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 765d387e8ae1b8ba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ Frame 5834 0
0 189ms
158ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/ Frame 5834
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...

0
0

55ms
33ms

Image
text/html

2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Server: 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date: Sun, 06 Nov 2022 10:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aVNe9g52-XqQs8RAXlxV0g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/ Frame 5834
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

102ms
67ms

Image
text/html

2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Server: 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date: Sun, 06 Nov 2022 10:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xut1At0M-xHv8icTyiu5dw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
d27x9po2cfinm5.cloudfront.net/ Frame 5834 162 KB
53 KB 217ms
188ms Fetch 2600:9000:237d:e000:14:63a1:c340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff6b56b663dfd32dc3ecb48f3cef1d167bd48a62d23fe239de52ebcb5d898792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: gzip
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://gocast2.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 53943
x-amz-cf-id: Ygr1AAGvBb7K9OBPxovo__t8ZcSteNXyu6dJI3KpQmjUhacBj_hX5Q==

GET
H3 200 bootstrap.js Show response
superfastcdn.com/script/ Frame 5834 98 KB
34 KB 20ms
19ms Script
application/javascript 2606:4700:3032::ac43:bbd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superfastcdn.com/script/bootstrap.js
Requested by: Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2482
x-guploader-uploadid: ADPycdv6ZB2WhmWCPa_u0F9c9EuXkW3AgM7PIcuOjXMKXaODxuBZsGTwgtJmnivLnqW-0hJE5IZEacSFPOnez6_pY9NZDE-BUEh9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626315119008
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcoM6U3aY7lMnq92bKp1xzjtadFZC1rnMHKQyhi5Ems0u5N9dS1PC1CTwaTWQBCOR3Q8MAQYMHKwMDdIa5CbRR4ruu6TIivTUovmsXgFo5slm8pj4YRGMw1I4c48597vEoSk9tS29KjQ3EvzcNa6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100523
cf-ray: 765d387e58066931-FRA
expires: Sun, 06 Nov 2022 11:00:28 GMT

HEAD
H3 200 gcrichd.php Show response
gocast2.com/ Frame 5834 0
465 B 67ms
66ms XHR
text/html 2606:4700:3030::6815:42d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPtJ%2FISKWrdSfF3a2Nr9F9mTEnUOGxs%2BTqFe8RekABDr3JK5HNnsUvNO65GmFos0ra4DO%2BN%2Bcy4zXYkNAG44zbtijCn3L%2Brcxbis79MY%2BROmY0xD%2FSAZSP6qLr39eSxBeFR3o%2BJYpV6D1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 765d387e9ce69bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 / Show response
waufooke.com/5/5492412/ Frame 5834 0
432 B 66ms
26ms XHR
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://waufooke.com/5/5492412/?oo=1&aab=1
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 06 Nov 2022 10:42:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gocast2.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
waufooke.com/ Frame 5834 72 KB
23 KB 65ms
25ms Script
text/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://waufooke.com/tag.min.js

Requested by

Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0ca8067ecda32d8eb63804ae83f2183c3ae3c49e9c05eaa50e15dc46f0735ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 23234
x-trace-id: 55fb8feb4b27627050b02ef643205b89
pragma: no-cache
last-modified: Thu, 03 Nov 2022 15:02:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5834 11 KB
5 KB 19ms
19ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:32:55 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 797541927

GET
H/1.1 200
OK bbtsp1.m3u8 Show response
go2.gocast2.com/hls/ Frame 5834 551 B
1 KB 67ms
14ms XHR
application/vnd.apple.mpegurl 37.49.224.221
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://go2.gocast2.com:999/hls/bbtsp1.m3u8?md5=mM9VAdlAc4e-N7DfWOXYjg&expires=1667738510
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified: Sun, 06 Nov 2022 10:42:06 GMT
Server: nginx/1.20.1
ETag: "63678f7e-227"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 551
Expires: Sun, 06 Nov 2022 10:42:06 GMT

GET
H3 200 ut.js Show response
superfastcdn.com/script/ Frame 5834 70 KB
26 KB 34ms
33ms Script
application/javascript 2606:4700:3032::ac43:bbd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superfastcdn.com/script/ut.js?cb=1667731327807
Requested by: Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:bbd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsl6utTBTX3CF_v6j20qQioSCFwS_tC1Q6FQL47I_5hNAeLccduh7Iu96YYlrZDZ2n0joUvmTFJPTFBm7dn8DVWrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGVvF7UrkRicXUmqzExg56mv9tWh8HuDPbIyUEbS3w8BGLEvLJIMeuuoayx0b5fyMpE9EB6qlZO5BDEBK5uW7AzxB%2Bd0yIhyw7p3fkH10U6YB2mcwSTcbgFg4itrVcjEUmbELUDbrFnidG1rQ18R"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71356
cf-ray: 765d387ec8f96931-FRA
expires: Sun, 06 Nov 2022 10:53:55 GMT

GET
H3 200 suurl4.php Show response
youradexchange.com/script/ Frame 5834 1 KB
845 B 241ms
204ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6330442&cbur=0.2322429278330631&cbiframe=1&cbWidth=666&cbHeight=474&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=superfastcdn.com&aggr=0&chmob=?0
Requested by: Host: superfastcdn.com
URL: https://superfastcdn.com/script/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 02b2fcb691a3fa30071661e849e9ac1cc1b196b9ef16f33eed152aaa2bf5bb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 5834 54 B
188 B 301ms
97ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4704973&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mgocast2.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Fstream.crichd.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:94838076&@b3:1667731328&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgocast2.com%2Fgcrichd.php%3Fplayer%3Ddesktop%26live%3Dbbtsp1&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: 56c7a8a04536db7cf11a22e100adda99fe0199f9c041f874b6e00c2a26960942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 10:42:08 GMT
Connection: close
Content-Length: 54
Content-Type: text/html;charset=UTF-8

GET
H2 200 aHMQYw1jcQUnJih1AXV8BGYHYDdwdxx1fX-YiRSAjIzRQMiQvNxBiCXNwAn58cGYHYGctK0E9I2NxdnV9di9cOypjcQU3KiUoWnlqdHNWOD0pLlB1fQByBWdhdm0AY39ybQ1nanRzRjEpJzFcdX0AdgZnYXV1EyVydw Show response
d27x9po2cfinm5.cloudfront.net/4UE9GQzUzICglCiQmIn4MZnZ1egV2JTUsWyByFhJxPz8HN0YlNTcnEyQ1In4FdiMnLVJtaSMtVm1+YCJRMnJyZUEgIC1+UCI+KyBSOT0wLxMlLnsuWiomKi9UdX0AdhtganRzHScmKCdaJzxjcQU+O2NxBWF/ Frame 50B0 664 B
759 B 178ms
173ms Script
text/plain 2600:9000:237d:e000:14:63a1:c340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d27x9po2cfinm5.cloudfront.net/4UE9GQzUzICglCiQmIn4MZnZ1egV2JTUsWyByFhJxPz8HN0YlNTcnEyQ1In4FdiMnLVJtaSMtVm1+YCJRMnJyZUEgIC1+UCI+KyBSOT0wLxMlLnsuWiomKi9UdX0AdhtganRzHScmKCdaJzxjcQU+O2NxBWF/aHMQYw1jcQUnJih1AXV8BGYHYDdwdxx1fX-YiRSAjIzRQMiQvNxBiCXNwAn58cGYHYGctK0E9I2NxdnV9di9cOypjcQU3KiUoWnlqdHNWOD0pLlB1fQByBWdhdm0AY39ybQ1nanRzRjEpJzFcdX0AdgZnYXV1EyVydw
Requested by: Host: anwhocam.xyz
URL: https://anwhocam.xyz/Y0N2TTACIRUgDwJ+FGtFES9LaAIlZkQLVFF0DnRADHEVK1kNLkNjUw8sAylWESwYOR4NJgJoAiV3IwgJJBIMGEoqABEhcwoSGwReVw4sI2pSJhEbAikXIz5nGgEPC1gpOyY3CCsNRhRcLRcVI3UaEkcEXlcFEiR9DQ8gB0QCEDs5Zg5yU39yOgA8H30NCQ8XZSYkPw4BRnE0GHMqZkQPexoBJQJkUzQ6NX0PDxg+RTQqGSB7CnojKWhTAhIlRAQiGB9KKxAVIHsgJxcHShspFRxlRnE0AgItOzQadkZxMCx4LhIvOgEJICcYXikqHnxxOxVOD3c6Cy8JVBQnDjUBBRtbFFkxEDcneRkRJwBZMjU4NXIKAC4DRyItQ3VTJBo+FHcANz19dVoKRANIBy0gdFQKehUCSRMpFRxlUAgfGF80LRo8VCsNIQJ0UzM6IXJSJScPSSEUEiVUDnM3FANaOhQcAQ0iGB9KMSkzPXoZBRUpaFMCEipqDRouGwEmOiA0VBRlHD5fDTNLHWEnLAYMRBA2DDxU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:e000:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: faa03c7fedd07d4259ce8cc60aec3f837a15c74275a74781fc581d336ccaf997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anwhocam.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:07 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 482
x-amz-cf-id: Q2dj6cvaEJGGW6WYwGBjLgAyTRtL_krVeF6bR2TvyMLheYOe_Y8RHA==

GET
H/1.1 200
OK bbtsp1.m3u8 Show response
go2.gocast2.com/hls/ Frame 5834 551 B
1 KB 15ms
14ms XHR
application/vnd.apple.mpegurl 37.49.224.221
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://go2.gocast2.com:999/hls/bbtsp1.m3u8?md5=mM9VAdlAc4e-N7DfWOXYjg&expires=1667738510
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified: Sun, 06 Nov 2022 10:42:06 GMT
Server: nginx/1.20.1
ETag: "63678f7e-227"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 551
Expires: Sun, 06 Nov 2022 10:42:06 GMT

GET
H/1.1 200
OK bbtsp1-23636.ts Show response
go2.gocast2.com/hls/ Frame 5834 650 KB
650 KB 53ms
37ms XHR
application/octet-stream 37.49.224.221
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://go2.gocast2.com:999/hls/bbtsp1-23636.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0227e73bbc82473c853accd160b3a4ceed0a02f04d10c5e348c66d7366e86f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 10:42:07 GMT
Last-Modified: Sun, 06 Nov 2022 10:40:49 GMT
Server: nginx/1.20.1
ETag: "63678f31-a26f4"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 665332
Expires: Sun, 06 Nov 2022 10:42:06 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 5834 178 B
334 B 65ms
15ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 9360d6dc1a2fdec65b711956b244c4e78cf8f09a210ae84cce9ef0677fff42bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 06 Nov 2022 10:42:07 GMT
Content-Length: 178
Content-Type: application/json; charset=utf-8

GET
BLOB 200
OK 41ddff42-5110-449b-bdb3-84c77c3d6828
https://gocast2.com/ Frame 5834 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gocast2.com/41ddff42-5110-449b-bdb3-84c77c3d6828
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H3 204 dW4weUVaUVMKeBY2chMgGwJ3K3Q7J2MSCzY4dUwJJwV2LxEwKxYNLBFTCU98RlcAXzUcCg1IYwYaUQ0wBlMDSXVESFkXIxpTAEl1REhGRHRbXQRXdkVAAV8wSFkBQHNDVgZPdkNXAUlxQEhECSQSUwFfNQEaXER0Q1gHTnZEXQJOfEFd
redanludb.xyz/ Frame 5834 0
430 B 135ms
115ms Image
text/plain 172.67.138.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redanludb.xyz/dW4weUVaUVMKeBY2chMgGwJ3K3Q7J2MSCzY4dUwJJwV2LxEwKxYNLBFTCU98RlcAXzUcCg1IYwYaUQ0wBlMDSXVESFkXIxpTAEl1REhGRHRbXQRXdkVAAV8wSFkBQHNDVgZPdkNXAUlxQEhECSQSUwFfNQEaXER0Q1gHTnZEXQJOfEFd
Requested by: Host: gocast2.com
URL: https://gocast2.com/gcrichd.php?player=desktop&live=bbtsp1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 10:42:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqOIVscLSyBspCxrDM%2F86e0yFF%2FfLgPpJWAkPkMinY9OR%2FZUtj70qOUDQRIEpm7QSUkLkvU5l9Pr8pAZdsLBMUKwvdI%2BHX8aXEBL0jUQueziUXKhaq4DNug2pfuT%2FCI6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 765d387fce05b7a8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 channel Show response
asia.web3-lab.com/v1/ Frame 5834 338 B
690 B 355ms
326ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.web3-lab.com:8443/v1/channel
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b8284f7e1c3967a53225fe4841208bfe3586dc09d0b0072a93cef8ee76788c

Request headers

Referer: https://gocast2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 06 Nov 2022 10:42:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ8%2FQwvrDBrHHrvaycfJdsTzES2KQRc3O5%2Fz0ef9e06S0txt6P2ydLlMyyfpvo6TJvXXSKmq7H%2BRsuWgducJs6jzrxCeIu8So0EOzedkl2rsKu0hr8Y1bNlbp15qUuO%2FcGo8E5f68fzUT%2Bw1SXrshQKplkDN"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 765d387fff55915e-FRA
alt-svc: h3=":8443"; ma=86400, h3-29=":8443"; ma=86400

GET
H/1.1 206
Partial Content bbtsp1-23636.ts Show response
go2.gocast2.com/hls/ Frame 5834 1 B
400 B 24ms
23ms XHR
application/octet-stream 37.49.224.221
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://go2.gocast2.com:999/hls/bbtsp1-23636.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

Referer: https://gocast2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-0

Response headers

Date: Sun, 06 Nov 2022 10:42:08 GMT
Last-Modified: Sun, 06 Nov 2022 10:40:49 GMT
Server: nginx/1.20.1
ETag: "63678f31-a26f4"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Content-Range: bytes 0-0/665332
Cache-Control: no-cache, no-cache
Connection: keep-alive
Content-Length: 1
Expires: Sun, 06 Nov 2022 10:42:07 GMT

GET
H3 200 popunder.gif
redanludb.xyz/ Frame 5834 35 B
504 B 20ms
18ms Image
image/gif 172.67.138.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redanludb.xyz/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gocast2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Nov 2022 10:42:08 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Nov 2022 23:23:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40726
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPdsY7Sk5bgBPMRzMyNgKfY61w%2FZbtLURia7X3Zs1zox77t1b2JjMOpo552veuZ6Ezeqw80T2q8K1xzokezvPZxN3DmDbcC3aZCdLVqHi5NiWUgu3G7N2lt03fIpqwKU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 765d38814f8bb7a8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
4dsbanner.net/	1970-01-20 07:16:14	Name: viewed_300x250 Value: 1
4dsbanner.net/	1970-01-20 07:16:14	Name: viewed_728x90 Value: 1
fp.metricswpsh.com/	1970-01-20 16:01:07	Name: id Value: 15112038202593677452
pogothere.xyz/	1970-01-20 15:53:55	Name: csu Value: 719668663691045@1@1667731327

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-167203536%3A1667731327821941&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvGeSqW7jXOhjEdmRB3isudpeADuoENxYbvKncAvt4mN5NdZzDUUxxDAhXeFVrRJMR_DUP57w Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-603053739%3A1667731327812786&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsdAjb6tI-oIjKak8j3XqNDjVX6XUwZKBNQX2isUy8gizCoI453DoWsap-A22oAygbs0ElPuw Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a9f0fde99.3bcd202415.com
4dsbanner.net
633678338f.3cb004e947.com
65eb50053b.3cb004e947.com
accounts.google.com
ad.a-ads.com
ajax.googleapis.com
anwhocam.xyz
asia.web3-lab.com
c.adskeeper.com
cdn.jsdelivr.net
code.jquery.com
cricfree.pw
d27x9po2cfinm5.cloudfront.net
dramacool.tube
fp.metricswpsh.com
go2.gocast2.com
gocast2.com
js.wpadmngr.com
maxcdn.bootstrapcdn.com
nereserv.com
pagead2.googlesyndication.com
pogothere.xyz
pro.ip-api.com
redanludb.xyz
s-img.adskeeper.com
s10.histats.com
s4.histats.com
static.a-ads.com
static.bookmsg.com
stream.crichd.vip
superfastcdn.com
waufooke.com
ww1.9anime.vip
www.facebook.com
youradexchange.com
139.45.197.238
144.76.28.254
157.90.84.242
168.119.25.20
168.119.25.22
172.64.106.19
172.67.138.9
192.99.8.27
2001:4de0:ac18::1:a:2a
2600:9000:237d:e000:14:63a1:c340:21
2606:4700:3030::6815:42d2
2606:4700:3031::6815:888
2606:4700:3032::ac43:bbd6
2606:4700:3034::ac43:959a
2606:4700:3034::ac43:b2a8
2606:4700:3035::6815:42d
2606:4700::6810:5814
2606:4700::6812:42a
2606:4700::6812:52a
2606:4700::6812:bcf
2a00:1450:4001:806::200d
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a01:4f8:e0:19cb::1
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
35.190.41.116
37.49.224.221
45.133.44.24
45.133.44.25
46.105.201.240
51.77.64.70
65.9.66.33
009addfcb02e1b173a6dd6cc83a82417f8b23c971480d87600473d9997779a00
0227e73bbc82473c853accd160b3a4ceed0a02f04d10c5e348c66d7366e86f43
02b2fcb691a3fa30071661e849e9ac1cc1b196b9ef16f33eed152aaa2bf5bb21
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
0ca8067ecda32d8eb63804ae83f2183c3ae3c49e9c05eaa50e15dc46f0735ee8
189dc16cc18c1cc5d571b94e745e9f55f84d4c30b117498d7f5ebf8c779caa44
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
22dc44a33d600dd6f5e0eced981ee4961decd62d6aa58e4cf3c96f907d3132fa
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
29e7c5257a418d2e0443211633b1dfbc36812a72ec9f73f313096ecefebb0e2f
2dd3ccdaf97312cae5795da4f1003b9bdb569a10076b80e7dfdbaf08b32bc728
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44
36c84d8894b17c340c1c398af71a4b2f6c7fcb1b1b446479576a0e58b3d2583d
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3c7a1c53396e4e1111eed4ffb4e61be65eeaf667df61dc855aee4aad738b471a
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
45743d79e226db1759aaf6452e4a5325ffe6f1687de1f53f5eac3e8c0a3d41b4
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4bfa8a7a3679231faaa4477043ad1065e09f4a9acb54856484da6dedb8e41471
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56c7a8a04536db7cf11a22e100adda99fe0199f9c041f874b6e00c2a26960942
63f8444c5cd956ff39912d8f8ef003d279928cabafbe62384c04ddf65a113712
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6f18e292da6e248331f150ecf9b6effa903acbe7cadcf175b68cf5da86b32ab0
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
88d3c35ed4dacca7d4ae8ca43494e21618390d22dd7dfdce2c8a2b410f39c876
8d666277aef4f050cbd97cd374d7c4f1851053730af2aaf94e533cef1a831b5f
8e321c1922f280086b0eb381999f9d90eeb334c6143784fad5d2b3de233c72ef
9360d6dc1a2fdec65b711956b244c4e78cf8f09a210ae84cce9ef0677fff42bd
97867cc54a1e7ae0de8fdcc7e3c8ac1b606c63d186cc529d26b3c24ef7306e35
9e2b19cb3a6b3ff4eb3047150c8a044fb1205c17b9f9824a81c2c9235e865f05
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a24d667576c16edf12d9700634499efa715c8854cb2cd85511162790ba4944ac
a817a515c35520e9f571540957ffc2dd1d4ba70a3b5e04c5c1b37a63d6564516
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b25bb52b1e268a41258688299cd14fd3d9b3dec26f35fdf978f54cf28b1d59cd
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c
bec822f91e7e14ce5a2bb23bdc971b9c5f7d63a63a0c63aef9baa5bf0082d0fa
c1b9b259e3fdcb146efc9ca56fccdc74c73ebff1b915dab225318ec4dc6553bd
c27b19d10fc675cfeef8c03f43008192ec4cd69556ad0d994b21826be7d57da9
ca5068bf4d0038f2fb3107d9e6fc326922073b8ac3bcaaa1724391f54f89b938
d145ad36fca557bc8c44ecbe631e295982f084cd123850b51177225766bf3825
d1e4ad0f33d1b68c1476a7a224c58608c02c1beff1017d9ab9eab98a5cb192f3
d3b8284f7e1c3967a53225fe4841208bfe3586dc09d0b0072a93cef8ee76788c
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d8411c291ce76ba4fc168aff129da83e7193dedd181b468436bb27157d817b46
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b37e08160ce322948052d44c51f3229577a4e7025a7b3af0783e608c9c9dc9
eb56d22065e13ede08f7480ab3bfc0c46264f0070c3af3081b80349220d5ed9c
f10953260c9ddeedd18d7ca3ce3cd3b16e97461dff4d178d4cf4159e5dd73069
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f8971375d4c672bf14e4a54be807ae4df6c31e2ac45baf217eb216356129fcdb
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
faa03c7fedd07d4259ce8cc60aec3f837a15c74275a74781fc581d336ccaf997
ff6b56b663dfd32dc3ecb48f3cef1d167bd48a62d23fe239de52ebcb5d898792

cricfree.pw Open in urlscan Pro 2606:4700:3035::6815:42d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

93 %HTTPS

55 %IPv6

31 Domains

36 Subdomains

34 IPs

7 Countries

3007 kBTransfer

4967 kBSize

4 Cookies

0 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cricfree.pw Open in urlscan Pro
2606:4700:3035::6815:42d Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

93 %
HTTPS

55 %
IPv6

31
Domains

36
Subdomains

34
IPs

7
Countries

3007 kB
Transfer

4967 kB
Size

4
Cookies

76 HTTP transactions
19 data transactions