urlscan.io logo urlscan.io
SecurityTrails logo

coolrea.link Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://coolrea.link/flash25
Submission: On November 09 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is coolrea.link.
TLS certificate: Issued by GTS CA 1P5 on November 4th 2023. Valid for: 3 months.
This is the only time coolrea.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 173.233.139.164 7979 (SERVERS-COM)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 172.67.221.11 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.109.82.104 7979 (SERVERS-COM)
4 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 158.69.254.144 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 62.182.81.95 30860 (YURTEH-AS)
39 14
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
coolrea.link
awistats.com
6    2606:4700:e4::ac40:ae1b (United States)

ASN13335 (CLOUDFLARENET, US)
egldvmz.com
1    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
anthonypush.com
4    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
4    172.67.221.11 (United States)

ASN13335 (CLOUDFLARENET, US)
candlesouth.net
1    2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    23.109.82.104 (Netherlands)

ASN7979 (SERVERS-COM, US)
amkj.anyvzvbmknwqm.top
4    2606:4700:e4::ac40:ab13 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
1    2606:4700:3032::ac43:9971 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    62.182.81.95 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: host-95dedicated.vsys.host
ypgt2nqh69aesxbm.cdnkidney.net
Apex Domain
Subdomains		 Transfer
8 cdnkidney.net
ypgt2nqh69aesxbm.cdnkidney.net
2 MB
6 egldvmz.com
egldvmz.com
225 KB
5 coolrea.link
coolrea.link
18 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 26862
3 KB
4 candlesouth.net
candlesouth.net
42 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 16137
widgets.amung.us — Cisco Umbrella Rank: 28950
3 KB
2 awistats.com
awistats.com — Cisco Umbrella Rank: 202464
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
817 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
139 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 171597
134 KB
1 anyvzvbmknwqm.top
amkj.anyvzvbmknwqm.top
1 KB
1 anthonypush.com
anthonypush.com
39 13
Domain Requested by
8 ypgt2nqh69aesxbm.cdnkidney.net swarm.video
6 egldvmz.com coolrea.link
egldvmz.com
candlesouth.net
5 coolrea.link coolrea.link
4 youradexchange.com egldvmz.com
4 candlesouth.net coolrea.link
candlesouth.net
2 awistats.com candlesouth.net
awistats.com
2 widgets.amung.us coolrea.link
candlesouth.net
2 whos.amung.us 2 redirects
1 fonts.googleapis.com candlesouth.net
1 cdn.jsdelivr.net candlesouth.net
1 swarm.video candlesouth.net
1 s4.histats.com s10.histats.com
1 amkj.anyvzvbmknwqm.top coolrea.link
1 s10.histats.com coolrea.link
1 anthonypush.com coolrea.link
39 15

This site contains links to these domains. Also see Links.

Domain
lrqknpk.com
Subject Issuer Validity Valid
coolrea.link
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
egldvmz.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
anthonypush.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
candlesouth.net
GTS CA 1P5		 2023-10-31 -
2024-01-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
amkj.anyvzvbmknwqm.top
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-10-17 -
2024-01-15		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
swarm.video
GTS CA 1P5		 2023-09-30 -
2023-12-29		 3 months crt.sh
awistats.com
GTS CA 1P5		 2023-10-02 -
2023-12-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ypgt2nqh69aesxbm.cdnkidney.net
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://coolrea.link/flash25
Frame ID: 9610BB061033943D1BE07033F22C6FCE
Requests: 15 HTTP requests in this frame

Frame: https://candlesouth.net/embed/vy7my0wu36
Frame ID: B37EFC8C04ED42F80C07541D6AAC4162
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Live Footbal Streaming - Live Premier League

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

92 %
HTTPS

62 %
IPv6

13
Domains

15
Subdomains

14
IPs

5
Countries

2633 kB
Transfer

4024 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=19500&c=000000ffffff&p=left
Request Chain 17
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=60500&c=000000ffffff&p=left

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request flash25
coolrea.link/ 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4fcaa3c001cf83c07889b188205657f6b575300b46b3580349717512787540f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8238a9dadd906668-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 20:04:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIcSVk2f%2BtQdK0629Fo2lPrlmRNhHD4fUrJNeDxcJyeIb4BUyhLZTbA71uVLTkGIgVjDoQ7JO8aK%2F4Ml2tz0209ecFulvpnchqhrg7s4X5nP4KTEnqaahJUIcZSOoy7vR8LGl9x6FFpOBFY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
coolrea.link/css/ 		1 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/style.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Apr 2022 14:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
337451
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTRbEHURAKGs0pVTtHXJXlwzYTM1TBk57uj3ZoKXE3GpGbt2Sae1Tt1So7g8xcO0y9TnwyZVA%2BBevWTNPQhAKq0X8RB94jmZI2dHLBf%2Bg5Kh2TPRkMzm0ihODivCg849ZrOjYhSIpFm6USc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8238a9dcaf926668-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 12 Nov 2023 22:20:01 GMT
custom.css
coolrea.link/css/ 		1 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coolrea.link/css/custom.css
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0114545d15c35d35ae5265cecbb808340f26d0e94bdfc03900de00ff825b04

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Jul 2023 09:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
337816
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Fvxn22MPD6n%2FWNcPygw5xZWafoztm2sw19fmLFIEw3GJenebqgAI86%2BzDQuRk4W%2B5z8ZaJ7WrnxTOy8TJY7XTdnlyli9Zdo3f5QwPbdVNrVDQXoYNAMNfrnQUJ3GttUZFPkAL8GHfNXViM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
8238a9dcaf936668-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 12 Nov 2023 22:13:56 GMT
utils.js
egldvmz.com/script/ 		166 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/utils.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498bb2a6d38db3a3515221f42eabf624305439317d9b24e8d76e54bcebcee5e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203
x-guploader-uploadid
ABPtcPoGoRTSf3vppbi6pcOnUj8GOO__LDAk0fzYy5xjHck7k47inWazbIywX6kuPwktnI1-eRLx2fbveQt5NQFysCufOtADRv8D
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Nov 2023 14:23:40 GMT
server
cloudflare
etag
W/"972f5f9d4a1708d42f793685e0e98c17"
vary
Accept-Encoding
x-goog-hash
crc32c=Y6IBvg==, md5=ly9fnUoXCNQveTaF4OmMFw==
x-goog-generation
1698935020625047
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9MzbTKxaq2VNfO5jgJPMhSnsNO%2FVLorn%2FiwPFSenZbniS9oGG8xiW7e7%2B9t2dALMlL2dwA5kO9zt3IptbT%2FjGGq%2BT789e0Km3O%2FhNHXLFzh%2FNguYl37JL00mBkqYnSS10Gw3Waa6avUqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
170234
cf-ray
8238a9dd2cb4671c-AMS
expires
Thu, 09 Nov 2023 20:42:03 GMT
b5d5e2cbaa884029b13637009b94e342.js
anthonypush.com/b5/d5/e2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://anthonypush.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:13 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=19500&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=19500&c=000000ffffff&p=left
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76984ec0b4878343c6e7e70e6a5d3258f80e706aff207bd76d25b9051905b0e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 19:10:06 GMT
server
cloudflare
age
608047
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
8238a9ddf98b661a-AMS
expires
Fri, 03 Nov 2023 19:10:06 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=19500&c=000000ffffff&p=left
date
Thu, 09 Nov 2023 20:04:13 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8238a9dd185b661a-AMS
content-type
text/html; charset=UTF-8
suv5.js
egldvmz.com/script/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/suv5.js
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6845e0ebbdda70bfe9caa0cb70d119f78050883c53e088dbdbaf3989e8e2d442

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217
x-guploader-uploadid
ABPtcPqSguc8P3ZYapjXHMssLrVVy6LQSTv1mh4dTnRBvC0elwzLjvGOJ4kY7DDHGQsmFbFFCjQ91unoLlidowgzLHLz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Nov 2023 14:22:37 GMT
server
cloudflare
etag
W/"226ffbc5dcd8edf0219b2a0a6f19edb9"
vary
Accept-Encoding
x-goog-hash
crc32c=4DeGyw==, md5=Im/7xdzY7fAhmyoKbxntuQ==
x-goog-generation
1698934956986302
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT%2BP4q%2Bn3Sx2adwD6A0DETcqsTtIlGnVVxap9bAzlKjPiEDIDazIvj3VK5IVRO%2Bq7YYxTZq5aWY%2F9mLo%2B2sE72Hst1vRc9i%2F4aTIB4njA1BY7LHyw2oyzDp%2F9na0I8OiknzjJ2GnjbHPSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97496
cf-ray
8238a9dddd69671c-AMS
expires
Thu, 09 Nov 2023 20:48:53 GMT
bgs.png
coolrea.link/img/ 		939 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coolrea.link/img/bgs.png
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4210d8e894e789bdfbc65809e1e41f2763a35f6a872fb95cfcddef5c0f8b2b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/flash25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sZ8Yu8kgtF%2BZS3ZIGrLc%2Bcw32N6bqw5TD3mp6r6cae1UahugnW%2F7DYuETHUFG%2Bz13yAnPwQfBRS1%2FmO%2B2G1L4Xqk5GwKeW%2BQScuPHPF5GJW%2FSX7elmxYCulvu5Z%2FXlWtanehD7wpiBxt9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8238a9ddefeeb972-AMS
alt-svc
h3=":443"; ma=86400
vy7my0wu36
candlesouth.net/embed/ Frame B37E 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/embed/vy7my0wu36
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14381f7a391c6f87d24a4f6a3f5afbd4baf0bbd0f92a91c50dff81b06e4df84e

Request headers

Referer
https://coolrea.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8238a9e1afbe6628-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 20:04:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCVysO%2BjDFXXpb1Dw2zipfRf6kEJPzBXq2GO%2BQ85hFb4YlYBLTrvzA4WqdutZF5oE6IHt%2FJILs3McqvdwX%2FD44K8DuQXwGiwow%2Bqx1UP6QU9aKh9IR3x%2Fcu2%2B4eyL5enrlM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
66237
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8238a9e1aef56688-AMS
content-length
4547
x.png
coolrea.link/img/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coolrea.link/img/x.png
Requested by
Host: coolrea.link
URL: https://coolrea.link/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Apr 2022 14:02:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
337450
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQeFyRCijAK%2BCDZaVeNdgHL0HUz7iLZk6zM%2FG1zg9rSGER9KxVW6cZYgsMctUhDGUFdah6mRbRQqSZI1WiY4d%2FaXiLTn3q8c1ljs6kT%2BnF6OSXRRtIIBGoiwnvI8ayM0cU9ApP355gvxUcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8238a9e11ba4b972-AMS
alt-svc
h3=":443"; ma=86400
content-length
820
expires
Sun, 12 Nov 2023 22:20:03 GMT
krwkea
amkj.anyvzvbmknwqm.top/kbwnkqalvneza/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amkj.anyvzvbmknwqm.top/kbwnkqalvneza/krwkea?d=1
Requested by
Host: coolrea.link
URL: https://coolrea.link/flash25
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.104 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://coolrea.link
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
suurl5.php
youradexchange.com/script/ 		991 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=2278415&chmob=%3F0&cbur=0.2725329977437312&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Live%20Footbal%20Streaming%20-%20Live%20Premier%20League&cbpage=https%3A%2F%2Fcoolrea.link%2Fflash25&cbref=&cbdescription=&cbkeywords=&cbcdn=egldvmz.com&ts=1699560253637&srs=d68980ec0231e44ef388ed68a066c669&atv=37.4&abtg=1
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ab13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c859e5285cf53b7483de58208feacb6ee4e6550dc4a5804ff0268b785cfdd9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6UfE7g1OzyVIik9R2am7v6lyb1Bv2Zr%2BIMs%2Fzxi9sG%2B10%2B3V0TTGPTS7qMElZLP%2F0uH8ekhon80HgKGg%2Bc6k3ejiJFeLiu2hFShJkBiBAh3b3IZePjyX6Qwi%2B53AG5UM5ah6wsIOQUpWb1PyT2VXHU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
8238a9e1d8930b70-AMS
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h1&@i1&@j1699560253727&@k0&@l1&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:1919907&@b3:1699560254&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fcoolrea.link%2Fflash25&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
ab9c9baa88b254d596574ef79824a41f0b8d0627a9d1d8598e5291a690bc036e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:14 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
embed.min.css
candlesouth.net/css/ Frame B37E 		1 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/css/embed.min.css?v=0.5
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/embed/vy7my0wu36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20788
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BGFRL6YHeyZj3hOw2kXtG1fvz1wX%2BFKJU08LrgDeseHf%2FvqN%2By30jkI3L0OsHxDGtahcXFAfy39kZtrr0RL77ioYUvbJscj%2By1%2FF%2BI3dIxGHmRFeBFkAFVaD3wfxXjL%2Fvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
8238a9e278f76628-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 16 Nov 2023 15:17:45 GMT
jquery.min.js
candlesouth.net/js/ Frame B37E 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/js/jquery.min.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/embed/vy7my0wu36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
145560
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5f499RZcSd0jrynzf8rLGNiGhmdOdd2EzlqwBwlQ0vVn5Ch2BvTZC%2FDy9zyLjUwbwbf4ezNHwdAo8OempajtZrxkp6tQQGEsOqnftNbC1KNFP1IuoHQegmEH6ycn45BgWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
8238a9e278f86628-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 04:38:13 GMT
j79z9kzty.js
swarm.video/ Frame B37E 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/j79z9kzty.js?v=1.1
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
658119
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 00:04:36 GMT
server
cloudflare
etag
W/"8533a-1893d1d4765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf7eozkM51EHTQAEIdxcyEb2MzPx0MaEZIeiHaFsLI1%2BOKe0kYTLg0jUq4Bq66rV7WCRdM9Sl%2BOzZgyUpNYaaMFK4d1jLoUEzGwbr%2B5GkzydAjXvlTTk137xNV09LkNtNLx61qtPO%2Fs3qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8238a9e2e8000b50-AMS
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame B37E 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17155
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220029-FRA, cache-ams21044-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfd2vzGH6uh6nu14BrhrcvDAt%2FiBBuKojQnyylr03Z5A8byR1d94YvLD19JjF0Yot8%2BhQgNxIhL39xNVAB9EfL93P1VFA8su61YU3GUiqGRx%2BIvQzz2nS%2FXv3HmUrTABizmJmK8PH7aVcOCQ%2FTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8238a9e2da69b8e2-AMS
/
widgets.amung.us/draw/ Frame B37E
Redirect Chain
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=60500&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=60500&c=000000ffffff&p=left
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3efb5ef62004f00906799b8af4db987b819f19511fc6bd9639b38d8d559cf6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Nov 2023 14:01:29 GMT
server
cloudflare
age
453764
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
8238a9e348d8661a-AMS
expires
Sun, 05 Nov 2023 14:01:29 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=60500&c=000000ffffff&p=left
date
Thu, 09 Nov 2023 20:04:13 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8238a9e27fcc661a-AMS
content-type
text/html; charset=UTF-8
script.js
awistats.com/js/ Frame B37E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awistats.com/js/script.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Nov 2023 06:33:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HsKEnIKY2ForGzd6Pf3qqNNEM5QQjaPVGHK9a1S9PaOUsg%2BRh%2FCLcu83O508QtO8bEcqxJBrqg3nbxhC%2BD6w00oPC33qauvk7aFQQ8sIst3eHVovQ3VfvPdCaNxKQz77MpLNnpIqDAuamI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
8238a9e30d76b8fa-AMS
deb.js
candlesouth.net/ Frame B37E 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/deb.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/embed/vy7my0wu36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
448255
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBp62VFrhLXmVKpMA4zEviLJ%2BTm9zanJ%2FNpjxDSVWIrUVA5KgWnR%2FjHsj0hC6k3oDtX18kWv%2B5IG3s5r7AjDYgU2FICH3YC0cermexWnpzKjDx8spvAnYcsz6tdGuaGazwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
8238a9e278f96628-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 Nov 2023 16:33:18 GMT
css
fonts.googleapis.com/ Frame B37E 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/css/embed.min.css?v=0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 20:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 18:08:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Nov 2023 20:04:13 GMT
utils.js
egldvmz.com/script/ Frame B37E 		166 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/utils.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/vy7my0wu36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498bb2a6d38db3a3515221f42eabf624305439317d9b24e8d76e54bcebcee5e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205
x-guploader-uploadid
ABPtcPoGoRTSf3vppbi6pcOnUj8GOO__LDAk0fzYy5xjHck7k47inWazbIywX6kuPwktnI1-eRLx2fbveQt5NQFysCufOtADRv8D
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Nov 2023 14:23:40 GMT
server
cloudflare
etag
W/"972f5f9d4a1708d42f793685e0e98c17"
vary
Accept-Encoding
x-goog-hash
crc32c=Y6IBvg==, md5=ly9fnUoXCNQveTaF4OmMFw==
x-goog-generation
1698935020625047
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5GYVUau%2BX9A9sMqJELnDpd08G5UQZZnndkQvgGC15Vl3RS6O52vqwvYzgsT8W2e4x4zyvl9PNYR9Dikt6MQEqH4ohk1RBc0OFMlXrCJihCzBNAUU2THgkSZDbIbxU3CbUe763dNUTXWdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
170234
cf-ray
8238a9e3eccd66df-AMS
expires
Thu, 09 Nov 2023 20:42:03 GMT
event
awistats.com/api/ Frame B37E 		2 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awistats.com/api/event
Requested by
Host: awistats.com
URL: https://awistats.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://candlesouth.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAwHnOHBMDyWwEa%2BvpkIIQmNiYPL29HZQz4qy%2BLE3uQ8X%2BYoG8IkqIiqJRgIjR%2BovgTqDBoqWbz8AYEA1RKW9Xy8Ki%2FZBfw%2F5m7PsmgeWq6xajeum5nv5N5OJI1a7pRJSMPhx65M0XY1biY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8238a9e44fe506dc-AMS
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F5YNC-YVbePgk4p0JLKJ
vy7my0wu36.m3u8
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		836 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36.m3u8?s=ryGil4DR8p2zfyl25dg6gQ&e=1699581853
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
c542ff6cfa91f8940b8b81c69745adf918f6457b9da5d0352714082422819d57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:14 GMT
Last-Modified
Thu, 09 Nov 2023 20:04:11 GMT
Server
nginx/1.24.0
ETag
"654d3b3b-344"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
836
suv5.js
egldvmz.com/script/ Frame B37E 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/suv5.js
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6845e0ebbdda70bfe9caa0cb70d119f78050883c53e088dbdbaf3989e8e2d442

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
218
x-guploader-uploadid
ABPtcPqSguc8P3ZYapjXHMssLrVVy6LQSTv1mh4dTnRBvC0elwzLjvGOJ4kY7DDHGQsmFbFFCjQ91unoLlidowgzLHLz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Nov 2023 14:22:37 GMT
server
cloudflare
etag
W/"226ffbc5dcd8edf0219b2a0a6f19edb9"
vary
Accept-Encoding
x-goog-hash
crc32c=4DeGyw==, md5=Im/7xdzY7fAhmyoKbxntuQ==
x-goog-generation
1698934956986302
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAEaXsjOM%2Bknlqt31I8i9h5e3zgXuqdAwdRidETGgDuemJHCIBMZUaD5EhPLzLBUiUdBR39eHwglYP7W4YYwM%2Fg8Q0iZP%2FTcsjuob9%2Fg2JzXuz8jw47YvG7WO7ZDnkDa8SDRrJCwR0jnxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97496
cf-ray
8238a9e4adaf66df-AMS
expires
Thu, 09 Nov 2023 20:48:53 GMT
suurl5.php
youradexchange.com/script/ Frame B37E 		1015 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=7108866&chmob=%3F0&cbur=0.5478804093247489&cbiframe=1&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fcoolrea.link%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=egldvmz.com&ts=1699560254231&srs=68caf8d95d3bcc42c41956bd50eec79f&atv=37.4-sw-adbl-suv5&abtg=1
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ab13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bb08e15e6da9160adc6fb0b6eaa88e0eb432fe12f240bfef20133475c82259

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XflUykeJeHtOiEg7WSAntrNKEnAXh8Ky05%2Ft03UwjUXI%2B7yfy89fgQcwYaz0D%2FV8LL66jhkiF%2Fh6b8Epqe3RiSmhAPGKnbYrtV61OitmUahfoM9jUZvMQtZ%2F%2BYyhSUGlRqvnfP5dpqikawWXyTNhNVc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
8238a9e51c650b70-AMS
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
ut.js
egldvmz.com/script/ Frame B37E 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/ut.js?cb=1699560254261
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc76edeafdee6d9f51e0bfb3c1f67f4a93221ca5dc98d7e7155fdd90799f39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230
x-guploader-uploadid
ABPtcPp3FEVb8JGOfT8NDbJQdTe7R99dzMCWOSEN7YP8wC7CiuZKxEbymbG7KANDIjM49UvXo_9BTylLxAps6NJkxqu-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 10:07:02 GMT
server
cloudflare
etag
W/"05e67634907bf37307f1a50ea4b42cca"
vary
Accept-Encoding
x-goog-hash
crc32c=b724KA==, md5=BeZ2NJB783MH8aUOpLQsyg==
x-goog-generation
1696846022267412
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmcMqC%2FiIkVEJ6pArQMtNnZaD1Uo9ayGnXlDna81OTGly5TfJPfqz0mHO%2FeOW5qxAaWfqI%2BXmigoHsDWDDMF2RGwWQg8y4HyhAyy09WKhNg5y%2FTwD5V%2BwnlteEPwHHh4Lwk%2BNVGt%2BgsXyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82120
cf-ray
8238a9e54ea566df-AMS
expires
Thu, 09 Nov 2023 20:02:34 GMT
ut.js
egldvmz.com/script/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://egldvmz.com/script/ut.js?cb=1699560254289
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ae1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc76edeafdee6d9f51e0bfb3c1f67f4a93221ca5dc98d7e7155fdd90799f39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://coolrea.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230
x-guploader-uploadid
ABPtcPp3FEVb8JGOfT8NDbJQdTe7R99dzMCWOSEN7YP8wC7CiuZKxEbymbG7KANDIjM49UvXo_9BTylLxAps6NJkxqu-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 10:07:02 GMT
server
cloudflare
etag
W/"05e67634907bf37307f1a50ea4b42cca"
vary
Accept-Encoding
x-goog-hash
crc32c=b724KA==, md5=BeZ2NJB783MH8aUOpLQsyg==
x-goog-generation
1696846022267412
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnQkVXqoASuqgZFuzs7cnOn5v3kZMmMd%2FdD6%2FPN4EqJ6e9exKtavdQkudeuP3zgMJa9NiBNZ1bdKZYexiUMdKfPW1uumb98PZyc9D6EVys88ay%2BGwbQptCiAwcE1Hc4xcoaiVhVybBurUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82120
cf-ray
8238a9e56ec666df-AMS
expires
Thu, 09 Nov 2023 20:02:34 GMT
hb.php
youradexchange.com/ut/ Frame B37E 		0
401 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.5292837371313244
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/ut.js?cb=1699560254261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ab13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://candlesouth.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAFGvc%2BM403Ox173LoAyg7CuT2kjpOq3G7Y9iPfD8PGYjYnc5pLrLRpbpWHIRcZ2POGjEkxB2TOyfmeXC5GBHEIvWI2LD6jXoeq4gCkjnSatyHImu3sGp6n4RKWVJtgJ6CLHEBE6jv9E8Ao8DTmjTQI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8238a9e5ffa5b713-AMS
alt-svc
h3=":443"; ma=86400
vy7my0wu36.m3u8
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		836 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36.m3u8?s=ryGil4DR8p2zfyl25dg6gQ&e=1699581853
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
c542ff6cfa91f8940b8b81c69745adf918f6457b9da5d0352714082422819d57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:14 GMT
Last-Modified
Thu, 09 Nov 2023 20:04:11 GMT
Server
nginx/1.24.0
ETag
"654d3b3b-344"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
836
vy7my0wu36-40038030.ts
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		314 KB
314 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36-40038030.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
98393bd3419689b746408315fdb0fb45aeb34d05c1417a2490b99106b0eca534

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:14 GMT
Last-Modified
Thu, 09 Nov 2023 20:03:11 GMT
Server
nginx/1.24.0
ETag
"654d3aff-4e70c"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
321292
vy7my0wu36-40632030.ts
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		385 KB
386 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36-40632030.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
8d24bbfb62ee20285f5602fd9e6b7c55da37816327164e3104aa115a5378c214

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:14 GMT
Last-Modified
Thu, 09 Nov 2023 20:03:13 GMT
Server
nginx/1.24.0
ETag
"654d3b01-604b8"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
394424
8f9d2e09-9475-4b0f-be60-87fd29597e1b
https://candlesouth.net/ Frame B37E 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://candlesouth.net/8f9d2e09-9475-4b0f-be60-87fd29597e1b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
hb.php
youradexchange.com/ut/ 		0
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.3649195182545715
Requested by
Host: egldvmz.com
URL: https://egldvmz.com/script/ut.js?cb=1699560254289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ab13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coolrea.link/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Thu, 09 Nov 2023 20:04:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J51GTEH0pNBtjVn%2BlvAor8rNJYjeBh0KXJ325mDCckW0iv00Qskhkr%2FszOGfB4tMuLlW0RBx6%2FNJjhtFcY0HBbiQ2RY7PtyY1IVOiS7Hd%2B%2FLxH6CaolzfIUkoF00fs0zho6d%2BBlu3zAlXFoqEaqFPV8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8238a9e5efa4b713-AMS
alt-svc
h3=":443"; ma=86400
vy7my0wu36-40782060.ts
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		715 KB
716 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36-40782060.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
cf79e8ac18e5524d8740e33dcf35156b7a0581833b7b7c0248f47d69a65b3e6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:15 GMT
Last-Modified
Thu, 09 Nov 2023 20:03:16 GMT
Server
nginx/1.24.0
ETag
"654d3b04-b2d20"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
732448
vy7my0wu36.m3u8
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		836 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36.m3u8?s=ryGil4DR8p2zfyl25dg6gQ&e=1699581853
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
88176d06b65042fedc7407959a1ea1b4945686b6b2ca7ebdc09328a4e734c384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:16 GMT
Last-Modified
Thu, 09 Nov 2023 20:04:14 GMT
Server
nginx/1.24.0
ETag
"654d3b3e-344"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
836
vy7my0wu36-41082030.ts
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		639 KB
639 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36-41082030.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
ff65eda85f10defd72f34a0d07f964b6b4ff644b1835872381c76568f9452803

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:16 GMT
Last-Modified
Thu, 09 Nov 2023 20:03:24 GMT
Server
nginx/1.24.0
ETag
"654d3b0c-9fae4"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
654052
vy7my0wu36.m3u8
ypgt2nqh69aesxbm.cdnkidney.net/hls/ Frame B37E 		836 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ypgt2nqh69aesxbm.cdnkidney.net:8443/hls/vy7my0wu36.m3u8?s=ryGil4DR8p2zfyl25dg6gQ&e=1699581853
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.81.95 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
host-95dedicated.vsys.host
Software
nginx/1.24.0 /
Resource Hash
d65d5d1fa6229cc2ef2ea1fc082e53bd742391c2120fd972e523f6cca35fcf3c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 20:04:17 GMT
Last-Modified
Thu, 09 Nov 2023 20:04:16 GMT
Server
nginx/1.24.0
ETag
"654d3b40-344"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
836

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| hide_ads object| regeneratorRuntime function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| adcash object| zhtGIm function| PopUnder function| cbut object| _Hasync function| vwu function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues boolean| user_engagement119 string| utsid-send

10 Cookies

Domain/Path Name / Value
coolrea.link/ Name: HstCfa3681769
Value: 1699560253727
coolrea.link/ Name: HstCla3681769
Value: 1699560253727
coolrea.link/ Name: HstCmu3681769
Value: 1699560253727
coolrea.link/ Name: HstPn3681769
Value: 1
coolrea.link/ Name: HstPt3681769
Value: 1
coolrea.link/ Name: HstCnv3681769
Value: 1
coolrea.link/ Name: HstCns3681769
Value: 1
candlesouth.net/ Name: hf1
Value: 1
amkj.anyvzvbmknwqm.top/ Name: GL_UI4
Value: eJw9jVtOwzAURPNOgSYwUhbAEmK1peQTsQg%2BIz9uUtPErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iJzwf1XDo5LEbOBftQbUnxpSgl%2FOr7Fpxlgp3euk9FxP5DLtl5s73fs2wH8mQ07KXVlGFp2D9NVdjN5MhF44bVSGfgzFVKIWz20KuSZEZPhOK94uzIfOZf1qHlLEusDaB4xaJXZq0vkf5oY0Kw3qPhLV1XUR4uE3cD9bNvVZFjHx0XBHiN%2Bwk9zRa941S0XL19gbYSfX%2F%2Fu9vurEWhaJVy3Bu%2FYXcD8BHTuk%3D
amkj.anyvzvbmknwqm.top/ Name: GL_GI10
Value: eJwVyTsOgkAURuG5t8AQH8kfWYArIDxkBVpQGArt7AhMhATnTmaurl9pzlccYwxnO%2FDscajLvCrOedlUfxvQC9zdwIPDtrM62bD0boygAH624OCwf8hHp1Mry7pAA9K7qNow9m%2FQjM1cX3NnFewi0osEL6FXC%2FIJgVXWxjEzoG9y%2FAGTByDJ

5 Console Messages

Source Level URL
Text
security warning URL: https://coolrea.link/flash25
Message:
Mixed Content: The page at 'https://coolrea.link/flash25' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://coolrea.link/img/bgs.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://anthonypush.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning URL: https://coolrea.link/flash25(Line 107)
Message:
Mixed Content: The page at 'https://coolrea.link/flash25' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://candlesouth.net/embed/vy7my0wu36(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amkj.anyvzvbmknwqm.top
anthonypush.com
awistats.com
candlesouth.net
cdn.jsdelivr.net
coolrea.link
egldvmz.com
fonts.googleapis.com
s10.histats.com
s4.histats.com
swarm.video
whos.amung.us
widgets.amung.us
youradexchange.com
ypgt2nqh69aesxbm.cdnkidney.net
158.69.254.144
172.67.221.11
173.233.139.164
23.109.82.104
2606:4700:10::6814:81f
2606:4700:10::6816:4aab
2606:4700:3032::ac43:9971
2606:4700::6810:5714
2606:4700:e4::ac40:ab13
2606:4700:e4::ac40:ae1b
2a00:1450:4001:810::200a
2a06:98c1:3120::3
62.182.81.95
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0c0114545d15c35d35ae5265cecbb808340f26d0e94bdfc03900de00ff825b04
14381f7a391c6f87d24a4f6a3f5afbd4baf0bbd0f92a91c50dff81b06e4df84e
1dcc76edeafdee6d9f51e0bfb3c1f67f4a93221ca5dc98d7e7155fdd90799f39
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
498bb2a6d38db3a3515221f42eabf624305439317d9b24e8d76e54bcebcee5e6
5c859e5285cf53b7483de58208feacb6ee4e6550dc4a5804ff0268b785cfdd9a
6845e0ebbdda70bfe9caa0cb70d119f78050883c53e088dbdbaf3989e8e2d442
76984ec0b4878343c6e7e70e6a5d3258f80e706aff207bd76d25b9051905b0e8
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88176d06b65042fedc7407959a1ea1b4945686b6b2ca7ebdc09328a4e734c384
8d24bbfb62ee20285f5602fd9e6b7c55da37816327164e3104aa115a5378c214
98393bd3419689b746408315fdb0fb45aeb34d05c1417a2490b99106b0eca534
ab9c9baa88b254d596574ef79824a41f0b8d0627a9d1d8598e5291a690bc036e
b4210d8e894e789bdfbc65809e1e41f2763a35f6a872fb95cfcddef5c0f8b2b6
c542ff6cfa91f8940b8b81c69745adf918f6457b9da5d0352714082422819d57
cd3efb5ef62004f00906799b8af4db987b819f19511fc6bd9639b38d8d559cf6
cf79e8ac18e5524d8740e33dcf35156b7a0581833b7b7c0248f47d69a65b3e6f
d0bb08e15e6da9160adc6fb0b6eaa88e0eb432fe12f240bfef20133475c82259
d65d5d1fa6229cc2ef2ea1fc082e53bd742391c2120fd972e523f6cca35fcf3c
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749
d8d6c3534663816b21184f5dc3c402b613147dba30d67c9f97291971aed28018
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f4fcaa3c001cf83c07889b188205657f6b575300b46b3580349717512787540f
ff65eda85f10defd72f34a0d07f964b6b4ff644b1835872381c76568f9452803