urlscan.io logo urlscan.io
SecurityTrails logo

hlsplay.com Open in urlscan Pro
190.2.144.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hlsplay.com/e/ZSCLVU1o2fM8
Effective URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Submission: On May 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 14 domains to perform 36 HTTP transactions. The main IP is 190.2.144.230, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is hlsplay.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 19th 2019. Valid for: a year.
This is the only time hlsplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 190.2.144.230 49981 (WORLDSTREAM)
3 2a04:4e42:1b:... 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 163.172.8.110 12876 (Online SAS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 198.134.112.242 27257 (WEBAIR-IN...)
2 88.85.82.153 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.181.175.55 60068 (CDN77)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 216.21.13.10 53334 (TUT-AS)
36 18
5    190.2.144.230 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
hlsplay.com
3    2a04:4e42:1b::442 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.plyr.io
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    163.172.8.110 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-8-110.rev.poneytelecom.eu
echo.hlssrv.com
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
tu42het22n.com
2    88.85.82.153 (Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-55.datapacket.com
c1.popads.net
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
3    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
pvqfumgp6txs.l.adsco.re
1    216.21.13.10 (United States)

ASN53334 (TUT-AS, US)
serve.popads.net
Domain Requested by
5 hlsplay.com 1 redirects hlsplay.com
cdnjs.cloudflare.com
3 adsco.re hlsplay.com
c.adsco.re
3 cdn.jsdelivr.net hlsplay.com
3 cdn.plyr.io hlsplay.com
cdn.plyr.io
2 6.adsco.re hlsplay.com
c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 www.google-analytics.com www.googletagmanager.com
hlsplay.com
2 deloplen.com hlsplay.com
deloplen.com
2 echo.hlssrv.com hlsplay.com
cdn.jsdelivr.net
2 www.google.com hlsplay.com
www.gstatic.com
1 serve.popads.net c1.popads.net
1 pvqfumgp6txs.l.adsco.re c.adsco.re
1 c1.popads.net hlsplay.com
1 www.gstatic.com www.google.com
1 tu42het22n.com hlsplay.com
1 www.googletagmanager.com hlsplay.com
1 cdnjs.cloudflare.com hlsplay.com
1 code.jquery.com hlsplay.com
0 pvqfumgp6txs.s.adsco.re Failed c.adsco.re
0 pvqfumgp6txs.n.adsco.re Failed c.adsco.re
36 20

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
hlsplay.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-19 -
2020-08-18		 a year crt.sh
v.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-24 -
2021-04-25		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
echo.hlssrv.com
Let's Encrypt Authority X3		 2020-05-13 -
2020-08-11		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
tu42het22n.com
Let's Encrypt Authority X3		 2020-04-29 -
2020-07-28		 3 months crt.sh
*.deloplen.com
Let's Encrypt Authority X3		 2020-05-05 -
2020-08-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
1355769017.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-03-23 -
2020-06-21		 3 months crt.sh
*.adsco.re
COMODO RSA Organization Validation Secure Server CA		 2017-09-26 -
2020-09-25		 3 years crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.popads.net
Sectigo RSA Domain Validation Secure Server CA		 2019-10-29 -
2021-10-29		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://hlsplay.com/e/ZSCLVU1o2fM8
Frame ID: CC009FC351AFFFBF354036383B314DD7
Requests: 40 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: DB8C5221047BACCA168D82896040AB7A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc90MkUAAAAAOrqIJqt4iXY_fkXb7j3zwgRGtUI&co=aHR0cHM6Ly9obHNwbGF5LmNvbTo0NDM.&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=invisible&cb=nhpmit9j6qwc
Frame ID: 0B89EBC0CAB497A89FF28ABA0C8AE040
Requests: 1 HTTP requests in this frame

Frame: https://deloplen.com/fac.php
Frame ID: C7C50C3C7D1A5DC91D36AFD1B44B69DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hlsplay.com/e/ZSCLVU1o2fM8 HTTP 301
    https://hlsplay.com/e/ZSCLVU1o2fM8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

36
Requests

92 %
HTTPS

53 %
IPv6

14
Domains

20
Subdomains

18
IPs

6
Countries

1908 kB
Transfer

2705 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hlsplay.com/e/ZSCLVU1o2fM8 HTTP 301
    https://hlsplay.com/e/ZSCLVU1o2fM8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ZSCLVU1o2fM8
hlsplay.com/e/
Redirect Chain
  • http://hlsplay.com/e/ZSCLVU1o2fM8
  • https://hlsplay.com/e/ZSCLVU1o2fM8
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.2.144.230 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.12.2 /
Resource Hash
c5aa2faeaa305d6b5fe03e7f19bb1fe7723365ee2f726f63acf65fc7b3a60571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
hlsplay.com
:scheme
https
:path
/e/ZSCLVU1o2fM8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx/1.12.2
date
Sun, 17 May 2020 12:18:04 GMT
content-type
text/html; charset=utf-8
content-length
9106
set-cookie
adonis-session=c1cea1cbaf05326f0cadd4b7d9e40adf5Clly1UEM4CsKjFZu%2BHKBxEimrwEOTla0FKQDReZZEMtoRbC1mRCb9Raf4Ije7w8nyDFIAk6yA%2BttzjELKxIJMA2O4%2FsWFVJ6AkH9jM1Z1SZ03fkborumYZNwAYfGBhF; Path=/; Expires=Mon, 12 May 2025 12:03:45 GMT; HttpOnly XSRF-TOKEN=9f69436d9d7a9eea9e11115145ec0bdac9nfsdoNSN74M3xN2j2qirlUnep9KI4NlvtaJTuxVCs6WVcaqjHUUYKtDFJNqCeDFMAsLcdS7p%2BHgikcCIs%2FEhdvMC6dSuofRo0TekDiNusnC1qO4LcVof60QPaDNcIO; Max-Age=7200; Path=/; SameSite=Strict adonis-session-values=dd4ccdfbc7680c8bc47f923ddcc630e7HbCi1YCWrOCxHocRMLGnOwTJkEmNBqbwNKtt8PmRZAH8xnA8CBJh%2FAXILf3uED%2FFJocfgY8siP87%2B85BAFZcXTOPcbwG3VN4BhMrFrVTB%2FtmOexqOkrQvj3c03jza4wcpGu2bI%2B1m8VvVMYR3oa78GvoKDidV%2BJ8m6LoVQFcBxc%3D; Path=/; Expires=Mon, 12 May 2025 12:03:45 GMT; HttpOnly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*

Redirect headers

Server
nginx/1.12.2
Date
Sun, 17 May 2020 12:18:04 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
https://hlsplay.com/e/ZSCLVU1o2fM8
plyr.css
cdn.plyr.io/1.8.2/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/1.8.2/plyr.css
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::442 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32237da5e2b912d9b7f533a827ed683b0bb7eb9b65171d2a6781b19e0cb964d6

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
gzip
age
29966665
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, HIT
status
200
content-length
2821
x-amz-id-2
gG8Bi4qheEZ5zztr9LfaHVOQaKW9DGTwWijcPVRl8hqBGEZGsVPdGAcoVnrLfloav5DPqj4LJK4=
x-served-by
cache-iad2126-IAD, cache-dca17734-DCA, cache-hhn4064-HHN
last-modified
Sun, 25 Sep 2016 07:50:57 GMT
server
AmazonS3
x-timer
S1589717884.473349,VS0,VE0
etag
"ff443fefca13a0ef5aebd0bc199b871b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
02C181AD3EC13541
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
x-cache-hits
1, 1, 10
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-15851"
Vary
Accept-Encoding
X-HW
1589717884.dop010.fr8.shc,1589717884.dop010.fr8.t,1589717884.cds159.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30638
api.js
www.google.com/recaptcha/ 		765 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=6Lc90MkUAAAAAOrqIJqt4iXY_fkXb7j3zwgRGtUI
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3c08be948204c1582f121f32a00b6078931a7a814404a262a318929a87a9f80e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
501
x-xss-protection
1; mode=block
expires
Sun, 17 May 2020 12:18:04 GMT
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
8654405
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02c42af622000097906a1bf200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 30 May 2019 16:46:02 GMT
server
cloudflare
etag
W/"5cf008ca-3580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
594d4769da8f9790-FRA
expires
Fri, 07 May 2021 12:18:04 GMT
splash.png
echo.hlssrv.com/hls_serve/0NsQr_LRgoNffVdKQbBzJA/1589729885/TWsit6F1pvKRfbVeoatB/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://echo.hlssrv.com/hls_serve/0NsQr_LRgoNffVdKQbBzJA/1589729885/TWsit6F1pvKRfbVeoatB/splash.png
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.8.110 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-8-110.rev.poneytelecom.eu
Software
nginx/1.16.1 /
Resource Hash
e45a53153924366ca099473653bae1852f8d6d0aa569ba6f49194a46d9e997c6

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Last-Modified
Fri, 15 May 2020 15:22:37 GMT
Server
nginx/1.16.1
ETag
"5ebeb3bd-15d04c"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1429580
p2p-media-loader-core.min.js
cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7974
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
02c42af63f0000dfcb5e096200000001
x-served-by
cache-ams21025-AMS, cache-fra19135-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
594d4769fbdfdfcb-FRA
p2p-media-loader-hlsjs.min.js
cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7730
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
02c42af6410000dfcb5e097200000001
x-served-by
cache-ams21050-AMS, cache-hhn4020-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
594d476a0beadfcb-FRA
plyr.js
cdn.plyr.io/1.8.2/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/1.8.2/plyr.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::442 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc0248317d6597d97d6c962b851f0291be6eec9762ebadf97cef3e8d47dec003

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
gzip
age
21671765
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, HIT
status
200
content-length
12302
x-amz-id-2
zoTc9nz0i4sTDPpWsT3s8K+45Zh0AzXzy96OhCLlrl72eCzMmMYOLpg1/utncwjQRVpNBYrgodU=
x-served-by
cache-iad2148-IAD, cache-dca17740-DCA, cache-hhn4064-HHN
last-modified
Sun, 25 Sep 2016 07:50:57 GMT
server
AmazonS3
x-timer
S1589717884.497707,VS0,VE0
etag
"25cca22cf9f522b6fc7738d12dbbed93"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
665E939D682DDD50
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 1, 9
hls.js@canary
cdn.jsdelivr.net/npm/ 		232 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@canary
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeaab1947aea07dfbecb710c59fa3829c9717b42b853f62740e65f91d02c14af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
02c42af64f0000dfcb5e099200000001
x-served-by
cache-fra19143-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"3a010-JNNHGlJyPY9BnankBRIk1oS9cK0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
594d476a1c46dfcb-FRA
jquery-3.1.1.min.js
hlsplay.com/front-end/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hlsplay.com/front-end/js/jquery-3.1.1.min.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.2.144.230 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.12.2 /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
last-modified
Mon, 09 Jul 2018 04:49:24 GMT
server
nginx/1.12.2
etag
W/"152b5-1647d5f7020"
status
200
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
86709
js
www.googletagmanager.com/gtag/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146488828-1
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e56995ad00342a206504ddd40773550d549880c1a7d74f56c719d334d6649df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33118
x-xss-protection
0
last-modified
Sun, 17 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 May 2020 12:18:04 GMT
6ccce0935f3a28d49c1ed03660c6682b.js
tu42het22n.com/6c/cc/e0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tu42het22n.com/6c/cc/e0/6ccce0935f3a28d49c1ed03660c6682b.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 May 2020 12:18:04 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
apu.php
deloplen.com/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deloplen.com/apu.php?zoneid=2812120
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.82.153 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
744953d5879a517b50518d207056af786c9bb0136530b00b6c825e6fd590f1a3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
d7cb88bb0dc0eb266a83f7a74d17762d
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/ 		299 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=6Lc90MkUAAAAAOrqIJqt4iXY_fkXb7j3zwgRGtUI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 19:09:25 GMT
server
sffe
age
139293
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124431
x-xss-protection
0
expires
Sat, 15 May 2021 21:36:31 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
plyr.svg
cdn.plyr.io/1.8.1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/1.8.1/plyr.svg
Requested by
Host: cdn.plyr.io
URL: https://cdn.plyr.io/1.8.2/plyr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::442 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
gzip
age
17749243
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
1222
x-amz-id-2
CSDdso5l9tBCqsRP8UcU/sofF2JH2v8Ba4cnIdrAOOrXBSWUi2QmX/DpJ8g2vH7jLYNIDsm1Y70=
x-served-by
cache-iad2132-IAD, cache-hhn4067-HHN
last-modified
Sun, 25 Sep 2016 07:47:43 GMT
server
AmazonS3
x-timer
S1589717885.597666,VS0,VE0
etag
"2e424027329f13b2cf82d00129c5e193"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
2226548043FE7832
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
1, 29
pop.js
c1.popads.net/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.popads.net/pop.js
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-55.datapacket.com
Software
CDN77-Turbo /
Resource Hash
a6f6f915735dc972ccf1173136f278e4e7dd53505fd99d94a4292676dc7bfa35

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
Origin
https://hlsplay.com

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
last-modified
Mon, 04 May 2020 18:26:17 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
W/"5eb05e49-7a55"
status
200
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-edge-ip
195.181.175.53
x-age
6453
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
truncated
/ 		108 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cab1ce25239573b09e53adf7d3b271100165bdfb95c54a6602b9b61202e4788c

Request headers

Origin
https://hlsplay.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146488828-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5969
date
Sun, 17 May 2020 10:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sun, 17 May 2020 12:38:35 GMT
collect
www.google-analytics.com/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=639474952&t=pageview&_s=1&dl=https%3A%2F%2Fhlsplay.com%2Fe%2FZSCLVU1o2fM8&ul=en-us&de=UTF-8&dt=HLSPlay%20-%20%EC%B1%84%EB%84%90A%20%EA%B8%88%ED%86%A0%EB%93%9C%EB%9D%BC%EB%A7%88%20%EC%9C%A0%EB%B3%84%EB%82%98%20%EB%AC%B8%EC%85%B0%ED%94%84.E15.200515.720p.mp4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=143181605&gjid=891869495&cid=370259568.1589717885&tid=UA-146488828-1&_gid=879695395.1589717885&_r=1&gtm=2ou561&z=2081993290
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 May 2020 12:18:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.adsco.re/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df5dda5dda04d403a0c1d75898c8e67e74d6a68ea8b6de7d96e266e6cc259be

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
827300
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02c42af7a5000017522e87f200000001
server
cloudflare
etag
W/"TfDfF8/DBqH7tF/j3/1Icw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=43200,public,immutable,no-transform
cf-ray
594d476c3eec1752-FRA
link
<//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires
Fri, 08 May 2020 10:29:44 GMT
p
adsco.re/ 		0
323 B 		Other
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
6.adsco.re/ 		0
267 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: hlsplay.com
URL: https://hlsplay.com/e/ZSCLVU1o2fM8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
594d476c7f751752-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02c42af7c9000017522e885200000001
p
adsco.re/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Allow-Origin
https://hlsplay.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
6.adsco.re/ 		53 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 12:18:04 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://hlsplay.com
access-control-max-age
2592000
cache-control
max-age=600,public,immutable
cf-ray
594d476cbdf305bf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02c42af7ee000005bf1c892200000001
/
pvqfumgp6txs.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pvqfumgp6txs.l.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:04 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
pvqfumgp6txs.n.adsco.re/ 		0
0
/
pvqfumgp6txs.s.adsco.re/ 		0
0
/
c.adsco.re/ Frame DB8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hlsplay.com/e/ZSCLVU1o2fM8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8

Response headers

status
200
date
Sun, 17 May 2020 12:18:04 GMT
content-type
text/html
cache-control
max-age=43200,public,immutable,no-transform
link
<//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires
Fri, 08 May 2020 10:29:44 GMT
etag
W/"TfDfF8/DBqH7tF/j3/1Icw=="
content-encoding
gzip
cf-cache-status
HIT
age
827300
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
594d476c8fb21752-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02c42af7d7000017522e887200000001
anchor
www.google.com/recaptcha/api2/ Frame 0B89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc90MkUAAAAAOrqIJqt4iXY_fkXb7j3zwgRGtUI&co=aHR0cHM6Ly9obHNwbGF5LmNvbTo0NDM.&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=invisible&cb=nhpmit9j6qwc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nXcBY5pVjXcAySGrx18wfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lc90MkUAAAAAOrqIJqt4iXY_fkXb7j3zwgRGtUI&co=aHR0cHM6Ly9obHNwbGF5LmNvbTo0NDM.&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=invisible&cb=nhpmit9j6qwc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hlsplay.com/e/ZSCLVU1o2fM8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 17 May 2020 12:18:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-nXcBY5pVjXcAySGrx18wfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9369
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fac.php
deloplen.com/ Frame C7C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: https://deloplen.com/apu.php?zoneid=2812120
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.82.153 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
OAID=12e4994a43144112a7c7e9c01b25c0f9; oaidts=1589717884
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8

Response headers

Server
nginx
Date
Sun, 17 May 2020 12:18:05 GMT
Content-Type
text/html; charset=utf8
Content-Length
203
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
60138391482d2b7ebc2c26bc6295fc6d
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
p
adsco.re/ 		360 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
90da8287d2be169390f5370bae9b0f46cb9f3e9216fb6e52f0685648bfc97cd6

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

AS-P-G
OK
Date
Sun, 17 May 2020 12:18:05 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://hlsplay.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
jet_secure
hlsplay.com/ 		374 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsplay.com/jet_secure
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.2.144.230 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.12.2 /
Resource Hash
612c4cfb9ca0c47d31c64a7da8102f4d8325545979954a974f8afca53e9759ec

Request headers

Accept
application/json, text/plain, */*
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
X-XSRF-TOKEN
9f69436d9d7a9eea9e11115145ec0bdac9nfsdoNSN74M3xN2j2qirlUnep9KI4NlvtaJTuxVCs6WVcaqjHUUYKtDFJNqCeDFMAsLcdS7p+HgikcCIs/EhdvMC6dSuofRo0TekDiNusnC1qO4LcVof60QPaDNcIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 17 May 2020 12:18:05 GMT
server
nginx/1.12.2
x-ratelimit-remaining
9
content-type
application/json; charset=utf-8
status
200
x-ratelimit-reset
59
x-ratelimit-limit
10
content-length
374
c
serve.popads.net/ 		0
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.popads.net/c?_=BAoAXsErfQFewSt9gAGBAsAAIJEFJcU3R9Ziht_7ntsmVSBXo3OwmZEvqizMYovNUoFkwQBGMEQCIB1uv08hOyeYci0GiFp4p1mI2JlZ0MN7tU1Cse30vNf8AiA3PoutDpup5fQ3wXFohYz5L4fhRatKMnAAII-M6V-WvcIAICMPtmDtIGb0cUeIT8qlFw_1auqHONelWLZ--m3cRuo9xAAQKgEE-AEhExoAAAAAAAAAAsUAEPMRmtKQQHQrYufGQ_TtQFDDAEYwRAIgWAHmrwRbIptnZJWeR_rIKmO944lVI6S1LG4YWnEabfYCIB8RpftFuFmlpGe6ZLSO9hyU24DdzdMUxoJM7Stro_7l&v=4&siteId=3535186&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by
Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
216.21.13.10 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:05 GMT
ASF
9
Access-Control-Allow-Origin
*
Content-Type
application/javascript
PopAds-EC
ASB
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Content-Length
0
Expires
Sun, 24 May 2020 12:18:05 GMT
pl2.m3u8
echo.hlssrv.com/hls_serve/nXCGO0WuJMOICNRyrAH-Xg/1589729886/TWsit6F1pvKRfbVeoatB/ 		26 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://echo.hlssrv.com/hls_serve/nXCGO0WuJMOICNRyrAH-Xg/1589729886/TWsit6F1pvKRfbVeoatB/pl2.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.8.110 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-8-110.rev.poneytelecom.eu
Software
nginx/1.16.1 /
Resource Hash
8e34263baff7c73cb8318c6985af4c2274b97ed4c537bdb9c0e662bef14df655

Request headers

Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 12:18:05 GMT
Last-Modified
Fri, 15 May 2020 15:35:19 GMT
Server
nginx/1.16.1
ETag
"5ebeb6b7-69c7"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27079
f0ed94a2-d829-4aae-8ce7-43ecec6ac896
https://hlsplay.com/ 		60 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://hlsplay.com/f0ed94a2-d829-4aae-8ce7-43ecec6ac896
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@canary
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f003b817a853370e3619b0d85b07a9712fd4119237b2c8e741144de89bf6395

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
61384
Content-Type
text/javascript
View-Counter
hlsplay.com/v1/API/ 		4 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsplay.com/v1/API/View-Counter
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.2.144.230 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.12.2 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hlsplay.com/e/ZSCLVU1o2fM8
X-XSRF-TOKEN
9f69436d9d7a9eea9e11115145ec0bdac9nfsdoNSN74M3xN2j2qirlUnep9KI4NlvtaJTuxVCs6WVcaqjHUUYKtDFJNqCeDFMAsLcdS7p+HgikcCIs/EhdvMC6dSuofRo0TekDiNusnC1qO4LcVof60QPaDNcIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 17 May 2020 12:18:09 GMT
x-content-type-options
nosniff
server
nginx/1.12.2
x-download-options
noopen
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
false, *
content-length
4
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pvqfumgp6txs.n.adsco.re
URL
https://pvqfumgp6txs.n.adsco.re/
Domain
pvqfumgp6txs.s.adsco.re
URL
https://pvqfumgp6txs.s.adsco.re/

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| axios object| p2pml function| require object| plyr object| recaptcha function| Hls undefined| the_token object| video object| engine object| hls function| onloadCallback object| loader number| max_count function| gtag object| dataLayer object| _pop object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| detectZoom object| AdservingModule object| iframe object| where object| win object| _pao function| AdscoreInit number| a function| ed number| t number| r number| g number| b string| bt object| closure_lm_919729 function| onClickTrigger object| zfgformats boolean| zfgloadedpopup

10 Cookies

Domain/Path Name / Value
hlsplay.com/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAXsErfQFewSt9gAGBAsAAIJEFJcU3R9Ziht_7ntsmVSBXo3OwmZEvqizMYovNUoFkwQBGMEQCIB1uv08hOyeYci0GiFp4p1mI2JlZ0MN7tU1Cse30vNf8AiA3PoutDpup5fQ3wXFohYz5L4fhRatKMnAAII-M6V-WvcIAICMPtmDtIGb0cUeIT8qlFw_1auqHONelWLZ--m3cRuo9xAAQKgEE-AEhExoAAAAAAAAAAsUAEPMRmtKQQHQrYufGQ_TtQFDDAEYwRAIgWAHmrwRbIptnZJWeR_rIKmO944lVI6S1LG4YWnEabfYCIB8RpftFuFmlpGe6ZLSO9hyU24DdzdMUxoJM7Stro_7l
hlsplay.com/ Name: a
Value: UhuPbfC4WXeIHKy0DcQS9Sr9Tw90hPC8
.hlsplay.com/ Name: _gid
Value: GA1.2.879695395.1589717885
deloplen.com/ Name: oaidts
Value: 1589717884
hlsplay.com/ Name: adonis-session-values
Value: dd4ccdfbc7680c8bc47f923ddcc630e7HbCi1YCWrOCxHocRMLGnOwTJkEmNBqbwNKtt8PmRZAH8xnA8CBJh%2FAXILf3uED%2FFJocfgY8siP87%2B85BAFZcXTOPcbwG3VN4BhMrFrVTB%2FtmOexqOkrQvj3c03jza4wcpGu2bI%2B1m8VvVMYR3oa78GvoKDidV%2BJ8m6LoVQFcBxc%3D
.hlsplay.com/ Name: _gat_gtag_UA_146488828_1
Value: 1
.hlsplay.com/ Name: _ga
Value: GA1.2.370259568.1589717885
hlsplay.com/ Name: XSRF-TOKEN
Value: 9f69436d9d7a9eea9e11115145ec0bdac9nfsdoNSN74M3xN2j2qirlUnep9KI4NlvtaJTuxVCs6WVcaqjHUUYKtDFJNqCeDFMAsLcdS7p%2BHgikcCIs%2FEhdvMC6dSuofRo0TekDiNusnC1qO4LcVof60QPaDNcIO
deloplen.com/ Name: OAID
Value: 12e4994a43144112a7c7e9c01b25c0f9
hlsplay.com/ Name: adonis-session
Value: c1cea1cbaf05326f0cadd4b7d9e40adf5Clly1UEM4CsKjFZu%2BHKBxEimrwEOTla0FKQDReZZEMtoRbC1mRCb9Raf4Ije7w8nyDFIAk6yA%2BttzjELKxIJMA2O4%2FsWFVJ6AkH9jM1Z1SZ03fkborumYZNwAYfGBhF

16 Console Messages

Source Level URL
Text
console-api log URL: https://c.adsco.re/(Line 16)
Message:
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d614e31564451316564554b4d
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d614e31564451316564554b4d
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d354148666854624b62507569
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d354148666854624b62507569
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d6269736b62746f7654476267
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d6269736b62746f7654476267
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d50554c7856457a5950734470
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d50554c7856457a5950734470
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d3049544e7835414e62746369
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d3049544e7835414e62746369
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d6a6a433559686b6c70665a6a
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d6a6a433559686b6c70665a6a
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 153)
Message:
peer_connect 2d5757303030362d5a7a7a4c4754546678377769
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 199)
Message:
peer_connect 2d5757303030362d5a7a7a4c4754546678377769
console-api log URL: https://hlsplay.com/e/ZSCLVU1o2fM8(Line 181)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
cdn.plyr.io
cdnjs.cloudflare.com
code.jquery.com
deloplen.com
echo.hlssrv.com
hlsplay.com
pvqfumgp6txs.l.adsco.re
pvqfumgp6txs.n.adsco.re
pvqfumgp6txs.s.adsco.re
serve.popads.net
tu42het22n.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
pvqfumgp6txs.n.adsco.re
pvqfumgp6txs.s.adsco.re
162.252.214.5
163.172.8.110
185.200.118.90
190.2.144.230
195.181.175.55
198.134.112.242
2001:4de0:ac19::1:b:3a
216.21.13.10
2606:4700::6810:5714
2606:4700::6810:85e5
2606:4700::6811:a6ba
2a00:1450:4001:801::2008
2a00:1450:4001:808::2004
2a00:1450:4001:817::200e
2a00:1450:4001:820::2003
2a04:4e42:1b::442
88.85.82.153
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e56995ad00342a206504ddd40773550d549880c1a7d74f56c719d334d6649df
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4
1df5dda5dda04d403a0c1d75898c8e67e74d6a68ea8b6de7d96e266e6cc259be
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32237da5e2b912d9b7f533a827ed683b0bb7eb9b65171d2a6781b19e0cb964d6
3c08be948204c1582f121f32a00b6078931a7a814404a262a318929a87a9f80e
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f003b817a853370e3619b0d85b07a9712fd4119237b2c8e741144de89bf6395
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
612c4cfb9ca0c47d31c64a7da8102f4d8325545979954a974f8afca53e9759ec
6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
744953d5879a517b50518d207056af786c9bb0136530b00b6c825e6fd590f1a3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8e34263baff7c73cb8318c6985af4c2274b97ed4c537bdb9c0e662bef14df655
90da8287d2be169390f5370bae9b0f46cb9f3e9216fb6e52f0685648bfc97cd6
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a6f6f915735dc972ccf1173136f278e4e7dd53505fd99d94a4292676dc7bfa35
aeaab1947aea07dfbecb710c59fa3829c9717b42b853f62740e65f91d02c14af
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c5aa2faeaa305d6b5fe03e7f19bb1fe7723365ee2f726f63acf65fc7b3a60571
c84ea903b1833a97bb0e508404cded491e4f2c2b7042d193137cc25fcbce4297
cab1ce25239573b09e53adf7d3b271100165bdfb95c54a6602b9b61202e4788c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a53153924366ca099473653bae1852f8d6d0aa569ba6f49194a46d9e997c6
fc0248317d6597d97d6c962b851f0291be6eec9762ebadf97cef3e8d47dec003