urlscan.io logo urlscan.io
SecurityTrails logo

stream.crichd.vip Open in urlscan Pro
2606:4700:3033::ac43:8b81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://stream.crichd.vip/update/premier.php
Effective URL: https://stream.crichd.vip/update/premier.php
Submission: On December 30 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 8 countries across 15 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3033::ac43:8b81, located in United States and belongs to CLOUDFLARENET, US. The main domain is stream.crichd.vip.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2022. Valid for: a year.
This is the only time stream.crichd.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 46.105.201.240 16276 (OVH)
2 35.190.41.116 15169 (GOOGLE)
2 149.56.240.128 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a04:4e42:400... 54113 (FASTLY)
2 139.45.197.238 9002 (RETN-AS)
5 77.247.109.78 213371 (SQUITTER-...)
1 51.77.64.70 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
40 16
1    2606:4700:3031::6815:888 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.crichd.vip
2    2606:4700:3033::ac43:8b81 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.crichd.vip
7    2606:4700:3030::6815:42d2 (United States)

ASN13335 (CLOUDFLARENET, US)
gocast2.com
4    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
velocitycdn.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
2    149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net
s4.histats.com
1    2606:4700:3033::6815:162d (United States)

ASN13335 (CLOUDFLARENET, US)
ulried.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
waufooke.com
5    77.247.109.78 (Belize)

ASN213371 (SQUITTER-NETWORKS, IN)
t2.switchcast2.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2606:4700:3035::ac43:812c (United States)

ASN13335 (CLOUDFLARENET, US)
huddhi.com
Apex Domain
Subdomains		 Transfer
7 gocast2.com
gocast2.com — Cisco Umbrella Rank: 663442
54 KB
5 switchcast2.com
t2.switchcast2.com — Cisco Umbrella Rank: 567253
2 MB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
207 KB
4 histats.com
s10.histats.com — Cisco Umbrella Rank: 11812
s4.histats.com — Cisco Umbrella Rank: 9307
9 KB
4 velocitycdn.com
velocitycdn.com — Cisco Umbrella Rank: 288170
120 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
119 KB
3 crichd.vip
stream.crichd.vip
3 KB
2 waufooke.com
waufooke.com — Cisco Umbrella Rank: 86713
24 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 22946
2 KB
1 huddhi.com
huddhi.com — Cisco Umbrella Rank: 453566
34 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5451
312 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204
11 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
30 KB
1 ulried.com
ulried.com
34 KB
0 web3-lab.com Failed
asia.web3-lab.com Failed
40 15
Domain Requested by
7 gocast2.com stream.crichd.vip
gocast2.com
5 t2.switchcast2.com cdn.jsdelivr.net
4 cdn.jsdelivr.net gocast2.com
4 velocitycdn.com stream.crichd.vip
velocitycdn.com
gocast2.com
3 code.jquery.com gocast2.com
3 stream.crichd.vip 1 redirects stream.crichd.vip
2 waufooke.com gocast2.com
2 s4.histats.com s10.histats.com
2 youradexchange.com velocitycdn.com
2 s10.histats.com stream.crichd.vip
gocast2.com
1 huddhi.com gocast2.com
1 pro.ip-api.com cdn.jsdelivr.net
1 maxcdn.bootstrapcdn.com gocast2.com
1 ajax.googleapis.com gocast2.com
1 ulried.com stream.crichd.vip
0 asia.web3-lab.com Failed cdn.jsdelivr.net
40 16

This site contains links to these domains. Also see Links.

Domain
youradexchange.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-03		 a year crt.sh
*.gocast2.com
E1		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.velocitycdn.com
E1		 2022-11-07 -
2023-02-05		 3 months crt.sh
histats.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh
*.ulried.com
E1		 2022-11-12 -
2023-02-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
waufooke.com
R3		 2022-10-26 -
2023-01-24		 3 months crt.sh
t2.switchcast2.com
R3		 2022-10-25 -
2023-01-23		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.huddhi.com
E1		 2022-11-12 -
2023-02-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://stream.crichd.vip/update/premier.php
Frame ID: 196C6DCFA26EF5C476D33C1331673831
Requests: 9 HTTP requests in this frame

Frame: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Frame ID: E40DDDACCAFB36E04D6BC3B64A69718D
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://stream.crichd.vip/update/premier.php HTTP 301
    https://stream.crichd.vip/update/premier.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

95 %
HTTPS

63 %
IPv6

15
Domains

16
Subdomains

16
IPs

8
Countries

2765 kB
Transfer

4186 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://stream.crichd.vip/update/premier.php HTTP 301
    https://stream.crichd.vip/update/premier.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request premier.php
stream.crichd.vip/update/
Redirect Chain
  • http://stream.crichd.vip/update/premier.php
  • https://stream.crichd.vip/update/premier.php
877 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.crichd.vip/update/premier.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
448994772b4093a8fb538dc8af19a44f8783b047affd8c38057a61f5b5f9475a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781eaf177bfe9237-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 23:51:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzy01K69XAR0qsKMfpxOdwtruaxfbpmURUodd%2F5rsoW7vykivACYGVRJhhauKVTg1T5peiHkwI2OxzzC3x1lcV2WmTg0%2BHz%2BkEhtxmjt7ByZuoICD34B2X6oGLyIB7TUHsFP0LztHp%2FzFkot8QZbGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40

Redirect headers

CF-RAY
781eaf16f9b19164-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 30 Dec 2022 23:51:31 GMT
Expires
Sat, 31 Dec 2022 00:51:31 GMT
Location
https://stream.crichd.vip/update/premier.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUdSCh8erPv95uJtjio2%2FEgGhXIegh23MJTS463qhSQPxMugXxdsyuqB7Wm5dXQ%2BTqrsARhK812QS%2FbwXJ6HM6PkE4Vf2C0bYTxKM7vp5Yjz0cgAUGkgA6UZJDZEPLiYdTCgKI7SHoaXGnGhaL0POw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crichdws.js
gocast2.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/crichdws.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/premier.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020c9741f6bfa5928c8da4f421365d737e962801fa2dac7f21e77a8f6da208e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Nov 2022 07:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6646
etag
W/"6370983e-528"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jp1TBm0OL9quQ5B%2BvofT9hKnCqSS7v9NkmJB3MrHmWjUTr7ru4vRZAMVlCNd0tm1YhMneHXCkVNJcquyv7p8xviYj5N76jGPovPKP0uqqaa7jfqd8L9%2BNaCR9IPn9IydmNFrfkzDkCa%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
781eaf18792191e3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z-5214935
stream.crichd.vip/ 		938 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.crichd.vip/z-5214935
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/premier.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcd8a1ad62d5b5635d7edb9ef20830c162e7d5e079a5a07f4058299ed55885b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/update/premier.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:31 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 22 Nov 2022 18:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637d0e5d-3aa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyCW2gQVz%2BuhEiYJuWGEL1Ha67LNbHYHqS2sq4iL0%2FefbLEVLLpyED58cR0VkEGakDFhRxRxBkWuY976qJ429Okp5msNvHKmq3U0XfxVYPKnKzFfMc6ZUHlWpC%2BNTQyWjsoSP%2FkF6d3iCXCZIW7x3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
781eaf181c799237-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
crichdws.php
gocast2.com/ Frame E40D 		66 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
ee3c30308362e25adfbed37a005e0dc473a555d49c929b39357d8e7e02320370

Request headers

Referer
https://stream.crichd.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781eaf18ffdc994e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 23:51:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzXQel23%2FXKYzy7V1OdlovHthuwp5JkeiFwGB5m%2FFiKbwE48h%2FtaeD2I0WATfSGbwNWPlRa8OS8Xa1YWJSLqqVcnDnZU6Q%2Fyrf0TPAAhAk9uIsZMnUv1S%2B8nJbOy6x%2FkFYYJZcCl%2B%2BhoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
bootstrap.js
velocitycdn.com/script/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/bootstrap.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/z-5214935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3190
x-guploader-uploadid
ADPycduw6t49T5jZQy43jrmyWzm9rcHllL1Pwhxmiler52JMv1eD9hq7po-4ZIzhC2SNjVJQGuvG3kyl3QSjyxmTcuJPCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:52:33 GMT
server
cloudflare
etag
W/"416f6928d8f3d8d66655abc097baca03"
vary
Accept-Encoding
x-goog-hash
crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation
1670939553826085
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbax%2FaFflgyiAkOPCnnEW1NcBhFZAIz9duhnMiJ8OpPGVUKAbBFPLKAZnVHGcIKxaET3OtwsbeEXVbl0NINeGcBHECdyDObr26OV9Bge%2Fzv1pcbYSXpNP3FQdHjJ845m31gcdmaMspEZhy1rmPc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100623
cf-ray
781eaf191da29170-FRA
expires
Fri, 30 Dec 2022 23:58:22 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/premier.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:50:27 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
485327562
ut.js
velocitycdn.com/script/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1672444292073
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtM6BpaP_6GQKbp7cjWNO_QY5AdjCeAOZ7wOEGSZyESrXBxc1W2mv-OY5nEA0oUNoQ2LMDD1tyUkVhwuTw0BU6phEvEJe5-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:55:49 GMT
server
cloudflare
etag
W/"d5903ccaed951c280d67f4188548e1e9"
vary
Accept-Encoding
x-goog-hash
crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation
1670939749168345
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeUHhTpb%2FNIzi8T1n4M9BnxJae2VwOfr8cYZwW7iOI7BjtWUs7G%2BUvKFaS1g08bhqHZt5yVM6p6YtalaG0h92h8rvTTrzBHMM4aj19uEOhJ7r%2FvuqbRVv1wLKeeNM98ZStGpW3NoXbCq2oBB5oE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71395
cf-ray
781eaf19cc489036-FRA
expires
Sat, 31 Dec 2022 00:04:53 GMT
suurl4.php
youradexchange.com/script/ 		962 B
905 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5214935&chmob=%3F0&cbur=0.9014862333548415&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fpremier.php&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e632a181423f7d4e1456a4ccf68789d5c8d2437b484715d9545dbc26b086a330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4599824&@f16&@g1&@h1&@i1&@j1672444292082&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-152317888&@b3:1672444292&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fpremier.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
9801023533a726c745f99fecaaa608e0f1c85b7e4a562f044108ccc67c692519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:32 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
bootstrap.js
ulried.com/script/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulried.com/script/bootstrap.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/z-5214935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:162d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2923
x-guploader-uploadid
ADPycduw6t49T5jZQy43jrmyWzm9rcHllL1Pwhxmiler52JMv1eD9hq7po-4ZIzhC2SNjVJQGuvG3kyl3QSjyxmTcuJPCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:52:33 GMT
server
cloudflare
etag
W/"416f6928d8f3d8d66655abc097baca03"
vary
Accept-Encoding
x-goog-hash
crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation
1670939553826085
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9O0aBtA%2BHhBW8uPhIK7V6fhA7AJFZkD%2FNxGCZnlDz3FyIU4x5za8aHg4vcOa0d7UIRQho1V29XpaiFtHDJrX0dBnuRtDZtLMf9kGsA271G%2FizsNIeSUwHMdip%2Fj9F%2Fy3Zymf153Mbnm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100623
cf-ray
781eaf1a0d6a9b2d-FRA
expires
Fri, 30 Dec 2022 23:58:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame E40D 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 02:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30281
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:06:35 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame E40D 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617, 617, 617, 617, 617, 617, 617
age
29346988
cdn-cachedat
2021-06-08 14:35:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b078a1e046f360931b46757d100ff8d1
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
781eaf1a6aa2bb89-FRA
cdn-requestpullsuccess
True
jquery-latest.js
code.jquery.com/ Frame E40D 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJSPvp0GEpMBCiRjMjQ4YzljZi02OTQ5LTQ0YTctOWZhNC0xZjJmN2Q4MDk1YzMQ+OiCoKvU+wIaBgiE872dBiIYMjAwMToxYjYwOjI6MjQwOjMyNDc6OjExKNaFAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZDkxMjVjOGUtZmIwYi00MjMyLWJmMzAtN2UyMWFmNzM4MDFiGKOPBSIYCAISFGNkczI1NC5mcjguaHdjZG4ubmV0.bdRTjtbLzUi0lijo8HWW7wKOr4DUgBrI4jfFWeuTMwo=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-4508e"
vary
Accept-Encoding
x-hw
1672444292.dop144.fr8.t,1672444292.cds336.fr8.hn,1672444292.cds254.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
embed.css
gocast2.com/css/ Frame E40D 		537 B
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/css/embed.css?ver=1.4.4
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:08:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6499
etag
W/"617bba25-219"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjB41V8jjq19yRf%2BIsR4yhB1OEQAaZnkZ%2FsVLAHyK2qNqYn5SbAevExXS9X777CswsUMForF%2BkTFG9iuAvlnkxgieEriRM7Jd6HRcqn19yefO4j6Be7Xu7yjuyEbieI4P08muJVYy5%2BC9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
781eaf1a18d9994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
code.jquery.com/ Frame E40D 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.0.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJSPvp0GEpMBCiRjMzE5NjlhOC00YjkxLTQ5ZDMtODQxNC01NTIwYzQ1NzIxNWMQ+OiCoKvU+wIaBgiE872dBiIYMjAwMToxYjYwOjI6MjQwOjMyNDc6OjExKNaFAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNzhhZjcyNmUtODg0ZC00NDRiLWIxMmYtMjZiZGQ5ZjBjMTAxGM2EAiIYCAISFGNkczAwMS5mcjguaHdjZG4ubmV0.DKPqbllIgQA8a4dRAJ7aP8uagz8yD3Nw7HFQp0m6dBM=
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-1787d"
vary
Accept-Encoding
x-hw
1672444292.dop144.fr8.t,1672444292.cds336.fr8.hn,1672444292.cds001.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33357
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame E40D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJSPvp0GEpMBCiQ0NzYxYjM3Yy1mMmM4LTRmYTgtODFkYy04ZjE2NjEwZDJkNjIQ+OiCoKvU+wIaBgiE872dBiIYMjAwMToxYjYwOjI6MjQwOjMyNDc6OjExKNaFAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkZDVhMmU2YTItZTE5MS00Mzc2LWFhN2ItNDk1ZTRjZDA3OTBiGPcXIhgIAhIUY2RzMTYxLmZyOC5od2Nkbi5uZXQ=.yPhOu4iE7IH0Ok/AM/7QPdONHInPgY+exTtH4bYKKAc=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1c1f"
vary
Accept-Encoding
x-hw
1672444292.dop144.fr8.t,1672444292.cds336.fr8.hn,1672444292.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
site.css
gocast2.com/css/ Frame E40D 		199 B
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/css/site.css
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:54:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595
etag
W/"617bc4e2-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YzyliAnqAxKuYimZuDHUBwi2DILeO0yZ0QyjNUm2gSIGahYJHh5jHGDfoSCJReZ%2BcLHV0X5Sxu94E2lS8HS0AXDXTFxJ4kusnTvT6G6ysxuxG2HimPLl3x5qwMZtb5UdNLbBTISVj3unQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
781eaf1a18db994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
blast.js
gocast2.com/ Frame E40D 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/blast.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Oct 2022 23:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5356
etag
W/"63420e24-13040"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRU3BILqvY8K7JhHY6ZNTqIdHhO5Jofw6c7KdBKeNHZGdvXCQfUQUtHp2aOrwEfIqDqfxZa7zzIGwrl07pYaC3z4Kf2JEwb5L0ElHT5uca08fXeRmqZJLf6Ee2R3jgDopZyOnUYovDzmtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
781eaf1a18dc994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame E40D 		513 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 23:51:32 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
33715
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141142
x-served-by
cache-fra-eddf8230106-FRA, cache-hhn-etou8220024-HHN
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame E40D 		190 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13da51b6f7fb4fd6cb5663abd069d716d1176e552e152a7f0e1736360e94b9d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 23:51:32 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
350
x-jsd-version
2.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
58090
x-served-by
cache-fra-eddf8230128-FRA, cache-hhn-etou8220024-HHN
x-jsd-version-type
version
etag
W/"2f912-NxxklD9sA/yU4SYm7QGK2OjY+dI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame E40D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 23:51:32 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
12509
x-jsd-version
2.5.9
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1157
x-served-by
cache-fra-eddf8230114-FRA, cache-hhn-etou8220024-HHN
x-jsd-version-type
version
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame E40D 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 23:51:32 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
17200
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10250
x-served-by
cache-fra-eddf8230096-FRA, cache-hhn-etou8220024-HHN
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
z-6330442
gocast2.com/ Frame E40D 		938 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/z-6330442
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85f91ea4ef2f4274e22db1663ace24d1ea5982c9270e276e680720d2eead289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 15 Nov 2022 17:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6373c5d0-3aa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Cdocs86QXQk6%2BbaFQ7jxNvUGMUKXViqq4m4hBAU3qsJzOvoyy91jrDILIWspJExyKNRumPlnYMR%2B2GYu9mmoH%2BHQdFZi19W25mEDw%2BEghE%2F7DY9tDhWMI2TXeEaHHt2Pgp%2FLaUB16FyZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
781eaf1a18dd994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
bootstrap.js
velocitycdn.com/script/ Frame E40D 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/bootstrap.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3431
x-guploader-uploadid
ADPycduw6t49T5jZQy43jrmyWzm9rcHllL1Pwhxmiler52JMv1eD9hq7po-4ZIzhC2SNjVJQGuvG3kyl3QSjyxmTcuJPCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:52:33 GMT
server
cloudflare
etag
W/"416f6928d8f3d8d66655abc097baca03"
vary
Accept-Encoding
x-goog-hash
crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation
1670939553826085
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OHh3qgB3PSKRezAMSu4lJg4O2c5h3M0Tg8VFS0wooZWQwCLmV4Gk1Oyuv0B6YQBb%2Fi1aqQte7avBtxSToDu6B3NEcKAaEXHluxpDWXXw%2BgGbiBjpTbQh717WZfeQpi%2FNrd11FGrPEnK4AyipGk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100623
cf-ray
781eaf1c0e559036-FRA
expires
Fri, 30 Dec 2022 23:14:02 GMT
crichdws.php
gocast2.com/ Frame E40D 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichdws.php?player=desktop&live=premieruk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoAkdy0iAsL6it0eqp17j2cdaabYeKp7FTnoMXvTRtyzwk7vlWjmljSYynBa8nDFymdwDDkKjC%2F5aF1LZULlCGS6a1nJ0oKNXVuD15sjaVBmN50c%2F2B8soGAkJW60x7FA7dhmV%2BFpVJuNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
781eaf1c3b5d994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
waufooke.com/5/5492412/ Frame E40D 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waufooke.com/5/5492412/?oo=1&aab=1
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 30 Dec 2022 23:51:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://gocast2.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
waufooke.com/ Frame E40D 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waufooke.com/tag.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
23551
x-trace-id
1d95454894199b9ce2d348d30f5b0217
pragma
no-cache
last-modified
Fri, 16 Dec 2022 15:52:36 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
js15_as.js
s10.histats.com/ Frame E40D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:50:27 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
485327562
premieruk.m3u8
t2.switchcast2.com/hls/ Frame E40D 		599 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.switchcast2.com:999/hls/premieruk.m3u8?md5=9lWsOnUKgD4UffoUSU8jEA&expires=1672451492
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.247.109.78 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f4473209d5ee2658634fc0a7e6b47988280d4487be0f3d540ebea76f0caa13a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:32 GMT
Last-Modified
Fri, 30 Dec 2022 23:51:26 GMT
Server
nginx/1.20.2
ETag
"63af797e-257"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
599
Expires
Fri, 30 Dec 2022 23:51:31 GMT
0.php
s4.histats.com/stats/ Frame E40D 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4704973&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fstream.crichd.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:84146486&@b3:1672444293&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgocast2.com%2Fcrichdws.php%3Fplayer%3Ddesktop%26live%3Dpremieruk&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
8b17c38bd742c76810b4bb2965184813bb40c4f1f06f92a5c00a70cc286d9a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:32 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
ut.js
velocitycdn.com/script/ Frame E40D 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1672444292542
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsQ1kB3T2MiquLiOne8cqTff6UOG8qowS42dlwGpgoIhkw1phbiYZZWAlMO6CZrEEn717EEGzPcIJfjIFNWx8yTnlEbvkqj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:55:49 GMT
server
cloudflare
etag
W/"d5903ccaed951c280d67f4188548e1e9"
vary
Accept-Encoding
x-goog-hash
crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation
1670939749168345
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I5Kt1jBN9eIYJIVjrH1ooDkxnw4L28CIbRbU9MTAppZgxG%2BJ4RArulgGaWmPSNCeiBUmOWBjPZv4WNOYXUhmVYwzU2AsSKS%2FWGsJizVfn2bjYzoG%2BBr84NjkuVpr9rh7ChadrHbp2EZfV09WhA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71395
cf-ray
781eaf1c6ec39036-FRA
expires
Sat, 31 Dec 2022 00:01:32 GMT
suurl4.php
youradexchange.com/script/ Frame E40D 		946 B
754 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=6330442&chmob=%3F0&cbur=0.03706914221534241&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
370e8d8ba877c326ed17312ee3bd65ab2c620de63e0bbcc7ed0352b0f5f3f256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
premieruk.m3u8
t2.switchcast2.com/hls/ Frame E40D 		599 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.switchcast2.com:999/hls/premieruk.m3u8?md5=9lWsOnUKgD4UffoUSU8jEA&expires=1672451492
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.247.109.78 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f4473209d5ee2658634fc0a7e6b47988280d4487be0f3d540ebea76f0caa13a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:32 GMT
Last-Modified
Fri, 30 Dec 2022 23:51:26 GMT
Server
nginx/1.20.2
ETag
"63af797e-257"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
599
Expires
Fri, 30 Dec 2022 23:51:31 GMT
premieruk-36488.ts
t2.switchcast2.com/hls/ Frame E40D 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.switchcast2.com:999/hls/premieruk-36488.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.247.109.78 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e9cfe387f95695b31a71f577e470126bb89b1e337b806f487f7ca56620bb3cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:32 GMT
Last-Modified
Fri, 30 Dec 2022 23:50:17 GMT
Server
nginx/1.20.2
ETag
"63af7939-1006f4"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1050356
Expires
Fri, 30 Dec 2022 23:51:31 GMT
json
pro.ip-api.com/ Frame E40D 		156 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
034792375031ac3ee8908f77794c9a3ddbb6b930871c0775d0ff547c71b24fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Dec 2022 23:51:32 GMT
Content-Length
156
Content-Type
application/json; charset=utf-8
bootstrap.js
huddhi.com/script/ Frame E40D 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huddhi.com/script/bootstrap.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:812c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 23:51:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1574
x-guploader-uploadid
ADPycduw6t49T5jZQy43jrmyWzm9rcHllL1Pwhxmiler52JMv1eD9hq7po-4ZIzhC2SNjVJQGuvG3kyl3QSjyxmTcuJPCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:52:33 GMT
server
cloudflare
etag
W/"416f6928d8f3d8d66655abc097baca03"
vary
Accept-Encoding
x-goog-hash
crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation
1670939553826085
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gETQIwS%2BojkbyA7G5SqFjUrJFaEewj6pvoZ2fHurSAN7JZoGmLhDC9fKPQjIKMRYVKHYBDkPEiWOq1JPEc%2FlHyU3OQnlQTIfq%2B1%2FhamJreuNMwU%2FeCcfdd7oz9oY4XkJemzhuSIn9PqR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100623
cf-ray
781eaf1ddaa791f5-FRA
expires
Sat, 31 Dec 2022 00:14:48 GMT
144eb493-6b55-411f-86c2-7d91163e6c9c
https://gocast2.com/ Frame E40D 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gocast2.com/144eb493-6b55-411f-86c2-7d91163e6c9c
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichdws.php?player=desktop&live=premieruk
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
channel
asia.web3-lab.com/v1/ Frame E40D 		0
0
premieruk-36488.ts
t2.switchcast2.com/hls/ Frame E40D 		1 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.switchcast2.com:999/hls/premieruk-36488.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.247.109.78 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-0

Response headers

Date
Fri, 30 Dec 2022 23:51:33 GMT
Last-Modified
Fri, 30 Dec 2022 23:50:17 GMT
Server
nginx/1.20.2
ETag
"63af7939-1006f4"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/1050356
Cache-Control
no-cache, no-cache
Connection
keep-alive
Content-Length
1
Expires
Fri, 30 Dec 2022 23:51:32 GMT
premieruk-36489.ts
t2.switchcast2.com/hls/ Frame E40D 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.switchcast2.com:999/hls/premieruk-36489.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.247.109.78 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
89d25a51b1a3b1ef152735743e8167f29900dab403be8d67165e897e9a74ba37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 23:51:33 GMT
Last-Modified
Fri, 30 Dec 2022 23:50:27 GMT
Server
nginx/1.20.2
ETag
"63af7943-11021c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1114652
Expires
Fri, 30 Dec 2022 23:51:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
asia.web3-lab.com
URL
https://asia.web3-lab.com:8443/v1/channel

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| fid string| v_width string| v_height object| isMobile string| embedded string| PlaySize string| scriptSrc string| path string| autoloadMarker object| attr object| _Hasync object| regeneratorRuntime boolean| s2ss1230 function| s2ss1230ff function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| user_engagement1230 string| utsid-send object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
stream.crichd.vip/ Name: HstCfa4599824
Value: 1672444292082
stream.crichd.vip/ Name: HstCla4599824
Value: 1672444292082
stream.crichd.vip/ Name: HstCmu4599824
Value: 1672444292082
stream.crichd.vip/ Name: HstPn4599824
Value: 1
stream.crichd.vip/ Name: HstPt4599824
Value: 1
stream.crichd.vip/ Name: HstCnv4599824
Value: 1
stream.crichd.vip/ Name: HstCns4599824
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://gocast2.com/crichdws.js(Line 35)
Message:
Unrecognized feature: 'autoplay,'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
asia.web3-lab.com
cdn.jsdelivr.net
code.jquery.com
gocast2.com
huddhi.com
maxcdn.bootstrapcdn.com
pro.ip-api.com
s10.histats.com
s4.histats.com
stream.crichd.vip
t2.switchcast2.com
ulried.com
velocitycdn.com
waufooke.com
youradexchange.com
asia.web3-lab.com
139.45.197.238
149.56.240.128
2001:4de0:ac18::1:a:3a
2606:4700:3030::6815:42d2
2606:4700:3031::6815:888
2606:4700:3033::6815:162d
2606:4700:3033::ac43:8b81
2606:4700:3035::ac43:812c
2606:4700::6812:acf
2a00:1450:400d:80c::200a
2a04:4e42:400::485
2a06:98c1:3120::c
35.190.41.116
46.105.201.240
51.77.64.70
77.247.109.78
020c9741f6bfa5928c8da4f421365d737e962801fa2dac7f21e77a8f6da208e6
034792375031ac3ee8908f77794c9a3ddbb6b930871c0775d0ff547c71b24fcd
13da51b6f7fb4fd6cb5663abd069d716d1176e552e152a7f0e1736360e94b9d9
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
370e8d8ba877c326ed17312ee3bd65ab2c620de63e0bbcc7ed0352b0f5f3f256
448994772b4093a8fb538dc8af19a44f8783b047affd8c38057a61f5b5f9475a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
89d25a51b1a3b1ef152735743e8167f29900dab403be8d67165e897e9a74ba37
8b17c38bd742c76810b4bb2965184813bb40c4f1f06f92a5c00a70cc286d9a73
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39
9801023533a726c745f99fecaaa608e0f1c85b7e4a562f044108ccc67c692519
9fcd8a1ad62d5b5635d7edb9ef20830c162e7d5e079a5a07f4058299ed55885b
a85f91ea4ef2f4274e22db1663ace24d1ea5982c9270e276e680720d2eead289
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e632a181423f7d4e1456a4ccf68789d5c8d2437b484715d9545dbc26b086a330
e9cfe387f95695b31a71f577e470126bb89b1e337b806f487f7ca56620bb3cb4
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c
ee3c30308362e25adfbed37a005e0dc473a555d49c929b39357d8e7e02320370
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f4473209d5ee2658634fc0a7e6b47988280d4487be0f3d540ebea76f0caa13a3