urlscan.io logo urlscan.io
SecurityTrails logo

tfforospusu.cc Open in urlscan Pro
2606:4700:3030::ac43:d3ed  Public Scan

Go To Rescan Add Verdict Report
URL: http://tfforospusu.cc/futbolcafe/live/player/
Submission: On November 19 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::ac43:d3ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is tfforospusu.cc.
This is the only time tfforospusu.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 104.17.98.93 13335 (CLOUDFLAR...)
1 9 23.60.108.116 16625 (AKAMAI-AS)
1 2404:6800:400... 15169 (GOOGLE)
1 23.44.53.234 20940 (AKAMAI-ASN1)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
22 7
4    2606:4700:3030::ac43:d3ed (United States)

ASN13335 (CLOUDFLARENET, US)
tfforospusu.cc
4    104.17.98.93 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
demos.jquerymobile.com
9    23.60.108.116 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-108-116.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    23.44.53.234 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-234.deploy.static.akamaitechnologies.com
z.moatads.com
4    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
Apex Domain
Subdomains		 Transfer
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1569
m.addthis.com — Cisco Umbrella Rank: 1549
api-public.addthis.com — Cisco Umbrella Rank: 4303
218 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 16679 Failed
widgets.amung.us — Cisco Umbrella Rank: 25156
3 KB
4 jquerymobile.com
demos.jquerymobile.com
164 KB
4 tfforospusu.cc
tfforospusu.cc
7 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1764
883 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 406
1 KB
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 10122
699 KB
22 7
Domain Requested by
4 s7.addthis.com 1 redirects tfforospusu.cc
s7.addthis.com
4 demos.jquerymobile.com tfforospusu.cc
demos.jquerymobile.com
4 tfforospusu.cc 1 redirects tfforospusu.cc
demos.jquerymobile.com
3 api-public.addthis.com s7.addthis.com
2 widgets.amung.us tfforospusu.cc
2 whos.amung.us tfforospusu.cc
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 1.bp.blogspot.com tfforospusu.cc
22 10

This site contains links to these domains. Also see Links.

Domain
ref.gitadres.com
twitter.com
bit.ly
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh

This page contains 5 frames:

Primary Page: http://tfforospusu.cc/futbolcafe/live/player/
Frame ID: 2D51CD7EF495B61B50DCFB8C714DACD2
Requests: 20 HTTP requests in this frame

Frame: http://tfforospusu.cc/sayac.html
Frame ID: F44B5356122AF81076F2DAD1A19093F9
Requests: 1 HTTP requests in this frame

Frame: http://tfforospusu.cc/sayac.html
Frame ID: 22C84D6A54A9E6D0699D0131557D7B1D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 30D8ACC14C88C0DE632E35A4F570574C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B5E9F4F34C5DBCF1C23D7E888B02E632
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FutbolcafeFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

  1. http://tfforospusu.cc/futbolcafe/live/player HTTP 301
    http://tfforospusu.cc/futbolcafe/live/player/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

59 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

7
IPs

4
Countries

1093 kB
Transfer

2075 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tfforospusu.cc/futbolcafe/live/player HTTP 301
    http://tfforospusu.cc/futbolcafe/live/player/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 13
  • https://whos.amung.us/cwidget/ligtvmax/000000ffffff1668845107000 HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
Request Chain 22
  • https://whos.amung.us/cwidget/ligtvmax/000000ffffff1668845109000 HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tfforospusu.cc/futbolcafe/live/player/
Redirect Chain
  • http://tfforospusu.cc/futbolcafe/live/player
  • http://tfforospusu.cc/futbolcafe/live/player/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tfforospusu.cc/futbolcafe/live/player/
Protocol
HTTP/1.1
Server
2606:4700:3030::ac43:d3ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8967275c5d31ac01a368d96000f4637c40c524a572bf9130ea897b3d24f331b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin
*
CF-Cache-Status
REVALIDATED
CF-RAY
76c7705b4a38af4e-NRT
Cache-Control
max-age=14400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 19 Nov 2022 08:05:06 GMT
Last-Modified
Sat, 12 Nov 2022 11:16:23 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXm2Z4no%2FZ2qEfdfOuBmKRdMHNdGQznWzKo0Y3cYPwbM8Q9BzZpzz2A3PQGjTKZhGHkYzkVOVv02mhUPFafqVqpaKjXqT1R6NeKxDP8lMhEfDwLcR6CSaR%2BAX7dCU%2BaDhJeCVhJnaLZifLuDeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
CF-Cache-Status
EXPIRED
CF-RAY
76c77057eea9af4e-NRT
Cache-Control
max-age=14400
Connection
keep-alive
Content-Type
text/html
Date
Sat, 19 Nov 2022 08:05:06 GMT
Location
http://tfforospusu.cc/futbolcafe/live/player/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKmChlyVRXiClJqY8fDVJb7v%2BbdE4Nvl0HnRLmVpeEFF3m3jCL%2FHKFkSQhM43A0AxpItAC5dwxcCt%2F2vSJSGzYDi3mg%2BVq78QkQHP%2BSqY%2BtQjjCuCr%2BemkLYDpWpoajiUJG5L4l%2BMsaEw8U%2FZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery.mobile-1.4.5.min.css
demos.jquerymobile.com/1.4.5/css/themes/default/ 		203 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demos.jquerymobile.com/1.4.5/css/themes/default/jquery.mobile-1.4.5.min.css
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.98.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 20 Feb 2015 01:14:44 GMT
server
cloudflare
age
85651
etag
W/"54e68a84-32a69"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
76c7705f8ef7344b-NRT
expires
Sun, 20 Nov 2022 08:05:07 GMT
jquery.js
demos.jquerymobile.com/1.4.5/js/ 		267 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demos.jquerymobile.com/1.4.5/js/jquery.js
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.98.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Feb 2015 01:14:44 GMT
server
cloudflare
etag
W/"54e68a84-42b2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
cf-ray
76c7705f8ef8344b-NRT
expires
Sun, 20 Nov 2022 08:05:07 GMT
jquery.mobile-1.4.5.min.js
demos.jquerymobile.com/1.4.5/js/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://demos.jquerymobile.com/1.4.5/js/jquery.mobile-1.4.5.min.js
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.98.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 20 Feb 2015 01:14:44 GMT
server
cloudflare
age
14387
etag
W/"54e68a84-30dcf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
cf-ray
76c7705f8ef9344b-NRT
expires
Sun, 20 Nov 2022 08:05:07 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sat, 19 Nov 2022 08:05:07 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
x-host
s7.addthis.com
content-length
116325

Redirect headers

Date
Sat, 19 Nov 2022 08:05:07 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
728x90.gif
1.bp.blogspot.com/-z_c4N0V8Q_s/XuqywSzuXgI/AAAAAAAADZY/hCVEjIyF8W8xvrxVM0COvHlcCYhREBk0wCLcBGAsYHQ/s1600/ 		698 KB
699 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-z_c4N0V8Q_s/XuqywSzuXgI/AAAAAAAADZY/hCVEjIyF8W8xvrxVM0COvHlcCYhREBk0wCLcBGAsYHQ/s1600/728x90.gif
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7514526e1a77a51e60761049d95fd8bc5294cfe9d516e68f76dc9c506babf6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:07 GMT
x-content-type-options
nosniff
server
fife
etag
"vd9a"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="728x90.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
715230
x-xss-protection
0
expires
Sun, 20 Nov 2022 08:05:07 GMT
000000ffffff.png
whos.amung.us/cwidget/ligtvmax/ 		0
0
email-decode.min.js
tfforospusu.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tfforospusu.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
HTTP/1.1
Server
2606:4700:3030::ac43:d3ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 08:05:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 15 Nov 2022 17:59:54 GMT
Server
cloudflare
ETag
W/"6373d39a-4d7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUpU1tBmKncwIgloFW5Vb%2B1XgL2hu1rWkaWH0iTzPK%2Bbsg3iE7KrjatcqRDd%2FChv%2FYeUnvRxk49VNMTgpFZ%2F6Z80%2Bj2oAi%2Frg44NetHjt7PhLXfxTqHhnyIiJnpLru5PHZX77%2FUpRJN858sOOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
76c77061c99aaf4e-NRT
Expires
Mon, 21 Nov 2022 08:05:07 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://tfforospusu.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:07 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
1B84A45482DD6A2C
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=17719
accept-ranges
bytes
content-length
948
x-amz-id-2
APp8RPk3VQL4poY6SbECmJnvVEBMc8a2hilkF9qPMyTJpjeNIPXZMDbHPZZhD7eLbl+7YMLs9M8=
sayac.html
tfforospusu.cc/ Frame F44B 		0
0
truncated
/ 		491 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
759bf8f6b717a1c2683aba80171e40dba96dc142cc99cfa201a18a979eb908d6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
sayac.html
tfforospusu.cc/ Frame 22C8 		580 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tfforospusu.cc/sayac.html
Requested by
Host: demos.jquerymobile.com
URL: https://demos.jquerymobile.com/1.4.5/js/jquery.js
Protocol
HTTP/1.1
Server
2606:4700:3030::ac43:d3ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

CF-Cache-Status
EXPIRED
CF-RAY
76c77063889ae055-NRT
Cache-Control
max-age=14400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 19 Nov 2022 08:05:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFuQzozHH%2BiZslh11FkfJhofZjzRtkSxNFLusOoHOoeBQV3BgW5RBxXFCAbsdmSm7G6vPd2XOtyxXZdEK7eNaz7BgdMlkjWLTjG8i9phUWFvd3YS7biTehF5QJi8C5Rp10Spp%2BdAkHYwdM6VXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
ajax-loader.gif
demos.jquerymobile.com/1.4.5/css/themes/default/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demos.jquerymobile.com/1.4.5/css/themes/default/images/ajax-loader.gif
Requested by
Host: demos.jquerymobile.com
URL: https://demos.jquerymobile.com/1.4.5/css/themes/default/jquery.mobile-1.4.5.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.98.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://demos.jquerymobile.com/1.4.5/css/themes/default/jquery.mobile-1.4.5.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:08 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Feb 2015 01:14:44 GMT
server
cloudflare
etag
"54e68a84-1862"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c770635a36344b-NRT
content-length
6242
expires
Sun, 20 Nov 2022 08:05:08 GMT
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d452127055d4599cf9236fbf24e6b38b79f6a51b5e18b96e1986b445af22dc53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/ligtvmax/000000ffffff1668845107000
  • https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
Requested by
Host: tfforospusu.cc
URL: http://tfforospusu.cc/futbolcafe/live/player/
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b670d475622d7406ef16587a889c59dcc2983812e74b99650e9b1932ebb4e8a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:08 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 01:47:29 GMT
server
cloudflare
age
281859
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
76c770653dd7af79-NRT
expires
Thu, 17 Nov 2022 01:47:29 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
date
Sat, 19 Nov 2022 08:05:07 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c77063fc60af79-NRT
content-type
text/html; charset=UTF-8
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-56cb5ecc691c1445/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-56cb5ecc691c1445/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
376647b4fbee5bd28f3903e870a5733f6fdf4203ffb10105000c4d43a7392cb1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:08 GMT
content-encoding
gzip
etag
-770062680--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
707
300lo.json
m.addthis.com/live/red_lojson/ 		101 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63788e338901b0fd&bkl=0&bl=1&pdt=1158&sid=63788e338901b0fd&pub=ra-56cb5ecc691c1445&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=tfforospusu.cc&fp=futbolcafe%2Flive%2Fplayer%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1668845107730&jsl=1&uvs=63788e33f55bf295000&skipb=1&callback=addthis.cbs.jsonp__64527323757657820
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abd5a3218362773a3fc2dbb27e792fd3334f026577b9cc0792f2c0fe781c6c6d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Sat, 19 Nov 2022 08:05:08 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
101
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 30D8 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B5E9 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Sat, 19 Nov 2022 08:05:07 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sat, 19 Nov 2022 08:05:08 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
shares.json
api-public.addthis.com/url/ 		33 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Ftfforospusu.cc%2Ffutbolcafe%2Flive%2Fplayer%2F&callback=_ate.cbs.rcb_kl0v0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
0e9d30924cc074047372f7aefdb3f67c2050d6187174bb5184e30e0fa241c1e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
tfforospusu.cc/futbolcafe/live/player/
last-modified
Sat, 19 Nov 2022 08:05:09 GMT
server
nginx/1.15.8
date
Sat, 19 Nov 2022 08:05:09 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ftfforospusu.cc%2Ffutbolcafe%2Flive%2Fplayer%2F
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 19 Nov 2022 08:05:09 GMT
surrogate-key
sFbt=https://tfforospusu.cc/futbolcafe/live/player/
last-modified
Sat, 19 Nov 2022 08:00:00 GMT
server
nginx/1.15.8
content-type
application/json
access-control-allow-origin
http://tfforospusu.cc
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		32 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Ftfforospusu.cc%2Ffutbolcafe%2Flive%2Fplayer%2F&callback=_ate.cbs.rcb_2oi0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.116 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-116.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
8c567c005318d35e84bd0c4d76ca2c7b52fd4c0060c0af7146055edb7b93f8b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
tfforospusu.cc/futbolcafe/live/player/
last-modified
Sat, 19 Nov 2022 08:05:09 GMT
server
nginx/1.15.8
date
Sat, 19 Nov 2022 08:05:09 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
52
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/cwidget/ligtvmax/000000ffffff1668845109000
  • https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b670d475622d7406ef16587a889c59dcc2983812e74b99650e9b1932ebb4e8a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 08:05:10 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 01:47:29 GMT
server
cloudflare
age
281861
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
76c770723ca0af79-NRT
expires
Thu, 17 Nov 2022 01:47:29 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=176&c=000000ffffff&p=left
date
Sat, 19 Nov 2022 08:05:10 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c770711b83af79-NRT
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/cwidget/ligtvmax/000000ffffff.png?
Domain
tfforospusu.cc
URL
http://tfforospusu.cc/sayac.html
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| jQuery1102022160477103942267 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| setAttributeOnload function| Image object| addthis_config object| addthis_share boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

10 Cookies

Domain/Path Name / Value
tfforospusu.cc/ Name: __atuvc
Value: 1%7C46
tfforospusu.cc/ Name: __atuvs
Value: 63788e33f55bf295000
.addthis.com/ Name: uvc
Value: 1%7C46
.addthis.com/ Name: ouid
Value: 63788e340001f243384a63ccb8e6e0d6340fd3d6e98e490f0639
.addthis.com/ Name: di2
Value: aVT{j#%If#$M`M3qM3pM3oM3nM-tM-sM-_IDfI6y6Hq#1:R#19w
.addthis.com/ Name: um
Value: j.'2022111908050855900544357187'
.addthis.com/ Name: uid
Value: 63788e340991fa08
.addthis.com/ Name: na_id
Value: 2022111908050855900544357187
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: loc
Value: MDAwMDBBU0pQMjMyMTUyMzE2MTAwMzAwMDBDSA==

1 Console Messages

Source Level URL
Text
network error URL: http://tfforospusu.cc/sayac.html
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
api-public.addthis.com
demos.jquerymobile.com
m.addthis.com
s7.addthis.com
tfforospusu.cc
v1.addthisedge.com
whos.amung.us
widgets.amung.us
z.moatads.com
s7.addthis.com
tfforospusu.cc
whos.amung.us
104.17.98.93
23.44.53.234
23.60.108.116
2404:6800:4004:822::2001
2606:4700:10::6816:4bab
2606:4700:3030::ac43:d3ed
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0e9d30924cc074047372f7aefdb3f67c2050d6187174bb5184e30e0fa241c1e8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979
376647b4fbee5bd28f3903e870a5733f6fdf4203ffb10105000c4d43a7392cb1
3b670d475622d7406ef16587a889c59dcc2983812e74b99650e9b1932ebb4e8a
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
759bf8f6b717a1c2683aba80171e40dba96dc142cc99cfa201a18a979eb908d6
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8c567c005318d35e84bd0c4d76ca2c7b52fd4c0060c0af7146055edb7b93f8b2
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
abd5a3218362773a3fc2dbb27e792fd3334f026577b9cc0792f2c0fe781c6c6d
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
c8967275c5d31ac01a368d96000f4637c40c524a572bf9130ea897b3d24f331b
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895
d452127055d4599cf9236fbf24e6b38b79f6a51b5e18b96e1986b445af22dc53
e7514526e1a77a51e60761049d95fd8bc5294cfe9d516e68f76dc9c506babf6c