urlscan.io logo urlscan.io
SecurityTrails logo

play9str.playm4u.xyz Open in urlscan Pro
2606:4700:3037::ac43:c519  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b#ur
Effective URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Submission Tags: 0xscam
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::ac43:c519, located in United States and belongs to CLOUDFLARENET, US. The main domain is play9str.playm4u.xyz. The Cisco Umbrella rank of the primary domain is 478819.
TLS certificate: Issued by GTS CA 1P5 on May 29th 2024. Valid for: 3 months.
This is the only time play9str.playm4u.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 8
5    2606:4700:3037::ac43:c519 (United States)

ASN13335 (CLOUDFLARENET, US)
play9str.playm4u.xyz
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
views.9stream.net
1    2606:4700:3034::6815:5cb8 (United States)

ASN13335 (CLOUDFLARENET, US)
api-post-iframe-rd.playm4u.xyz
Apex Domain
Subdomains		 Transfer
6 playm4u.xyz
play9str.playm4u.xyz — Cisco Umbrella Rank: 478819
api-post-iframe-rd.playm4u.xyz — Cisco Umbrella Rank: 493988
12 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
975 B
1 9stream.net
views.9stream.net — Cisco Umbrella Rank: 406314
448 B
1 gstatic.com
www.gstatic.com
206 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
38 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
14 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
31 KB
12 7
Domain Requested by
5 play9str.playm4u.xyz 1 redirects play9str.playm4u.xyz
2 www.google.com play9str.playm4u.xyz
www.gstatic.com
1 api-post-iframe-rd.playm4u.xyz ajax.googleapis.com
1 views.9stream.net ajax.googleapis.com
1 www.gstatic.com www.google.com
1 cdn.jsdelivr.net play9str.playm4u.xyz
1 cdnjs.cloudflare.com play9str.playm4u.xyz
1 ajax.googleapis.com play9str.playm4u.xyz
12 8

This site contains no links.

Subject Issuer Validity Valid
playm4u.xyz
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
9stream.net
GTS CA 1P5		 2024-04-30 -
2024-07-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Frame ID: 47506574906D69A734985FA0443F8FD3
Requests: 9 HTTP requests in this frame

Frame: https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 3618808D915AFB28D3C790CB5BBFC0C9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDmI8lAAAAACAzjErG18jvZRGf0Y0t-lbeE-fz&co=aHR0cHM6Ly9wbGF5OXN0ci5wbGF5bTR1Lnh5ejo0NDM.&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=rvzjk4cy76mt
Frame ID: 5682D68B567B58024FEEA58D34BA3B94
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

302 kB
Transfer

787 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 653c87dcf16f8d0c5a623e6b
play9str.playm4u.xyz/play/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42191a43199affdb6a6572f579f2c74941da956c2c1132b9ec3d6dc20a43bbe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600
cf-cache-status
HIT
cf-ray
896295a7ac792bb2-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 09:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fficZNKuWZjFG1bhoKtyl9ZkjqQdCPlgZXX6uWr1Ue9TcBznFRJcfhFeAMpTXP53j6p%2BJiW9lnUisBLH9jE85CzFxQDPdMlz3%2BSnZqhlGb1N6U9UqCRpFJCZvqO8f71TITwBIl3pvtY2iVacTcLUhhc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 04:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 04:51:07 GMT
api.js
www.google.com/recaptcha/ 		1 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfDmI8lAAAAACAzjErG18jvZRGf0Y0t-lbeE-fz
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c53049db77513563e69b15571a621ab552d376c1fbb9802150f9b1f604a20482
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 19 Jun 2024 09:45:09 GMT
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEcNYR3TUbsrWy21J3KPLoQ02m63%2F%2FnETgMN5lishRsvbbTI%2FmGsOGpZNpux25eJuJpfTArTAa0wTJMolm4ydDPHLackNvW%2FemIg9VxMZshYMgKil9tQ2eBNlkscuFre307afXrFP1yg3qKB8%2Bsl7xbT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
896295a8199a975b-FRA
expires
Mon, 09 Jun 2025 09:45:09 GMT
jwplayer.js
cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
74989125e5098689ba79fe01185920f68d6784fa6063a50948be40d84e730aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 09:45:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
2371322
x-jsd-version
1.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
38327
x-served-by
cache-fra-eddf8230109-FRA
x-jsd-version-type
version
etag
W/"1bba4-kHqkJRBgveO9ddV0S7Xb+XQI8CM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ 		518 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfDmI8lAAAAACAzjErG18jvZRGf0Y0t-lbeE-fz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://play9str.playm4u.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210217
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 13:37:47 GMT
main.js
play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 3618
Redirect Chain
  • https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/play/653c87dcf16f8d0c5a623e6b
Protocol
H3
Server
2606:4700:3037::ac43:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a051128d2d96e9c9af6e6cf07658edb3c54591fe822274a4adf8cf8a1798024b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
content-encoding
zstd
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lR%2Fz%2ByDLoQiGrdLlSIHXCqXxYwcKgRecVI5kqV1HDw1hKVQrVOillOfOhJjUFTI03x8Imy424MgRXE5M29HjsXrMip%2Fn4B27t9Xjx0W5QuVbUbGXpwG2SC%2B2F06CR0CfW1Ozf5dWTxOFVUvrCxiMXqvxSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
896295a88d932bb2-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 19 Jun 2024 09:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGcyQn%2FBYkFvtjSknUuwDMQNKcBeowFBbV4NG4aiEvBhkmkR%2BZki7cYXVXTOvUQs1RGHnE8lHq%2F0C9oB1ARmbLr8VqG2rCz4nZCfyAC6RkEev4QbhSniGtpWO5SP9JFzzlluX7n5pJO1%2BBSgLK2HcInYpg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control
max-age=300, public
cf-ray
896295a86d642bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
653c87dcf16f8d0c5a623e6b
views.9stream.net/view/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://views.9stream.net/view/653c87dcf16f8d0c5a623e6b
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZK3kwXqFSIyVdcp%2BnxBAYxovzBySoMfTL2Y62%2FRh%2FaQKTfjENeLP%2FY5KogZ3ls9V%2BKktjEyGHpVLd6pXQWEHLzIjmmcJB3YCsqCV9%2FzcGXh44AxlHHOlc2QVbklB7HTnIn3nWaq3NNeCKFCmWMUCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
896295a898671c15-FRA
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 5682 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDmI8lAAAAACAzjErG18jvZRGf0Y0t-lbeE-fz&co=aHR0cHM6Ly9wbGF5OXN0ci5wbGF5bTR1Lnh5ejo0NDM.&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=rvzjk4cy76mt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UO72eLBNWLGXCq6ijfJFuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UO72eLBNWLGXCq6ijfJFuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 09:45:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
896295a7ac792bb2
play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3618 		0
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/896295a7ac792bb2
Requested by
Host: play9str.playm4u.xyz
URL: https://play9str.playm4u.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2mzZqcrvAMy9u8tBqqGucDfNSJ%2FDH1sKNwja7ymgXwjZukfylZ9CpNfmczxeOHL2UQYKEGUCCD8w4TO6Lsvb0FhZqJXQEeAzlTJ6fhmlZ%2BE2r5p%2BOFoj8r3xaDLWak9VUurBXGtit6nI3VazHmOpxEDTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
896295a93eb12bb2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
play9str.playm4u.xyz/ 		555 B
596 B 		Other
General
Check archive.org
Download Go to
Full URL
https://play9str.playm4u.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178ff99b1e096142e2e190f16881076c3ee74082f161f943e57dd4acf2f64fd1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
content-encoding
zstd
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUXxpGk6oMLAGoC0TdQIHUBQryVeTKQoNMopWm%2F9ifR2uF6hTSDDva5GGmsPCNzchFxQmwau8eHMcSXvf7F88GsIx7LrJNqWkpG5inKsfz6vtzFKJvl8S3ApLXxXalHe0Mal6gVYWfg04nYTuCzEudA4Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
896295a9df792bb2-FRA
alt-svc
h3=":443"; ma=86400
playiframe
api-post-iframe-rd.playm4u.xyz/api/ 		42 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-post-iframe-rd.playm4u.xyz/api/playiframe
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5cb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048b9d6187ed43d22ac1723fdafe59ef850df9023a9e2df88d3d4debb75373ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 09:45:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2a-W5d4dPxy+lxyMg+zbtL5JA7mTic"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgM2C7IypgoUSjsKZt8qyfdLo46t0SRxRIeRWJfjBWhl1iBATTQq6DsEWKpIjIqkXtptkItP6E4%2Fp6hU12LJxUNE22q7oNzzKFmBepUjycxwDpdxh7HxLeZNNINixxnWhqEym5Phd5LunMVHIBiLqgJWoypTOI%2Bu0NZfAfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://play9str.playm4u.xyz
cf-ray
896295abaeff3a74-FRA
alt-svc
h3=":443"; ma=86400
content-length
42

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| CryptoJS object| webpackJsonpjwplayer function| jwplayer string| idfile string| idUser string| DOMAIN_API string| NameKeyV3 function| getParam function| loadPlayer function| Storage_PLHQ function| mahoa_data function| caesarShift function| String2Hex function| arraytom3u8_blob_rd_9stream function| getHashFromSTR object| recaptcha object| closure_lm_791649

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABjjTdXjsy4wOzaL-LHUmabSQImMZvueGEYfuXieIPIt_xNjqt9oL2rEdjqSaswYfl-8yudW5j3X3KoTsDGrnoU
.playm4u.xyz/ Name: cf_clearance
Value: SHp80mtU3J7tYu5rBbAvhdRYsqbuPjTMsXANuj5vmxw-1718790309-1.0.1.1-AZw9FsJCpIVrP9f_Pimfn6wkPB3wJHxNRRPTJ_IzCRLltSS.GMBN0f8KjqJerAgOLgPtM83m39blJlPJ1Xj9jw

1 Console Messages

Source Level URL
Text
network error URL: https://play9str.playm4u.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()