urlscan.io logo urlscan.io
SecurityTrails logo

stream.crichd.vip Open in urlscan Pro
2606:4700:3033::ac43:8b81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://stream.crichd.vip/update/skys1.php
Effective URL: https://stream.crichd.vip/update/skys1.php
Submission: On October 31 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 21 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3033::ac43:8b81, located in United States and belongs to CLOUDFLARENET, US. The main domain is stream.crichd.vip. The Cisco Umbrella rank of the primary domain is 742125.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2022. Valid for: a year.
This is the only time stream.crichd.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (STACKPATH...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 178.162.196.156 28753 (LEASEWEB-...)
2 2600:9000:225... 16509 (AMAZON-02)
1 192.99.8.28 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.64.173.27 13335 (CLOUDFLAR...)
2 18.66.147.42 16509 (AMAZON-02)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
5 37.49.224.221 213371 (SQUITTER-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.190.41.116 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
44 22
2    2606:4700:3033::ac43:8b81 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.crichd.vip
6    2606:4700:3030::6815:42d2 (United States)

ASN13335 (CLOUDFLARENET, US)
gocast2.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    178.162.196.156 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
vmuid.com
origunix.com
tartator.com
2    2600:9000:225e:3600:14:63a1:c340:21 (United States)

ASN16509 (AMAZON-02, US)
d27x9po2cfinm5.cloudfront.net
1    192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
2    2606:4700:3030::6815:2e74 (United States)

ASN13335 (CLOUDFLARENET, US)
uptimecdn.com
2    172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    18.66.147.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-42.fra60.r.cloudfront.net
pearanceofam.xyz
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
lainmpatoio.xyz
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
5    37.49.224.221 (Belize)

ASN213371 (SQUITTER-NETWORKS, NL)
go2.gocast2.com
1    2606:4700:3033::6815:2cca (United States)

ASN13335 (CLOUDFLARENET, US)
alcult.com
1    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
asia.web3-lab.com
Apex Domain
Subdomains		 Transfer
11 gocast2.com
gocast2.com — Cisco Umbrella Rank: 261644
go2.gocast2.com — Cisco Umbrella Rank: 940746
2 MB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 77
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
207 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 665
118 KB
2 lainmpatoio.xyz
lainmpatoio.xyz
953 B
2 pearanceofam.xyz
pearanceofam.xyz
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 26015
101 KB
2 uptimecdn.com
uptimecdn.com — Cisco Umbrella Rank: 438813
60 KB
2 cloudfront.net
d27x9po2cfinm5.cloudfront.net
54 KB
2 vmuid.com
vmuid.com — Cisco Umbrella Rank: 118951
11 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 18443
s4.histats.com — Cisco Umbrella Rank: 15595
5 KB
2 crichd.vip
stream.crichd.vip — Cisco Umbrella Rank: 742125
2 KB
1 web3-lab.com
asia.web3-lab.com — Cisco Umbrella Rank: 233013
738 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5218
330 B
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 37062
956 B
1 alcult.com
alcult.com
34 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
1 tartator.com
tartator.com — Cisco Umbrella Rank: 27624
135 KB
1 origunix.com
origunix.com — Cisco Umbrella Rank: 206377
373 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 699
11 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
30 KB
44 21
Domain Requested by
6 gocast2.com stream.crichd.vip
gocast2.com
5 go2.gocast2.com cdn.jsdelivr.net
4 accounts.google.com 2 redirects gocast2.com
4 cdn.jsdelivr.net gocast2.com
3 code.jquery.com gocast2.com
2 lainmpatoio.xyz gocast2.com
2 pearanceofam.xyz d27x9po2cfinm5.cloudfront.net
2 pogothere.xyz d27x9po2cfinm5.cloudfront.net
2 uptimecdn.com gocast2.com
uptimecdn.com
2 d27x9po2cfinm5.cloudfront.net gocast2.com
pearanceofam.xyz
2 vmuid.com gocast2.com
vmuid.com
2 stream.crichd.vip 1 redirects
1 asia.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 youradexchange.com uptimecdn.com
1 alcult.com gocast2.com
1 www.facebook.com gocast2.com
1 s4.histats.com s10.histats.com
1 tartator.com gocast2.com
1 origunix.com 1 redirects
1 maxcdn.bootstrapcdn.com gocast2.com
1 ajax.googleapis.com gocast2.com
1 s10.histats.com stream.crichd.vip
44 23

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-03		 a year crt.sh
*.gocast2.com
E1		 2022-10-07 -
2023-01-05		 3 months crt.sh
histats.com
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
vmuid.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.pogothere.xyz
E1		 2022-09-04 -
2022-12-03		 3 months crt.sh
pearanceofam.xyz
Amazon RSA 2048 M02		 2022-10-23 -
2023-11-21		 a year crt.sh
*.lainmpatoio.xyz
E1		 2022-10-23 -
2023-01-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-10 -
2022-11-08		 3 months crt.sh
go2.gocast2.com
R3		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.alcult.com
E1		 2022-10-30 -
2023-01-28		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh

This page contains 4 frames:

Primary Page: https://stream.crichd.vip/update/skys1.php
Frame ID: 564DDB888D8FC4EC4111C059E88F4E0E
Requests: 4 HTTP requests in this frame

Frame: https://gocast2.com/crichd.php?player=desktop&live=skysme
Frame ID: FABB198CA7FB5E70D2D903D500D499D4
Requests: 37 HTTP requests in this frame

Frame: https://gocast2.com/ad.html
Frame ID: CDF36F7C1208C87A14CD0227E4ACE660
Requests: 1 HTTP requests in this frame

Frame: https://pearanceofam.xyz/NnhkREFXGgcpfldFBmI0RBRZYXNwXVYCJQRPHH0xWUoHIihYFVFqIloXESAnRBcKMG9YHRBhc3A3KXYTZhsOChB1ASERBXMbKg9xDjMmEnAOKxMJF3ISEyAZYzY+DRRgIQUjAEcqDygnZxIXDRdBTTElEwMrPBUPTy4iHiV0Sy4AB2AxJQgUDjAiFgATSiIMF1E3Jj0mei0ydAJmEBAlF10xUgE2Ax0nPhRUIFV8B1cTJnUDXQhBdgdgDyEAFXIfBhwXVTQrBQRhOTIVKXQQPQYXfk0nDBB4OgIAAGE5MhV1cUlUAhRxCCYnE2wvAjMucDpUdTBnOSoXB3JVXCEXXSkmCBNaGTZ0Bw82JR0AY0oiBgNkIjMicEYhMzwAXzAMHQN8ShQFAAdAKg4DVS8lEhBZPlUGGHVKPhwAZzUsDjZ0GzwjB0cpLBECYDAMJwBOSTYiBH8wLBI5Ai4TAQVwAVARFF09KiUqdEkmKCUCICUFB2cSFBQAUV4ONy5YCFkqdl0hACF1TBQ
Frame ID: 71123125D6593F34EA5F15AFC5999933
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://stream.crichd.vip/update/skys1.php HTTP 301
    https://stream.crichd.vip/update/skys1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

44
Requests

91 %
HTTPS

57 %
IPv6

21
Domains

23
Subdomains

22
IPs

6
Countries

2326 kB
Transfer

3550 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://stream.crichd.vip/update/skys1.php HTTP 301
    https://stream.crichd.vip/update/skys1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://origunix.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539 HTTP 302
  • https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
Request Chain 28
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S2014105665%3A1667233968438564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSV9o8FMDbzzgmRoIy41Rk1qJZislOmX3xrnpVTM7AS1vK8WmjaJfSV6mRSadPuzMIdq064A
Request Chain 29
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1257692490%3A1667233968481991&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWomLIxdAUYS18NyoVoajHrtyk1NxtuM9mbOn9T0-utLFrZr_dziPdqhjolVtQhcgPfmxak9bw

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request skys1.php
stream.crichd.vip/update/
Redirect Chain
  • http://stream.crichd.vip/update/skys1.php
  • https://stream.crichd.vip/update/skys1.php
817 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
f9686f74416d8469e9fb6f8cf8364b28598b3c94c88ed609c1c9cc09b329f17c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762dc9e7af969153-FRA
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 16:32:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB5q%2BsjU1suHG0ygTpvdbd9e%2FeyU3pKwr6y%2FdFa896k0CoSSBBEphXTGuw885xOCA5%2BxU4Ubdfi6TlKozjwWiXtvsAzcZS%2FQGJdUbsl5mEmrxOYsm7OhPKn1fgDKgkM5LeBdxK6PK63hcgiMwNRqJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

CF-RAY
762dc9e6acb79b71-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 31 Oct 2022 16:32:47 GMT
Expires
Mon, 31 Oct 2022 17:32:47 GMT
Location
https://stream.crichd.vip/update/skys1.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQcAaFnZ%2Bpt%2FMPde7RKvKjjrelfCyzOXFM8Ej6rCdnCf3dFljpB68iVTqIn0WC50KEjhvmRgXbG1ypXsZsFuhK0jHuwPKFLlX1NQOK94dA%2FUZPtLUIuJDdlL%2FG6uHIuX%2FlnfHrk8GNRmzTLmHKa0Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crichd.js
gocast2.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/crichd.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c6040c1e7d9ffb9a2a604f1619c1b280c4e0178900c9f1570838cd347425f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 23 Oct 2022 07:56:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7084
etag
W/"6354f3a3-4de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z%2F1TbEl2Mi6VYFFwxqceH55OTIu64tIWEu43ZiNr3H4Z2C6%2FnC%2FL5gcPy5I6%2B5XH9GnvUVQsBpG7xZmvndr5us22Ji8FfrxNeiRp8RcY7GRyM8jR8QgA8eBnoF82N8C%2BgDDW8YWAbLwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
762dc9e94abdbb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crichd.php
gocast2.com/ Frame FABB 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/crichd.php?player=desktop&live=skysme
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
94ea790f1bfc413e9f10f8da58fc87220857c30a7744431bb52cf485fc75d15a

Request headers

Referer
https://stream.crichd.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762dc9e99b99bb73-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 16:32:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CFAp0m3RQfwzAYmUMg6OPyiCRxfGZZTbY%2FAUBVnuowQVbzMcvB5NmRq33B8Zl76%2BNgRAiZaSZgeuO1Zh2Vomq64fFTtAvffdc4n2sUssfoagiRuN%2FRufhnlNgUZJO9Pm%2BR%2F5ZTsAfRS%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: stream.crichd.vip
URL: https://stream.crichd.vip/update/skys1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:28:13 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
1033079125
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame FABB 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 14:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30281
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 14:14:43 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame FABB 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
25711220
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
48135f30fbfcba704628453df5764d8f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
762dc9eafebe5c92-FRA
cdn-requestpullsuccess
True
jquery-latest.js
code.jquery.com/ Frame FABB 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-4508e"
vary
Accept-Encoding
x-hw
1667233967.dop218.fr8.t,1667233967.cds107.fr8.hn,1667233967.cds254.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
embed.css
gocast2.com/css/ Frame FABB 		537 B
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/css/embed.css?ver=1.4.4
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichd.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:08:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
509
etag
W/"617bba25-219"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnrXAaYAP8N%2F%2FDf4qOFvFoso6z8oVOPx6LnMt3DA5Yq%2FV49qo8cRCfUzvFmhba39hdMYFG2Yv%2B2vDQHHYS0LhMN7ama5rXvLsW8rqEzkbXkeiicZXycbEnw9WT%2B%2BZO7y6bXQmO2Eowo1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
762dc9ea6c899bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
code.jquery.com/ Frame FABB 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.0.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-1787d"
vary
Accept-Encoding
x-hw
1667233967.dop218.fr8.t,1667233967.cds107.fr8.hn,1667233967.cds154.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33357
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame FABB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1c1f"
vary
Accept-Encoding
x-hw
1667233967.dop218.fr8.t,1667233967.cds107.fr8.hn,1667233967.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
site.css
gocast2.com/css/ Frame FABB 		199 B
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/css/site.css
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichd.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2021 09:54:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
509
etag
W/"617bc4e2-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2slHwDVrzubA1siCF%2FN4dOHh0d0XOkvNcbqFxJr61jSfm0Y%2FZ9UoG%2BPHpAVh6nOnh%2FCkbOEq82w7zoJ%2FwLEpAJ3ndYRjwT28RTisB5kd%2FaxN%2FMtG7p7AY5hgDooFE4%2BHOxLyQPtN2N28g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
762dc9ea6c8d9bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame FABB 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27228
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19164-FRA, cache-cdg20749-CDG
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfniywC4EKdX97My112lLcOcPFF7Ij5OdKbzvekFY3KlYy3xVUu4ZHbIc3BeN9g5U3lHUd0akD%2FqnibDLpuaHZ8Kbv2nTSgvc8JG1p9E8M1oLtORZrcgI0PN7%2FBhAQnKWS2Z1FnIdW0Z7N7tid0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
762dc9eafc84bb8f-FRA
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame FABB 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6284034a3325039bd2eec9973744d93b6a272b3340c07a8800144d5564078ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23893
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19173-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2e49e-tS8mRRVGlAKO2fLGW4lDdbGdkhA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQWKXBCUE75XBhQBhBEbFWlsQrq79mux4vhinC1jS4ql9O5Z2Md6vbN2tq1EVaHIV5C8%2BMfnCrN4aGjwVPB%2FLaFrv11Z5e3wPXAsUGHDplRTLq2asfWLrhxFhg7j7PNfeuiLCS1gkNmG%2BiZ%2ByoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
762dc9eafc87bb8f-FRA
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame FABB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1832
x-jsd-version
2.0.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19135-FRA, cache-cdg20764-CDG
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFEIYZ7Iumx67h7K1f49razCB9UGQjBVyB5b9jWgNaz%2BiVjuNvkKevXYamS1qShmfJv7PbS%2FwK4nvuB32Mf5lElEeyT9FkXu0ciQmGgyLv%2BaYcp6b66OK3NZDP%2FLIvYuZFQnhsiFNM2Cx00BN6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
762dc9eafc8abb8f-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame FABB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19691
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA, cache-hhn4062-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7adwinihIfFC%2BA1vJfB47YTzlq%2BpW6%2BzxvR8%2Fe15jDiTB8MinHvkafd5U2sBEl59kospnKBFWI7uWZ7crJ9w4jW0E1tBGZ61a7lZ2eZ42%2FYot35cV3oMPbd5kwBLWiBXlQQrT4e%2F9n5jW2GqXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
762dc9eafc8bbb8f-FRA
script.js
vmuid.com/ Frame FABB 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/script.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:47 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
10176
sdk.js
tartator.com/ Frame FABB
Redirect Chain
  • https://origunix.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
  • https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
134 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
HTTP/1.1
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
f46c3267965fac648f8d360c254ce2da52c19219484ed31caccef75a2aef81fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
137439

Redirect headers

Date
Mon, 31 Oct 2022 16:32:47 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
Location
https://tartator.com/sdk.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
z-6330442
gocast2.com/ Frame FABB 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/z-6330442
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2503670432ef9f21bc43a986e69d5266bfd074668be30b01159a13caf82af8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/crichd.php?player=desktop&live=skysme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:47 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 31 Oct 2022 16:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"635ff140-3a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lVE2C%2FwYh7vRinMd1PjWsKdYL6oQVUFwJEsh20YxcrJcpDZbDPYo7a2OOCy4Sj%2BVyyLrZi33nm4DbtVd3k1Yz4saHF9qx2%2Bem1SHqhlN78FunumkNHVxtQv0TflPVu%2B5Cv7inhJk1Y93g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
762dc9ea6c8f9bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
936
/
d27x9po2cfinm5.cloudfront.net/ Frame FABB 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3600:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2053ce50bcea90cc73941f4399f06759136f58cfb7d96563d7f430493636a42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
53948
x-amz-cf-id
ungtRfsTADOaydtHq-fVytIEGeurHMudDaTCWKVTbhL54VI5B1upHA==
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4599824&@f16&@g1&@h1&@i1&@j1667233967824&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-141490641&@b3:1667233968&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fstream.crichd.vip%2Fupdate%2Fskys1.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
81b8a6b4a5435aceaf3f1f5f13399b54b2be8f99e85af6bee9b40dac9547d363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.crichd.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
ad.html
gocast2.com/ Frame CDF3 		0
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gocast2.com/ad.html
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:42d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gocast2.com/crichd.php?player=desktop&live=skysme
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762dc9ed7d8a9bc4-FRA
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 16:32:48 GMT
last-modified
Tue, 18 Oct 2022 19:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RedzPF1d1uWNxCAVIbNsi0ifZ18WNaw5FDzepdTmeJVw25UWW1rVMlGU8LZmrLijM8QkqAN82kHTWZLrJsmEGVdYFaAd9pVslQr38NjxErDdtPuiZ66tsyZAd88BYjoSisw5i3cI8X85TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
send
vmuid.com/uid/ Frame FABB 		65 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=dc396fbe-f9a8-4ac3-9085-abac58fd3539
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
a870461f3411599c8c3125082fc4ee2e9503baea81aa772f74a7f3056ee74ea1

Request headers

Accept
application/json
Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryigdZ6IP4Ih0jE1bV

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Server
nginx/1.14.1
Accept-Ch
Sec-CH-UA-Platform-Version
Content-Type
application/json
Access-Control-Allow-Origin
https://gocast2.com
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length
65
bootstrap.js
uptimecdn.com/script/ Frame FABB 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uptimecdn.com/script/bootstrap.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907
x-guploader-uploadid
ADPycdtplezxcdZnpc43jJm7L87DDTZFI7kUPHt3qiC5qeLtc4pN5M4ybJvfuCzywnLK7qCg0qdmTRCrFeyPSCi2UX6dhg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEXsO%2BDpbeI68iUfBEJ4AO7YKpmBCJqN4%2BPgZh7DIoAlq8UqBglk6EaGGge8cqA4cnkpORuPpIRduXm8Gvn6ofG4pTDgOqMSUjIyvTXSE%2B1UZrIkMhL2QDvsTt4ZDlyb3NTlD4RDXsxXoacV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
762dc9ee8c4b9000-FRA
expires
Mon, 31 Oct 2022 16:12:02 GMT
asd100.bin
pogothere.xyz/ Frame FABB 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2113
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Oct 2022 15:57:35 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://gocast2.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT9yi%2BrwiouMMis%2FSNs6ZTl57W%2FxSwzZBrPtFqmnucgU3rKKlbvZP3%2BqP9bk%2BqT%2FnxcXL92IDkHPobOWrMsuzd6MJe356dpjpqD4Z3ZBmqMyFsYZxSnvmo66zbifD5Dd"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
762dc9ee7c5bbb5b-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ Frame FABB 		27 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d0000dac16aee77282a8bebb76a837ce48154ee16f8aa024d13360ea64e75e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqpkU%2BB5oxVXTrUTaVTUCACJfFdQMb9EIee%2Bi9SOD56rjx5XXfdRecUy%2BkcwEqEPy%2FpZHXxLr7ngUTRdz3XIQMFP%2FUB5QGYa8VnXsWYShYwpF0JjTHcYPoSS3p%2FNKnih"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://gocast2.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
762dc9ee7c5cbb5b-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
pearanceofam.xyz/ Frame FABB 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pearanceofam.xyz/utx?cb=PKySJNrkbRo9&top=gocast2.com&tid=969390
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-42.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 16:32:48 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://gocast2.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
VBbMQW0eYeAfEMFqu-oP7GGuH_tweYEQTurSxuratGfUzu97qnc4Eg==
NnhkREFXGgcpfldFBmI0RBRZYXNwXVYCJQRPHH0xWUoHIihYFVFqIloXESAnRBcKMG9YHRBhc3A3KXYTZhsOChB1ASERBXMbKg9xDjMmEnAOKxMJF3ISEyAZYzY+DRRgIQUjAEcqDygnZxIXDRdBTTElEwMrPBUPTy4iHiV0Sy4AB2AxJQgUDjAiFgATSiIMF1E3J...
pearanceofam.xyz/ Frame 7112 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pearanceofam.xyz/NnhkREFXGgcpfldFBmI0RBRZYXNwXVYCJQRPHH0xWUoHIihYFVFqIloXESAnRBcKMG9YHRBhc3A3KXYTZhsOChB1ASERBXMbKg9xDjMmEnAOKxMJF3ISEyAZYzY+DRRgIQUjAEcqDygnZxIXDRdBTTElEwMrPBUPTy4iHiV0Sy4AB2AxJQgUDjAiFgATSiIMF1E3Jj0mei0ydAJmEBAlF10xUgE2Ax0nPhRUIFV8B1cTJnUDXQhBdgdgDyEAFXIfBhwXVTQrBQRhOTIVKXQQPQYXfk0nDBB4OgIAAGE5MhV1cUlUAhRxCCYnE2wvAjMucDpUdTBnOSoXB3JVXCEXXSkmCBNaGTZ0Bw82JR0AY0oiBgNkIjMicEYhMzwAXzAMHQN8ShQFAAdAKg4DVS8lEhBZPlUGGHVKPhwAZzUsDjZ0GzwjB0cpLBECYDAMJwBOSTYiBH8wLBI5Ai4TAQVwAVARFF09KiUqdEkmKCUCICUFB2cSFBQAUV4ONy5YCFkqdl0hACF1TBQ
Requested by
Host: d27x9po2cfinm5.cloudfront.net
URL: https://d27x9po2cfinm5.cloudfront.net/?copxd=969390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-42.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
69f0dc676e47193570c0a00df4b4c4b90815f06abf1f82f67de0a256c7692edc

Request headers

Referer
https://gocast2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1227
content-type
text/html
date
Mon, 31 Oct 2022 16:32:48 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-id
ZhrQBOlGbMZc2mWEz2Tl77tJqPfIjza5xtlYKNYBxDYsPft1lsULEg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
WwJjBCwSX3hFblAEd0drXwV9RmFX
lainmpatoio.xyz/ZjNFdFhJDCYHZQcCKT8MVksfLRBXBiMYNAFWdi5vMWQ9DT4IWGMAMQIOfEJhVQp1UigPV3hFfhVHJAAtFQ50UjEIVSpJfhAOdFprUh13TXZWFTBJaUBHNRU/ Frame FABB 		0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lainmpatoio.xyz/ZjNFdFhJDCYHZQcCKT8MVksfLRBXBiMYNAFWdi5vMWQ9DT4IWGMAMQIOfEJhVQp1UigPV3hFfhVHJAAtFQ50UjEIVSpJfhAOdFprUh13TXZWFTBJaUBHNRU/WwJjBCwSX3hFblAEd0drXwV9RmFX
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ2joNKbVAWzhBY9UJKFfNXeRnzyTdrWIj1NOaaH0IbIt8K%2F1oT560B8OaRwfQX8iE0S3Hwj9UY6NZWtIgDTNLdAkXCaWKi3Qrf06R2sRgcBVtKgpCpMwaEGzag%2BknUnuG8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
762dc9eeac91bb95-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ Frame FABB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/ Frame FABB
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S2014105665%3A1667233968438564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S2014105665%3A1667233968438564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSV9o8FMDbzzgmRoIy41Rk1qJZislOmX3xrnpVTM7AS1vK8WmjaJfSV6mRSadPuzMIdq064A
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Oct 2022 16:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fzAUbRHfs63PfhfY7WmtgQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
395
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S2014105665%3A1667233968438564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSV9o8FMDbzzgmRoIy41Rk1qJZislOmX3xrnpVTM7AS1vK8WmjaJfSV6mRSadPuzMIdq064A
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/ Frame FABB
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1257692490%3A1667233968481991&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-1257692490%3A1667233968481991&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWomLIxdAUYS18NyoVoajHrtyk1NxtuM9mbOn9T0-utLFrZr_dziPdqhjolVtQhcgPfmxak9bw
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
H3
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Oct 2022 16:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SHSKz0A4Rqz7uCz4TbClhA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-1257692490%3A1667233968481991&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWomLIxdAUYS18NyoVoajHrtyk1NxtuM9mbOn9T0-utLFrZr_dziPdqhjolVtQhcgPfmxak9bw
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
skysme.m3u8
go2.gocast2.com/hls/ Frame FABB 		558 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go2.gocast2.com:999/hls/skysme.m3u8?md5=9KY_CWVxn9jxTPhRFnkV3Q&expires=1667241138
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7b5634ea45a8e7257d3b4237e81cbd0bf85c689e3e2f6cfbad1c96f789c1875b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Last-Modified
Mon, 31 Oct 2022 16:32:44 GMT
Server
nginx/1.20.1
ETag
"635ff8ac-22e"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
558
Expires
Mon, 31 Oct 2022 16:32:47 GMT
bootstrap.js
alcult.com/script/ Frame FABB 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alcult.com/script/bootstrap.js
Requested by
Host: gocast2.com
URL: https://gocast2.com/z-6330442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2cca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1039
x-guploader-uploadid
ADPycduFV2GSYdEeKjeyzS6SCFFbJgQzH5BB1qSlQZlfDikuZ7I2D8ZI4TcB7gfN7qlbEE_H_oac88oZPt4da1Fih4ZI8OSs2VM7
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Sep 2022 08:38:35 GMT
server
cloudflare
etag
W/"90a406e7c114cb9cbdbd171d8282e224"
vary
Accept-Encoding
x-goog-hash
crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation
1662626315119008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUrEFKFywPgEBlDI5pskdwERWzU83UEANHa%2FXumI4dRA73w7lC0rc5arxyq%2BE1AJZ2cmQlxR4%2BIAUk8QY7j8SMuXYDWx7zSodblHn8q20BrkN8HqB3ZyUItJHiWHfU51fCWJoMrfI2EK"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100523
cf-ray
762dc9ef9d1b900c-FRA
expires
Mon, 31 Oct 2022 16:41:11 GMT
ut.js
uptimecdn.com/script/ Frame FABB 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uptimecdn.com/script/ut.js?cb=1667233968468
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtW3yBehwCyr3iHlX1ZNiCi33VgjI8kZf5r0bNbuhxDRsuTzCXOA8_ASUu_x7Dq3ozZPiYu13MPTrHWWKd7mJiyh--JJ3h_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 29 Aug 2022 11:45:52 GMT
server
cloudflare
etag
W/"c7304eebcb5069f68bd3fa9e74218a36"
vary
Accept-Encoding
x-goog-hash
crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation
1661773552581597
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT5737Ei9U87Al3Fk%2FJCOPlIXunU8Frw3oDONM%2BxnxkAepxu9ZTiz1oZzzFrlPlZrRtb8kDCt7LUTX0AxNIcU3Oacq%2BVhbiXohc9%2BYQ3a1f2%2FsOgIGbelnTFo1z4xOJw8JB3g0ypTlBPDxPA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71356
cf-ray
762dc9ef590e9186-FRA
expires
Mon, 31 Oct 2022 17:13:59 GMT
suurl4.php
youradexchange.com/script/ Frame FABB 		1 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=6330442&cbur=0.783023298867195&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fstream.crichd.vip%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=uptimecdn.com&aggr=0&chmob=?0
Requested by
Host: uptimecdn.com
URL: https://uptimecdn.com/script/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
d74442bc6c1dadc6aa8253cb4ace80051779bb9885c8429d25840bda8da9730a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
skysme.m3u8
go2.gocast2.com/hls/ Frame FABB 		558 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go2.gocast2.com:999/hls/skysme.m3u8?md5=9KY_CWVxn9jxTPhRFnkV3Q&expires=1667241138
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7b5634ea45a8e7257d3b4237e81cbd0bf85c689e3e2f6cfbad1c96f789c1875b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Last-Modified
Mon, 31 Oct 2022 16:32:44 GMT
Server
nginx/1.20.1
ETag
"635ff8ac-22e"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
558
Expires
Mon, 31 Oct 2022 16:32:47 GMT
skysme-12548.ts
go2.gocast2.com/hls/ Frame FABB 		780 KB
780 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go2.gocast2.com:999/hls/skysme-12548.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
995355c0b45a9dcfd37f549660c354189b184af0723ac4fe6742019304eff2f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Last-Modified
Mon, 31 Oct 2022 16:31:44 GMT
Server
nginx/1.20.1
ETag
"635ff870-c2e28"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
798248
Expires
Mon, 31 Oct 2022 16:32:47 GMT
json
pro.ip-api.com/ Frame FABB 		174 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
3d190cb8f24df6e2ef96b162798359fa65e9bb65bfa44ee82f7c04e8081f2fc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 Oct 2022 16:32:48 GMT
Content-Length
174
Content-Type
application/json; charset=utf-8
78e78032-db75-430c-b834-3012c4e029b8
https://gocast2.com/ Frame FABB 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gocast2.com/78e78032-db75-430c-b834-3012c4e029b8
Requested by
Host: gocast2.com
URL: https://gocast2.com/crichd.php?player=desktop&live=skysme
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
VwEDTDgbXVcLOAEWAVQhBhYBVH5CHQNBfDAWAVQ4G10FUGpBcRZWfwoFB01qQANSFD-8eVkQBLRlaR0F9NAYAU2FBBRZWf1pYWxAiHhYBJ2pAA18NJBcWAVQoF1BYC2ZXAQMHJwBcXgFqQHUCVHhcAx1RfEIHHVx4VwEDFy4UUkENakB1Bld4XAAFQjpPAg
d27x9po2cfinm5.cloudfront.net/OM2RPcjNQCyEUDEcNK08KBV18SwMVDjwdXUNZIUVYagAqRklfQjsIVw5UaR5SXQNyVFZdB3JDFVIALU8HFRA/HVgOBygLUV0CPhtaVkI6Ew5eCzUbX18FakB1Bkp/ Frame 7112 		677 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d27x9po2cfinm5.cloudfront.net/OM2RPcjNQCyEUDEcNK08KBV18SwMVDjwdXUNZIUVYagAqRklfQjsIVw5UaR5SXQNyVFZdB3JDFVIALU8HFRA/HVgOBygLUV0CPhtaVkI6Ew5eCzUbX18FakB1Bkp/VwEDTDgbXVcLOAEWAVQhBhYBVH5CHQNBfDAWAVQ4G10FUGpBcRZWfwoFB01qQANSFD-8eVkQBLRlaR0F9NAYAU2FBBRZWf1pYWxAiHhYBJ2pAA18NJBcWAVQoF1BYC2ZXAQMHJwBcXgFqQHUCVHhcAx1RfEIHHVx4VwEDFy4UUkENakB1Bld4XAAFQjpPAg
Requested by
Host: pearanceofam.xyz
URL: https://pearanceofam.xyz/NnhkREFXGgcpfldFBmI0RBRZYXNwXVYCJQRPHH0xWUoHIihYFVFqIloXESAnRBcKMG9YHRBhc3A3KXYTZhsOChB1ASERBXMbKg9xDjMmEnAOKxMJF3ISEyAZYzY+DRRgIQUjAEcqDygnZxIXDRdBTTElEwMrPBUPTy4iHiV0Sy4AB2AxJQgUDjAiFgATSiIMF1E3Jj0mei0ydAJmEBAlF10xUgE2Ax0nPhRUIFV8B1cTJnUDXQhBdgdgDyEAFXIfBhwXVTQrBQRhOTIVKXQQPQYXfk0nDBB4OgIAAGE5MhV1cUlUAhRxCCYnE2wvAjMucDpUdTBnOSoXB3JVXCEXXSkmCBNaGTZ0Bw82JR0AY0oiBgNkIjMicEYhMzwAXzAMHQN8ShQFAAdAKg4DVS8lEhBZPlUGGHVKPhwAZzUsDjZ0GzwjB0cpLBECYDAMJwBOSTYiBH8wLBI5Ai4TAQVwAVARFF09KiUqdEkmKCUCICUFB2cSFBQAUV4ONy5YCFkqdl0hACF1TBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3600:14:63a1:c340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ad354203032789690bf18a7462bb69ba2e780f343457d8fb0aee1706d7b25e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pearanceofam.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 16:32:48 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
478
x-amz-cf-id
9YFK9NSKNsNd7VgP4KauG6T1P0h3y_ZqwcplK76GB4L4JFuFkhgFvQ==
channel
asia.web3-lab.com/v1/ Frame FABB 		455 B
738 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://asia.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25eff5037d83d37067a85c8b780426f0b015ffbffe01ff0cd9e65819322815a2

Request headers

Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 31 Oct 2022 16:32:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbU6hjiCSEu4veaSu%2BX3fk3LGb83c9gOXri0%2BcXUFdaGiTvIBbkADNoihulizsg%2F4VKFSTDYqXgjsWSffQw167LztAwfWF0WrQpIRfhi65TcXwZojbAX%2BX83B8Eau29ppQpyR9K3vvLmM6mNAosBlOS2zA0s"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
762dc9f0cc1c900d-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
popunder.gif
lainmpatoio.xyz/ Frame FABB 		35 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lainmpatoio.xyz/popunder.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
public
date
Mon, 31 Oct 2022 16:32:48 GMT
cf-cache-status
HIT
last-modified
Mon, 31 Oct 2022 12:37:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
14099
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MECRluVFQB3innn9byOgcIQEAZinR%2BagQWvyj97rAYHL3vVoVgtrwlveoJeMVVa79%2BLZW0TLCPcdfApJgj0S5WRwnOnDrlgAu6DfylVgZMqD8EXfWim7tUTIzrTlu3auqDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
762dc9f0fd209299-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
skysme-12548.ts
go2.gocast2.com/hls/ Frame FABB 		1 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go2.gocast2.com:999/hls/skysme-12548.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3

Request headers

Referer
https://gocast2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-0

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Last-Modified
Mon, 31 Oct 2022 16:31:44 GMT
Server
nginx/1.20.1
ETag
"635ff870-c2e28"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/798248
Cache-Control
no-cache, no-cache
Connection
keep-alive
Content-Length
1
Expires
Mon, 31 Oct 2022 16:32:47 GMT
skysme-12549.ts
go2.gocast2.com/hls/ Frame FABB 		754 KB
755 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go2.gocast2.com:999/hls/skysme-12549.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.49.224.221 , Belize, ASN213371 (SQUITTER-NETWORKS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c85cb74086c8b4d268a510db1fc792531d14785665cc63456f9930a7702dd3ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gocast2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 16:32:48 GMT
Last-Modified
Mon, 31 Oct 2022 16:31:54 GMT
Server
nginx/1.20.1
ETag
"635ff87a-bc8d0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
772304
Expires
Mon, 31 Oct 2022 16:32:47 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| fid string| v_width string| v_height object| isMobile string| embedded string| PlaySize object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

9 Cookies

Domain/Path Name / Value
stream.crichd.vip/ Name: HstCfa4599824
Value: 1667233967824
stream.crichd.vip/ Name: HstCla4599824
Value: 1667233967824
stream.crichd.vip/ Name: HstCmu4599824
Value: 1667233967824
stream.crichd.vip/ Name: HstPn4599824
Value: 1
stream.crichd.vip/ Name: HstPt4599824
Value: 1
stream.crichd.vip/ Name: HstCnv4599824
Value: 1
stream.crichd.vip/ Name: HstCns4599824
Value: 1
.vmuid.com/ Name: guid
Value: 6fdaefd5-5dc2-4a00-9c0b-e4eb4588ccf3
pogothere.xyz/ Name: csu
Value: 1764896524054380@1@1667233968

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S2014105665%3A1667233968438564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSV9o8FMDbzzgmRoIy41Rk1qJZislOmX3xrnpVTM7AS1vK8WmjaJfSV6mRSadPuzMIdq064A
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1257692490%3A1667233968481991&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWomLIxdAUYS18NyoVoajHrtyk1NxtuM9mbOn9T0-utLFrZr_dziPdqhjolVtQhcgPfmxak9bw
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
alcult.com
asia.web3-lab.com
cdn.jsdelivr.net
code.jquery.com
d27x9po2cfinm5.cloudfront.net
go2.gocast2.com
gocast2.com
lainmpatoio.xyz
maxcdn.bootstrapcdn.com
origunix.com
pearanceofam.xyz
pogothere.xyz
pro.ip-api.com
s10.histats.com
s4.histats.com
stream.crichd.vip
tartator.com
uptimecdn.com
vmuid.com
www.facebook.com
youradexchange.com
172.64.173.27
178.162.196.156
18.66.147.42
188.114.96.3
192.99.8.28
2001:4de0:ac18::1:a:3b
2600:9000:225e:3600:14:63a1:c340:21
2606:4700:3030::6815:2e74
2606:4700:3030::6815:42d2
2606:4700:3033::6815:2cca
2606:4700:3033::ac43:8b81
2606:4700::6810:5914
2606:4700::6812:bcf
2a00:1450:4001:827::200d
2a00:1450:4001:82b::200a
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
35.190.41.116
37.49.224.221
46.105.201.240
51.77.64.70
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2503670432ef9f21bc43a986e69d5266bfd074668be30b01159a13caf82af8d7
25eff5037d83d37067a85c8b780426f0b015ffbffe01ff0cd9e65819322815a2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
3d190cb8f24df6e2ef96b162798359fa65e9bb65bfa44ee82f7c04e8081f2fc3
50c6040c1e7d9ffb9a2a604f1619c1b280c4e0178900c9f1570838cd347425f5
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
69f0dc676e47193570c0a00df4b4c4b90815f06abf1f82f67de0a256c7692edc
6ad354203032789690bf18a7462bb69ba2e780f343457d8fb0aee1706d7b25e8
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7b5634ea45a8e7257d3b4237e81cbd0bf85c689e3e2f6cfbad1c96f789c1875b
81b8a6b4a5435aceaf3f1f5f13399b54b2be8f99e85af6bee9b40dac9547d363
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94ea790f1bfc413e9f10f8da58fc87220857c30a7744431bb52cf485fc75d15a
98d0000dac16aee77282a8bebb76a837ce48154ee16f8aa024d13360ea64e75e
995355c0b45a9dcfd37f549660c354189b184af0723ac4fe6742019304eff2f0
a870461f3411599c8c3125082fc4ee2e9503baea81aa772f74a7f3056ee74ea1
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6284034a3325039bd2eec9973744d93b6a272b3340c07a8800144d5564078ce
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf
c85cb74086c8b4d268a510db1fc792531d14785665cc63456f9930a7702dd3ab
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d74442bc6c1dadc6aa8253cb4ace80051779bb9885c8429d25840bda8da9730a
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e2053ce50bcea90cc73941f4399f06759136f58cfb7d96563d7f430493636a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f46c3267965fac648f8d360c254ce2da52c19219484ed31caccef75a2aef81fb
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9686f74416d8469e9fb6f8cf8364b28598b3c94c88ed609c1c9cc09b329f17c