urlscan.io logo urlscan.io
SecurityTrails logo

buffstream.fun Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Submission: On July 10 via manual from CZ — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 7 countries across 20 domains to perform 57 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is buffstream.fun.
TLS certificate: Issued by GTS CA 1P5 on June 12th 2023. Valid for: 3 months.
This is the only time buffstream.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
buffstream.fun
live.harleyquinnwidget.live
5    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
nossairt.net
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
nanouwho.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.livetv682.me
1    2a02:26f0:1700:1a6::312e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:3033::6815:2d57 (United States)

ASN13335 (CLOUDFLARENET, US)
api.tazz.tv
8    2606:4700:3035::6815:2475 (United States)

ASN13335 (CLOUDFLARENET, US)
www.jokerplayer7.online
jokerplayer7.online
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    23.109.87.210 (Netherlands)

ASN7979 (SERVERS-COM, US)
dimedoncywydd.com
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
8    195.128.248.12 (Kista, Sweden)

ASN43180 (CLOUDNETWORKS-AS, UA)
PTR: dedicated.vsys.host
ssss12.jokerplayer7.online
2    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
sstatic1.histats.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
16 jokerplayer7.online
www.jokerplayer7.online
jokerplayer7.online
ssss12.jokerplayer7.online
2 MB
5 harleyquinnwidget.live
live.harleyquinnwidget.live
84 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
342 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
fonts.googleapis.com — Cisco Umbrella Rank: 88
64 KB
4 nanouwho.com
nanouwho.com — Cisco Umbrella Rank: 31172
145 KB
3 nossairt.net
nossairt.net — Cisco Umbrella Rank: 250108
29 KB
3 buffstream.fun
buffstream.fun
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
132 KB
2 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 47196
326 B
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 14075
widgets.amung.us — Cisco Umbrella Rank: 23211
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
75 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
19 KB
1 dimedoncywydd.com
dimedoncywydd.com — Cisco Umbrella Rank: 593668
1 KB
1 tazz.tv
api.tazz.tv
1 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
345 B
1 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 51281
14 KB
1 livetv682.me
cdn.livetv682.me
721 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9450
544 B
57 20
Domain Requested by
8 ssss12.jokerplayer7.online www.jokerplayer7.online
ssss12.jokerplayer7.online
cdn.jsdelivr.net
6 www.jokerplayer7.online live.harleyquinnwidget.live
www.jokerplayer7.online
5 live.harleyquinnwidget.live buffstream.fun
live.harleyquinnwidget.live
5 www.googletagmanager.com buffstream.fun
live.harleyquinnwidget.live
www.googletagmanager.com
www.jokerplayer7.online
4 nanouwho.com nossairt.net
nanouwho.com
3 nossairt.net buffstream.fun
nossairt.net
3 buffstream.fun buffstream.fun
2 cdn.jsdelivr.net ssss12.jokerplayer7.online
2 sstatic1.histats.com www.jokerplayer7.online
2 jokerplayer7.online www.jokerplayer7.online
jokerplayer7.online
2 fonts.googleapis.com www.jokerplayer7.online
cdnjs.cloudflare.com
2 ajax.googleapis.com www.jokerplayer7.online
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com www.jokerplayer7.online
1 cdnjs.cloudflare.com www.jokerplayer7.online
1 widgets.amung.us www.jokerplayer7.online
1 whos.amung.us 1 redirects
1 dimedoncywydd.com www.jokerplayer7.online
1 api.tazz.tv live.harleyquinnwidget.live
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn-icons-png.flaticon.com buffstream.fun
1 cdn.livetv682.me buffstream.fun
1 my.rtmark.net nossairt.net
57 24

This site contains no links.

Subject Issuer Validity Valid
buffstream.fun
GTS CA 1P5		 2023-06-12 -
2023-09-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
harleyquinnwidget.live
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
nossairt.net
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
nanouwho.com
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
rtmark.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
livetv682.me
E1		 2023-07-08 -
2023-10-06		 3 months crt.sh
freepik.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-22 -
2023-07-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tazz.tv
GTS CA 2P2		 2023-05-18 -
2023-08-16		 3 months crt.sh
jokerplayer7.online
GTS CA 1P5		 2023-06-05 -
2023-09-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
dimedoncywydd.com
R3		 2023-05-30 -
2023-08-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
ssss12.jokerplayer7.online
ZeroSSL RSA Domain Secure Site CA		 2023-07-07 -
2023-10-05		 3 months crt.sh
histats.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh

This page contains 9 frames:

Primary Page: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Frame ID: 18BA12ADD78850F8324AFF77172BCE60
Requests: 13 HTTP requests in this frame

Frame: https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
Frame ID: 42A0F970110AB49F0D9B7792E063E8CF
Requests: 8 HTTP requests in this frame

Frame: https://buffstream.fun/cache/links/en.143043692.html?16890022&ask=1688995500
Frame ID: D2B76CA8FFEA909EB3929E0F8A970B3C
Requests: 3 HTTP requests in this frame

Frame: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Frame ID: F7D8431E58711F29060BA81382839D28
Requests: 13 HTTP requests in this frame

Frame: https://jokerplayer7.online/ad1.php
Frame ID: 3C1ACF4E6FCFE9BB849521063F8ACC91
Requests: 2 HTTP requests in this frame

Frame: https://ssss12.jokerplayer7.online:8081/mamy.php?ch=court2&width=100%&height=360
Frame ID: D263AF189E8990213905F52646577536
Requests: 1 HTTP requests in this frame

Frame: https://www.jokerplayer7.online/normalplayer.php?m=court2
Frame ID: 9225932116650C2784C0DE8A7163D557
Requests: 3 HTTP requests in this frame

Frame: https://www.jokerplayer7.online/normalplayer.php
Frame ID: F0E5F95401DCBFC182C840F6138A9B0C
Requests: 3 HTTP requests in this frame

Frame: https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
Frame ID: 5D4D26998708CBB4BB6671D03965297D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sportcast

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

57
Requests

96 %
HTTPS

71 %
IPv6

20
Domains

24
Subdomains

22
IPs

7
Countries

3482 kB
Transfer

5639 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://whos.amung.us/cwidget/lshstream2/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=5903&c=000000ffffff&p=left

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request webplayer.php
buffstream.fun/ 		63 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c8982b7a1c8bca7183feb18ea28aefd9c3b845caf91bcce5cdfe0894e0559

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6e8bc420c09-AMS
content-encoding
br
content-type
text/html; charset=ISO-8859-1
date
Mon, 10 Jul 2023 15:18:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phtMU%2BQh1d6ZAs%2F%2BiQ6hoNSa0kEqNuuwbwPLeJoZI0w%2BW0h%2Blw%2BNn9ET5kc9rIlmD2eLCQscO%2BTUkzfjjg0o%2BByCkNJhnuShmZAbwkpDa42Ll3YPJi3HvVnGqXM7%2B5pHU4NRyxhNzDswt%2BHGmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-97551325-26
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87b9aebedb2190922a53f7be96641c644e981b7daaf510e4dbb9ef3b1ed2befb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48207
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jul 2023 15:18:02 GMT
6a620ea1
live.harleyquinnwidget.live/player/ Frame 42A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa98d1852d024a50951a419f20bf48df8cd23e74c91a12e27e1781a9e6f3b73

Request headers

Referer
https://buffstream.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7e49c6eb589e1e91-AMS
content-disposition
inline; filename="index.html"
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 15:18:02 GMT
expires
Mon, 10 Jul 2023 15:18:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VWDt7u%2BRwUkY2%2F5DrAoXvYXlXT9QSMWMzO588t9BQEmQ1KtNtlq5muRK7MX%2FZuSP3dN8dMFeXduxj8a87SkWILLELxLEJAfBhz52hLu7JHyhLb2vhA72Wn95%2FIoRAo2IYtqdTij5SuUdnVCGxPHwl06OjIzzB0PyEs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
en.143043692.html
buffstream.fun/cache/links/ Frame D2B7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffstream.fun/cache/links/en.143043692.html?16890022&ask=1688995500
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8689858341f196d3d15c21649efa994343df00ee781a4de843f98484ece925a5

Request headers

Referer
https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6eaed570c09-AMS
content-encoding
br
content-type
text/html; charset=ISO-8859-1
date
Mon, 10 Jul 2023 15:18:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqPjGDiUkEUHOOefqkaCyoPAtHOEai4bGZjrcNSYj2PxC31at41BnspmDrKoNuiDJch%2F%2FMX8On8th7e3ouZ6U6hQ515BYIG%2FW9Z%2FEr5RMsAJNwFKRhxAw7C%2FM5vfEYxlCne3o1L%2FOZ9PzRGzdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
webplayer.php
buffstream.fun/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUm4BkpR9cgndlcSlIMoZuB%2Bvi8aAaZ1aKOnhItngkljJNGu8bjIe0NuIg4iLtKYzlYjdCcYlvBmZyCmuiL7eRg%2B6SscIPovsfVP9KcSNBANqpdaJU47aWvUXyOD%2Bso5LPFjdRYh1AaTFE%2B7DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=ISO-8859-1
cf-ray
7e49c6eb5a43b8e8-AMS
alt-svc
h3=":443"; ma=86400
/
nossairt.net/5/5108181/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nossairt.net/5/5108181/?oo=1&aab=1
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d89b8e584333a5b0ed84e825ddf5c85e89529ff7c197bc3c57151ae9c295194a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-trace-id
94fb36a013254499af8de5cfac0cb39b
pragma
no-cache, no-cache
date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
gzip
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://buffstream.fun
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://mtwdmk9ic.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
nossairt.net/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossairt.net/tag.min.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/webplayer.php?t=ifr&c=2172561&lang=en&eid=143043692&lid=2172561&ci=3849&si=4&ask=1688995500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e8a307b7fa806a5eca9b9681aa853ac916e8bb9d526534faeff192c736702a84
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
24709
x-trace-id
adf9813641e57e6e7385d545182676ea
pragma
no-cache
last-modified
Mon, 10 Jul 2023 13:57:23 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97551325-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 10 Jul 2023 15:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
805
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 10 Jul 2023 17:04:37 GMT
main.b566a717.js
live.harleyquinnwidget.live/static/js/ Frame 42A0 		238 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.harleyquinnwidget.live/static/js/main.b566a717.js
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c2dc8decdf5bcb8bc9ebc544bae7e9c12967942f6599a109718ff329dd2b63

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=243447
content-disposition
inline; filename="main.b566a717.js"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"e2749c2d5db4c2690352d6517eeaf7fb6b52e7ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvqI3fgwJaXftf3tg9o2NRA2hcf6KRiv5s%2Fpuoe29VC2pQ88QF7795d9jaGtOpuec0JbBbXHOBCGi2Y5lidqnPf%2BurAOJg83zsxN9194scKfGTOkZqtFfMGvOSf0Svs0Kim93N1Ls8FMzXzNu8InUlX%2BeSjh%2FYUA07E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7e49c6ec08ee1e91-AMS
expires
Mon, 10 Jul 2023 15:18:01 GMT
main.e102267b.css
live.harleyquinnwidget.live/static/css/ Frame 42A0 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.harleyquinnwidget.live/static/css/main.e102267b.css
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c30c5c8e87932954babf3898895ee10174520e5c93d82accccb8f7930bd920

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4b976d4fb9135b3572090ed3dd4a850729046fe5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eNOdDOdkISYqfNd5ObXPv81er0dkRJ2czr8vOPGLIB0TJp9HE35b%2BBL8mTEv0BIvQ%2FaJumIZuPyGxibwUp0q8g8No64Zs7SJbAuPhd7O02O3WG8k%2BMXjurfTOxlTWjcnkM9lh8eUf%2BBac%2BmW2of5IauU%2FkoXogT5RI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="main.e102267b.css"
cf-ray
7e49c6ec08ed1e91-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jul 2023 15:18:01 GMT
1
nanouwho.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nanouwho.com/1?z=5468466
Requested by
Host: nossairt.net
URL: https://nossairt.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ed1acd2449e5abafaf96a6b75e07e45828d4f729bfd74a8196ca665fa0e9270d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-trace-id
cd692c182eccad3a5b271062ef270277
pragma
no-cache
date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
gzip
x-sc
KWykHo2-pZOiZLH6okO909b39l6dT6TkAMLwCnCnD7ps-ik68FNr7H9dEqwqBQHz7WOwD22PWq9WNCIpRH_tImxZndU=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=bc65d3df13da49eea99d0d8b03cbbab6
Requested by
Host: nossairt.net
URL: https://nossairt.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
94d742faa2e872ce6535cd2379a83b95b59d8c3a873c8b0c8ced78f3279c0ee0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://buffstream.fun
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
main.links.css
cdn.livetv682.me/css/ Frame D2B7 		541 B
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.livetv682.me/css/main.links.css?17
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/cache/links/en.143043692.html?16890022&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a4809b92db2481ce2cb1939d77c880baa25f77e3528f1910bee0d00da1df4c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168731
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Aug 2013 09:13:38 GMT
server
cloudflare
etag
W/"51fb7842-21d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y04nXonQKeOhTTlMcoyFjlOntKfgS%2BFfWxyXH1tgOOw6%2FB9qMj3uzW3SvjGdpWm13mEU4yz7MHH2dr4lRjYFWtnABcDWZy%2BWQJP4wBWMW213SDPQBFl6kMw0jgtML2Ekj8s7EL6ITGtmm2odGOdG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7e49c6ed2a2e1b02-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
875613.png
cdn-icons-png.flaticon.com/512/875/ Frame D2B7 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/875/875613.png
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/cache/links/en.143043692.html?16890022&ask=1688995500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1a6::312e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7ef71e220f7825fe6f8de75a233eadf81c755ff90fe63961d06462f81571ac2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
x-amz-meta-goog-reserved-file-mtime
1525773888
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
14432
pragma
public
last-modified
Thu, 14 Oct 2021 22:00:13 GMT
etag
"9072905d03486bbfd6860ead4b49d50a"
vary
Accept-Encoding
x-goog-generation
1634248813331355
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
14432
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627253680563670
expires
Mon, 10 Jul 2023 15:18:03 GMT
gtm.js
www.googletagmanager.com/ Frame 42A0 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C8M28M
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ecee4470bc41667f53fb382ad88da605003b8cb787058200ac07a507593aa33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42874
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jul 2023 15:18:02 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=216512930&t=pageview&_s=1&dl=https%3A%2F%2Fbuffstream.fun%2Fwebplayer.php%3Ft%3Difr%26c%3D2172561%26lang%3Den%26eid%3D143043692%26lid%3D2172561%26ci%3D3849%26si%3D4%26ask%3D1688995500&ul=en-us&de=windows-1252&dt=Sportcast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1019707893&gjid=2016481679&cid=520432468.1689002283&tid=UA-97551325-26&_gid=1122470972.1689002283&_r=1&gtm=457e3750&jsscut=1&z=1007052797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffstream.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jul 2023 15:18:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffstream.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
translation.json
live.harleyquinnwidget.live/locales/en/ Frame 42A0 		1 KB
1005 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://live.harleyquinnwidget.live/locales/en/translation.json
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/static/js/main.b566a717.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4746e2f831258d8c17a5139531ecb160b16bc7e457875c354881cfaf71f827

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ed2fa943a9c590eef9ec319a1c5fde2037b1025d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aVp5F4fsIi3np4UVyuC0leiZS4fs6YfwOyVyRxr%2FFiH8ki4u6jm6DCUraZaATjP%2Bhfe8AjYeWSyIYoPrGP2WJxnk9Ye8yhYt4UTyRvg6dfMzUbnDMDmVPKZyeK%2Fs4IcGdotEXw1nchgEoJ5Nezv2wshYh95G1ca7MU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
no-cache
content-disposition
inline; filename="translation.json"
cf-ray
7e49c6ed9c17b926-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jul 2023 15:18:02 GMT
732.01ddb157.chunk.js
live.harleyquinnwidget.live/static/js/ Frame 42A0 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.harleyquinnwidget.live/static/js/732.01ddb157.chunk.js
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/static/js/main.b566a717.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3274af914b2e68379d2d3fadb6764cc17178542d0121571de9f3d338c20270d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/player/6a620ea1?streamId=3e314541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7afdffd7fbb4c4c4020b04f991af97aaff11aa69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mBiriHkiGv4DEezkhUOc2GhlLqRpR4%2FX1XZh5DGx4BvItNJ3YSNRsG03ll8gZfA4lRvI2AT8F4YpWYQgrvtZjY4lDom%2F42nfenWENaHv1wj1P0eD9Z9MEA8tiObgo8%2ByeZ%2Folvkxn%2FJX%2FGk8L8AcWvOPuoEVaDBbmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="732.01ddb157.chunk.js"
cf-ray
7e49c6edac26b926-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jul 2023 15:18:02 GMT
/
nossairt.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nossairt.net/?rb=7t6D5s-3TrWMxwCrWrw4115QNHeDDk9NI-9hGQnzXzrxEEwiL9SnzQpPcdOQ3T1gDF5XebVlfyIaf0PTxnEPoQ2E-lm4hMdlS0ruV_NiduQvHkbkvdGsxBhmZ91xfvkIE3feOVJ0sZLUgP7AFTPEc3Chv0XELbcEVPnMP7oIycSYdAlfa-T8arWP2haXC5IzK1M5_DVdzAeXQN8Ot8JPkNmsuL8KS11gbEBQgQW70eARaaqQ1spjadaWTWrOAlRvIvQg0vBgwy3Qt8SAbz_C3g8s6Ys%3D&request_ab2=0&zoneid=5108181&js_build=iclick-v1.574.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=3&pl=https%3A%2F%2Fbuffstream.fun%2Fwebplayer.php%3Ft%3Difr%26c%3D2172561%26lang%3Den%26eid%3D143043692%26lid%3D2172561%26ci%3D3849%26si%3D4%26ask%3D1688995500&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.574.0&bs=034c4751-7c42-4105-990d-c0ae770b22e9&userId=bc65d3df13da49eea99d0d8b03cbbab6&m=link
Requested by
Host: nossairt.net
URL: https://nossairt.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ee60a5096eaf2e3f89fd005569b1b122992ba425de066b84d306f9f09e601891
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
1801b690f925b1915f9273a67b3cd9ae
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://buffstream.fun
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97551325-26&cid=520432468.1689002283&jid=1019707893&gjid=2016481679&_gid=1122470972.1689002283&_u=YEBAAUAAAAAAACAAI~&z=1570628146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffstream.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 10 Jul 2023 15:18:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffstream.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
f3152f06f3df4266df1737c2dcc1d015
nanouwho.com/27/ 		403 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nanouwho.com/27/f3152f06f3df4266df1737c2dcc1d015
Requested by
Host: nanouwho.com
URL: https://nanouwho.com/1?z=5468466
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
eb2224e60ee842f034267d4e814004a638858c39c782693e6b75c475af44d80e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-trace-id
7f0931a465af29b5625f28f4153e4a25
date
Mon, 10 Jul 2023 15:18:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Thu, 06 Jul 2023 05:09:14 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Thu, 05 Aug 2083 05:09:14 GMT
js
www.googletagmanager.com/gtag/ Frame 42A0 		258 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GQDK9BLM0N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C8M28M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0c1c610c57638fba559e4066f7dfd42f10ff01601aaf122d9fd63ed2ad432c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://live.harleyquinnwidget.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88764
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jul 2023 15:18:03 GMT
streams
api.tazz.tv/events/ Frame 42A0 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tazz.tv/events/streams?timestamp=1689002283245
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/static/js/732.01ddb157.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.20
Resource Hash
9204e81b24a844d698a682ae13d0bdad0331503d093b78610cdeb0445eb25c00

Request headers

Referer
https://live.harleyquinnwidget.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryd0BroFBntCB12kGP

Response headers

pragma
no-cache
date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.20
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74H2grQWoHj%2BcvXonez8jqBOp9AzWzlU0ZuCRFGxQGO73peiCPJCn8iulANYxxStkdfXjyEJF3NQ608KSf5F4eeBA864pkKiH6TBHXd1sLtl8Lqz9lHpPKMALGuL8W9hcqm1KOBSal%2F8iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7e49c6eefc600e2e-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
9
nanouwho.com/ 		7 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nanouwho.com/9?z=5468466&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fbuffstream.fun%2Fwebplayer.php%3Ft%3Difr%26c%3D2172561%26lang%3Den%26eid%3D143043692%26lid%3D2172561%26ci%3D3849%26si%3D4%26ask%3D1688995500&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&oaid=bc65d3df13da49eea99d0d8b03cbbab6
Requested by
Host: nanouwho.com
URL: https://nanouwho.com/27/f3152f06f3df4266df1737c2dcc1d015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer
https://buffstream.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
113d80ded6862b022812c4eda435f593
pragma
no-cache
date
Mon, 10 Jul 2023 15:18:03 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://buffstream.fun
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
nanouwho.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nanouwho.com/9?z=5468466&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fbuffstream.fun%2Fwebplayer.php%3Ft%3Difr%26c%3D2172561%26lang%3Den%26eid%3D143043692%26lid%3D2172561%26ci%3D3849%26si%3D4%26ask%3D1688995500&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&oaid=bc65d3df13da49eea99d0d8b03cbbab6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://buffstream.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://buffstream.fun
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Mon, 10 Jul 2023 15:18:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
embedssl.php
www.jokerplayer7.online/ Frame F7D8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Requested by
Host: live.harleyquinnwidget.live
URL: https://live.harleyquinnwidget.live/static/js/main.b566a717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
03537ccaf5ad61c2da61e5cd544795feb97e403b2ed4e10c2e22f5e1a5e40bb8

Request headers

Referer
https://live.harleyquinnwidget.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6f06feb0b58-AMS
content-encoding
br
content-type
text/html
date
Mon, 10 Jul 2023 15:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DvpjTq0eRn7lPnMRKV2NtlD6liO1xXHDTwKEOqMXrPZL93QPnpDRvxj19Ijcg8GWmA%2FDpfQKf2T5anJ9p2q17E6Bu1PX0%2FN%2B94SPKwx6cCLFZ0dtrs6N5qNCYy04ngHQfGBv2tM%2BBHk8xCD6eUBLmkSvKe6rA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.3
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame F7D8 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 08:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 08:57:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame F7D8 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 14:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 14:10:35 GMT
close.jpg
www.jokerplayer7.online/ Frame F7D8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jokerplayer7.online/close.jpg
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1880097735176c1cea6d702b01302eec6a6f1a69ce599caf18d6e6367ff3821f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Oct 2020 15:40:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4639
etag
"5f90566e-1e3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcBgNsJC3zjS5Fw6H%2FCcnC6968fAK2rIwrsyTIylOFymXwC7mxy9drOVVGq5MjsuBTodcgRgtS7%2FTjSOP7MuUbMv2Q9QLxWYIe16GOzSUQH6%2F7PQe7P5NAt%2BJnIK9Ji7rwImAI98dSbcI40iIUa7q5E9DhJd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e49c6f1f9b80b58-AMS
alt-svc
h3=":443"; ma=86400
content-length
7742
60119
dimedoncywydd.com/rK2P6xKJaNYMIG7l/ Frame F7D8 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dimedoncywydd.com/rK2P6xKJaNYMIG7l/60119
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.210 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:18:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://www.jokerplayer7.online
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
/
widgets.amung.us/draw/ Frame F7D8
Redirect Chain
  • https://whos.amung.us/cwidget/lshstream2/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=5903&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=5903&c=000000ffffff&p=left
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666b02cb4b4ccca10cd4d3bbe79b3e83532a79ed482fcf14b1bbb9db0c8002b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:04 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jul 2023 11:59:58 GMT
server
cloudflare
age
98286
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7e49c6f34f09b92d-AMS
expires
Mon, 10 Jul 2023 11:59:58 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=5903&c=000000ffffff&p=left
date
Mon, 10 Jul 2023 15:18:04 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e49c6f26e3cb92d-AMS
content-type
text/html; charset=UTF-8
icon
fonts.googleapis.com/ Frame F7D8 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 15:18:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jul 2023 15:18:03 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/4.1.1/materia/ Frame F7D8 		188 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.1.1/materia/bootstrap.min.css
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0ce8f54a0cd7ee5abe8b4b7d995aa58dcf6533e8e2f74414ee1d866c4662b4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
191518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19041
last-modified
Mon, 04 May 2020 16:06:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d90-2ef93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSCTXbMj3uTTal2zBCJxX%2Flbt3EE7SuuGeio1xt1M4kLsefTJ9FRd1yPTemwn1gXlu6%2FM6g46EPDv%2Bz7dJIMuXeUdZ3n6g98i52l6FeltEXRmkqG8xhlgE7ypCW5LskPLPxklvH8cx%2FcQm4XYwfZrefj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e49c6f24a0b0b58-AMS
expires
Sat, 29 Jun 2024 15:18:03 GMT
snackbar.css
www.jokerplayer7.online/snack/css/ Frame F7D8 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jokerplayer7.online/snack/css/snackbar.css
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8684e14b4a954fcf2c091413fffcb196f78102e37d66445291ba3b999cdefc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Jan 2019 14:58:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6182
etag
W/"5c3b5227-ca9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRpx4uTtoPZYh5NYnPLoQcPslXscx%2FNo1%2Ft2bgJn%2FYlMZNU6oPg1EMSxmut7U65Iw0dsWcx9yIrq3MTwHUZR2pJmh7KlVKAl2aStB%2Bk%2BPO0DDfVW2tGlS2bZo64yCzh5jxTqiQUfKfGxNzjTMXBkpshborZ42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7e49c6f1f9b40b58-AMS
alt-svc
h3=":443"; ma=86400
jquery-2.2.4.js
code.jquery.com/ Frame F7D8 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer
https://www.jokerplayer7.online/
Origin
https://www.jokerplayer7.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-3ee0f"
vary
Accept-Encoding
x-hw
1689002283.dop231.am5.t,1689002283.cds275.am5.hn,1689002283.cds141.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
snackbar.js
www.jokerplayer7.online/snack/js/ Frame F7D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jokerplayer7.online/snack/js/snackbar.js
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349da4975f1f09b962a48c52bab36754f33d2a1c2b0d3c4055a3bf0410dd5d41

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Jan 2019 21:01:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4639
etag
W/"5c3a55bc-813"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bz1KmnW4T7KNdWB2COruHDXj4AuRht1h05fiRLtNulk%2F%2FnTcbMNyXQH3%2FPmQspm%2FS3dC9OsVXvvsl8e8qtQ%2FgBv6tUe%2B4HvdicsTpDOdao2JGZkM1EMlwgJ8Hz%2Fbg0i7lbFN%2B3yejwEFCJNI17RFbPyPbpMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e49c6f1f9b70b58-AMS
alt-svc
h3=":443"; ma=86400
ad1.php
jokerplayer7.online/ Frame 3C1A 		415 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jokerplayer7.online/ad1.php
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
feb06c7096a80e768640dbcd42b77fb12c23dededba1948f76db36470d760a5f

Request headers

Referer
https://www.jokerplayer7.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6f209ca0b58-AMS
content-encoding
br
content-type
text/html
date
Mon, 10 Jul 2023 15:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erBhmVDrHZ7Bvv5%2BHLyxUvZEYDxHEEkgjZ%2FjroaRIKNRc6g8LDTB572R3yX6K5w82AZCHhGfJ8hsblogIY%2FmU5pzmj%2F2vRJKVYcE8WdCwD3oQggwAUrPmECydBirMyL2eLucN9%2BvyYh6vbXMF0iNbNxd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.3
mamy.php
ssss12.jokerplayer7.online/ Frame D263 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/mamy.php?ch=court2&width=100%&height=360
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 / PHP/5.3.3
Resource Hash
2234d10a8f52276b3d26ec99f0e5aa71b678f8c01489738e85d204ca0cba0524

Request headers

Referer
https://www.jokerplayer7.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 15:17:39 GMT
Server
nginx/1.9.11
Transfer-Encoding
chunked
X-Powered-By
PHP/5.3.3
normalplayer.php
www.jokerplayer7.online/ Frame 9225 		824 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jokerplayer7.online/normalplayer.php?m=court2
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
50810a3f3edc0abe6dba10840be43b2d42948b5888e57a638425d0b51c8da300

Request headers

Referer
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6f209be0b58-AMS
content-encoding
br
content-type
text/html
date
Mon, 10 Jul 2023 15:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nujkVg04B4lYLrd%2Btp7%2BV306v2KmsSbSUWxzKINYnjVoj97jbG4mzd3oODehy4nKNpy8W53%2B5IJVszHJnBT07J7kCjt%2BKYBbh9RcMNKyn910T2k5gSxSOh5V3ii9QF2z4k2SNb%2FnKZBV4QifXwrYUhW03RKrAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.3
js
www.googletagmanager.com/gtag/ Frame 9225 		242 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KJ6LFTB2WV
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/normalplayer.php?m=court2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51cba024ca3a3dd2df1b72ade7cad29a4ad99bb9b14e6eee80047dcdec1ea433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85004
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jul 2023 15:18:03 GMT
0.gif
sstatic1.histats.com/ Frame 9225 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4736561&101
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/normalplayer.php?m=court2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:18:04 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
az2.jpeg
jokerplayer7.online/ Frame 3C1A 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jokerplayer7.online/az2.jpeg
Requested by
Host: jokerplayer7.online
URL: https://jokerplayer7.online/ad1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9b678133a1557b2d518aab6a054cd7905d0203155681470b52c0470ca7a796

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jokerplayer7.online/ad1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:03 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Feb 2023 14:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3979
etag
"63e79ffd-240da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC3Uue8Au9n38I2XVfLWfXE8SV8TvvOupk9J64ZQrGdh1%2BmFNhIWonDJa%2FrmIJRtR3bytdfUuhYQ8%2BOC3E%2BU4oD8L0681eHuZOuIIJS6%2Fbi4Q3QYWBhKrUrLB6jzNJPsr4ZZZlb0IcuqmPxFsodeA7Wb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e49c6f289991c96-AMS
alt-svc
h3=":443"; ma=86400
content-length
147674
css
fonts.googleapis.com/ Frame F7D8 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/4.1.1/materia/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdnjs.cloudflare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jul 2023 15:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 14:28:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jul 2023 15:18:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7D8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.jokerplayer7.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options
nosniff
age
215257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 03:30:27 GMT
normalplayer.php
www.jokerplayer7.online/ Frame F0E5 		824 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jokerplayer7.online/normalplayer.php
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2475 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
50810a3f3edc0abe6dba10840be43b2d42948b5888e57a638425d0b51c8da300

Request headers

Referer
https://www.jokerplayer7.online/embedssl.php?u=court2&vw=100%&vh=360
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e49c6f38b371c96-AMS
content-encoding
br
content-type
text/html
date
Mon, 10 Jul 2023 15:18:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kk5a0HlxTNy%2F%2FPDtdE3xU6UtmrTZdzVFbm8qEUR9JLVsOjlEFbi7Yj1yUcIYTfgwdB048yKk%2B2q0yqW77KltPCdJXNL0BkxqOkbiwkxNINdxDuvgKes4J8i0nGJeOh8abGZZH%2BC6EdpC22%2FIsHRKyTuEyfXRyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.3
js
www.googletagmanager.com/gtag/ Frame F0E5 		242 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KJ6LFTB2WV
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/normalplayer.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec43dd8afbabd49fc6a8b975e4e42f9929c0e191823d29848f472ef432db0268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 15:18:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85004
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jul 2023 15:18:04 GMT
0.gif
sstatic1.histats.com/ Frame F0E5 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4736561&101
Requested by
Host: www.jokerplayer7.online
URL: https://www.jokerplayer7.online/normalplayer.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.jokerplayer7.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:18:04 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
latest.php
ssss12.jokerplayer7.online/secure/ Frame 5D4D 		52 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
Requested by
Host: ssss12.jokerplayer7.online
URL: https://ssss12.jokerplayer7.online:8081/mamy.php?ch=court2&width=100%&height=360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 / PHP/5.3.3
Resource Hash
e105833265711677079d175e7b83abb56161f4cfc194fc0696ed3c7bbdf8e5c2

Request headers

Referer
https://ssss12.jokerplayer7.online:8081/mamy.php?ch=court2&width=100%&height=360
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 15:17:39 GMT
Server
nginx/1.9.11
Transfer-Encoding
chunked
X-Powered-By
PHP/5.3.3
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ Frame 5D4D 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: ssss12.jokerplayer7.online
URL: https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jul 2023 15:18:04 GMT
age
2370289
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
131690
x-served-by
cache-fra-eddf8230044-FRA, cache-bom4740-BOM
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ Frame 5D4D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: ssss12.jokerplayer7.online
URL: https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jul 2023 15:18:04 GMT
age
2280308
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3219
x-served-by
cache-fra-eddf8230115-FRA, cache-bom4740-BOM
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
court2.m3u8
ssss12.jokerplayer7.online/live/ Frame 5D4D 		536 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/live/court2.m3u8?e=1689009459&st=XvfkSyT-bn178eqBRnwDUA
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
43a40b8c5703c5224e88219bc16102b14663ec814b221b469590e2f4a10bb3e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:40 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:33 GMT
Server
nginx/1.9.11
ETag
"64ac210d-218"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
536
court2.m3u8
ssss12.jokerplayer7.online/live/ Frame 5D4D 		536 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/live/court2.m3u8?e=1689009459&st=XvfkSyT-bn178eqBRnwDUA
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
43a40b8c5703c5224e88219bc16102b14663ec814b221b469590e2f4a10bb3e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:41 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:33 GMT
Server
nginx/1.9.11
ETag
"64ac210d-218"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
536
court2-2602.ts
ssss12.jokerplayer7.online/hls10/ Frame 5D4D 		641 KB
642 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/hls10/court2-2602.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
a6c74bdd8fcbc822d00c424c5fcb8a25d93511a79b1594bdca33d7d5831ef8f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:41 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:09 GMT
Server
nginx/1.9.11
ETag
"64ac20f5-a05e8"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
656872
0af22693-bc99-4864-9014-7c917ceaf011
https://ssss12.jokerplayer7.online:8081/ Frame 5D4D 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ssss12.jokerplayer7.online:8081/0af22693-bc99-4864-9014-7c917ceaf011
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e70e4e6050bc1d39946efc526d1af020a63719f1211eae9a68e91d888a7c854

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
63944
Content-Type
text/javascript
court2-2603.ts
ssss12.jokerplayer7.online/hls10/ Frame 5D4D 		462 KB
463 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/hls10/court2-2603.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
6774556b109c4fcb20ce2cfbe80c3685927dfc78ac82d92f54c2b70d6f3075f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:41 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:14 GMT
Server
nginx/1.9.11
ETag
"64ac20fa-739e4"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
473572
court2-2604.ts
ssss12.jokerplayer7.online/hls10/ Frame 5D4D 		508 KB
508 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/hls10/court2-2604.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
99bde73a7288d94c50047a479ae3461a092c73173e879111bfc927a15075cebf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:41 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:25 GMT
Server
nginx/1.9.11
ETag
"64ac2105-7ee8c"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
519820
court2-2605.ts
ssss12.jokerplayer7.online/hls10/ Frame 5D4D 		632 KB
632 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssss12.jokerplayer7.online:8081/hls10/court2-2605.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.128.248.12 Kista, Sweden, ASN43180 (CLOUDNETWORKS-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.9.11 /
Resource Hash
981ee6116823237aa532456dc13c00f8451665162df65de09f2da9889a094e46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssss12.jokerplayer7.online:8081/secure/latest.php?e=1689005459&st=bw9szE4BT3iCvtg4RK4ORw&ch=court2&width=100%&height=360
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 15:17:42 GMT
Last-Modified
Mon, 10 Jul 2023 15:17:33 GMT
Server
nginx/1.9.11
ETag
"64ac210d-9de40"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
646720

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend function| notLoad string| k object| _xdfii7tnwii object| n3hghc711 object| zfgformats function| setImmediate function| clearImmediate function| _hlbpppt function| _hmmkdj function| getCookie function| setLink function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime boolean| zfgloadednative function| _retranber

14 Cookies

Domain/Path Name / Value
buffstream.fun/ Name: charset
Value: ISO-8859-1
nossairt.net/ Name: OAID
Value: bc65d3df13da49eea99d0d8b03cbbab6
.buffstream.fun/ Name: _ga
Value: GA1.2.520432468.1689002283
.buffstream.fun/ Name: _gid
Value: GA1.2.1122470972.1689002283
my.rtmark.net/ Name: ID
Value: bc65d3df13da49eea99d0d8b03cbbab6
.buffstream.fun/ Name: _gat_gtag_UA_97551325_26
Value: 1
nanouwho.com/ Name: scm
Value: 1
nanouwho.com/ Name: oaidts
Value: 1689002283
buffstream.fun/ Name: prefetchAd_5108181
Value: true
nossairt.net/ Name: oaidts
Value: 1689002283
nossairt.net/ Name: syncedCookie
Value: true
nanouwho.com/ Name: OAID
Value: bc65d3df13da49eea99d0d8b03cbbab6
dimedoncywydd.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhPmnakEn4QF8BNZS6a3xIbwkh91TioXdZlkhvr0bE72aL5NvMkEQRNUjwjVLEH%2FREc9K1lSfuBGvUrXnU9MK2QpSrRDHl4OkA%2B7GpXPUT%2BwS7JaZrOvcmmA%2FsGY7yk4axQWevPXXXLXZdIK0t6RVgXT2xlQg763ZFrZVjETTzMjeL9b4TGf6NBaxEI3nUXsOa0RmqeLyHvnHqJUflntEoi7LLMDDbSJ3NnbuRpWFSAdLihG%2BYSfJ8WDsN3LFy9WZG2Am1f37v7%2FxJmpkitdR%2BnPjLmx%2FACxVTkg%3D
dimedoncywydd.com/ Name: GL_GI10
Value: eJwVybEKwjAUBdC8NxRKq3ChH9AvCI3VwVUdOkgHBQe30gYbqElJnn6%2FeNajlOKqBLsV29boXbPX5tBoY46gF7i%2FgkePorcy27gMfkqgCH524OixuYePzHUXln%2BBRuS3IGLjNLxBDoVrL9pbqU%2F6AfYJ%2BTnENcRBLGjNCCwhY3CaKgX6ZuUPG5Qhrw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.tazz.tv
buffstream.fun
cdn-icons-png.flaticon.com
cdn.jsdelivr.net
cdn.livetv682.me
cdnjs.cloudflare.com
code.jquery.com
dimedoncywydd.com
fonts.googleapis.com
fonts.gstatic.com
jokerplayer7.online
live.harleyquinnwidget.live
my.rtmark.net
nanouwho.com
nossairt.net
ssss12.jokerplayer7.online
sstatic1.histats.com
stats.g.doubleclick.net
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
www.jokerplayer7.online
139.45.195.8
139.45.197.238
139.45.197.242
149.56.240.127
195.128.248.12
2001:4de0:ac18::1:a:1b
23.109.87.210
2606:4700:10::6816:4aab
2606:4700:3033::6815:2d57
2606:4700:3035::6815:2475
2606:4700::6811:190e
2a00:1450:4001:803::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9d
2a02:26f0:1700:1a6::312e
2a04:4e42:400::485
2a06:98c1:3120::3
2a06:98c1:3121::3
03537ccaf5ad61c2da61e5cd544795feb97e403b2ed4e10c2e22f5e1a5e40bb8
1880097735176c1cea6d702b01302eec6a6f1a69ce599caf18d6e6367ff3821f
196c8982b7a1c8bca7183feb18ea28aefd9c3b845caf91bcce5cdfe0894e0559
2234d10a8f52276b3d26ec99f0e5aa71b678f8c01489738e85d204ca0cba0524
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
3274af914b2e68379d2d3fadb6764cc17178542d0121571de9f3d338c20270d9
349da4975f1f09b962a48c52bab36754f33d2a1c2b0d3c4055a3bf0410dd5d41
43a40b8c5703c5224e88219bc16102b14663ec814b221b469590e2f4a10bb3e8
4ecee4470bc41667f53fb382ad88da605003b8cb787058200ac07a507593aa33
50810a3f3edc0abe6dba10840be43b2d42948b5888e57a638425d0b51c8da300
51cba024ca3a3dd2df1b72ade7cad29a4ad99bb9b14e6eee80047dcdec1ea433
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5b8684e14b4a954fcf2c091413fffcb196f78102e37d66445291ba3b999cdefc
666b02cb4b4ccca10cd4d3bbe79b3e83532a79ed482fcf14b1bbb9db0c8002b1
6774556b109c4fcb20ce2cfbe80c3685927dfc78ac82d92f54c2b70d6f3075f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9b678133a1557b2d518aab6a054cd7905d0203155681470b52c0470ca7a796
79c30c5c8e87932954babf3898895ee10174520e5c93d82accccb8f7930bd920
7b0ce8f54a0cd7ee5abe8b4b7d995aa58dcf6533e8e2f74414ee1d866c4662b4
7ef71e220f7825fe6f8de75a233eadf81c755ff90fe63961d06462f81571ac2e
8689858341f196d3d15c21649efa994343df00ee781a4de843f98484ece925a5
87b9aebedb2190922a53f7be96641c644e981b7daaf510e4dbb9ef3b1ed2befb
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
9204e81b24a844d698a682ae13d0bdad0331503d093b78610cdeb0445eb25c00
94d742faa2e872ce6535cd2379a83b95b59d8c3a873c8b0c8ced78f3279c0ee0
981ee6116823237aa532456dc13c00f8451665162df65de09f2da9889a094e46
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99bde73a7288d94c50047a479ae3461a092c73173e879111bfc927a15075cebf
9e70e4e6050bc1d39946efc526d1af020a63719f1211eae9a68e91d888a7c854
9f4746e2f831258d8c17a5139531ecb160b16bc7e457875c354881cfaf71f827
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a4809b92db2481ce2cb1939d77c880baa25f77e3528f1910bee0d00da1df4c
a6c74bdd8fcbc822d00c424c5fcb8a25d93511a79b1594bdca33d7d5831ef8f1
b0c2dc8decdf5bcb8bc9ebc544bae7e9c12967942f6599a109718ff329dd2b63
bfa98d1852d024a50951a419f20bf48df8cd23e74c91a12e27e1781a9e6f3b73
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d89b8e584333a5b0ed84e825ddf5c85e89529ff7c197bc3c57151ae9c295194a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c1c610c57638fba559e4066f7dfd42f10ff01601aaf122d9fd63ed2ad432c0
e105833265711677079d175e7b83abb56161f4cfc194fc0696ed3c7bbdf8e5c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a307b7fa806a5eca9b9681aa853ac916e8bb9d526534faeff192c736702a84
eb2224e60ee842f034267d4e814004a638858c39c782693e6b75c475af44d80e
ec43dd8afbabd49fc6a8b975e4e42f9929c0e191823d29848f472ef432db0268
ed1acd2449e5abafaf96a6b75e07e45828d4f729bfd74a8196ca665fa0e9270d
ee60a5096eaf2e3f89fd005569b1b122992ba425de066b84d306f9f09e601891
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
feb06c7096a80e768640dbcd42b77fb12c23dededba1948f76db36470d760a5f