Report - freek.to/watch/tv/62560

Report Overview

Visited public
2024-12-02 22:48:02
Tags
URL
freek.to/watch/tv/62560
Finishing URL
freek.to/watch/tv/62560
IP / ASN
172.67.165.66
#13335 CLOUDFLARENET
Title
Freek

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-11-27	2.1 kB	120 kB	216.58.207.227
backend.freek.to	unknown	unknown	2024-10-07	2024-12-01	1.9 kB	29 kB	104.21.57.176
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-11-27	913 B	224 kB	142.250.74.99
embed.su	293079	2024-09-26	2021-08-25	2024-12-01	8.4 kB	2.0 MB	172.67.160.205
pixel.embed.su	unknown	2024-09-26	2024-10-16	2024-12-01	445 B	916 B	0.0.0.0
viper.congacdn.cc	unknown	2024-09-29	2024-10-16	2024-10-16	1.9 kB	482 kB	104.21.61.162
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-11-27	964 B	41 kB	104.16.79.73
freek.to	unknown	unknown	2024-10-07	2024-10-10	2.3 kB	372 kB	104.21.57.176
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-11-27	449 B	50 kB	172.67.169.157
raunooligais.net	unknown	2024-07-14	2024-07-14	2024-12-01	2.6 kB	82 kB	139.45.197.244
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-11-27	1.7 kB	33 kB	142.250.74.42
image.tmdb.org	17757	2009-09-15	2021-01-09	2024-11-30	3.8 kB	340 kB	185.59.220.198
www.google.com	7	1997-09-15	2015-05-10	2024-11-27	446 B	24 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-02	medium	raunooligais.net	Sinkholed
2024-12-02	medium	raunooligais.net	Sinkholed
2024-12-02	medium	raunooligais.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	embed.su/static/player.js?v1.0.61	ScriptElement	437 kB	2024-12-01	2024-12-25
Pretty URL embed.su/static/player.js?v1.0.61 IP 172.67.160.205 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 08:51 Last Seen2024-12-25 07:23 Times Seen9 Hash b331eb59cce8ff5f7850cc16c4c4e8f4 76935fd9eb9fee1a03ee30b1f18f076af7c3c208 23067e146c882a0866e3f7c68eea357a3df167d6ba36f54495c42d903d64574e Loading...

	www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1	ScriptElement	4.3 kB	2023-03-07	2025-06-04
Pretty URL www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-04 17:25 Times Seen2942 Hash b427175fa1078775eb792756e7b6d1e7 4c55c0233d3d9002b3449c025f97821f8bb8900d ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Loading...

	unknown	ScriptElement	170 B	2024-12-02	2024-12-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-02 22:48 Last Seen2024-12-02 22:48 Times Seen1 Hash f8ce500e933696a4bfe00209298e9254 6c0fad2bf82d75a94173e40cb10cea3fe5722cf2 b9d02be828e34e493e49bf748aea7d757a3587abd7eefd0331dcc5dd1f1009de Loading...

	embed.su/static/react.js	ImportedModule	141 kB	2024-10-04	2025-05-31
Pretty URL embed.su/static/react.js IP 172.67.160.205 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-10-04 08:08 Last Seen2025-05-31 13:50 Times Seen29 Hash dac75cfcc488f838789bb1b60be923d3 b29c61e8974556465038be970964c364967ba4e3 cd60bdf1ed30b1f3881940d7c543391671dbe35f57eb86a4a8b0b577ea9107db Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-06-04
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-06-04 17:22 Times Seen56212 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	www.google.com/recaptcha/api.js?render=6LetUxQqAAAAAEF6g4dlbMi-e1epc08YIWwyW1oG	ScriptElement	870 B	2024-11-20	2024-12-12
Pretty URL www.google.com/recaptcha/api.js?render=6LetUxQqAAAAAEF6g4dlbMi-e1epc08YIWwyW1oG IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 23:42 Last Seen2024-12-12 18:45 Times Seen1048 Hash 9a7730f4a9a8ea6aeb1a51493b19c248 8e1bddd7332f16b21514442022da22c56a009596 19dc0943a446be7f0d9d6e08ec9541c1c9996840d43b1e9aae42da4174184a09 Loading...

	unknown	Function	916 B	2024-12-01	2025-05-31
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-12-01 08:51 Last Seen2025-05-31 13:50 Times Seen21 Hash 0632424cf6f9626e651e1015ba422dd3 b47ed9700dfbc02deab327b4245db96af38a6c99 3c8afedd6097087360d8e0c4345ae84967980fa06ca670fb1397c05b13ae3e6c Loading...

	raunooligais.net/5/8213455	ScriptElement	76 kB	2024-12-02	2024-12-02
Pretty URL raunooligais.net/5/8213455 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-02 22:48 Last Seen2024-12-02 22:48 Times Seen1 Hash e0a0c318ea75ab02573880ca6d31ac96 e88e50142e6a139df68c2434cc2f7db96ef4392c 9806ce5abb928921478ebb3e18820f0799a205bf068cca97f0cb5863a237fb1f Loading...

	embed.su/static/script.js?v1.0.61	ScriptElement	18 kB	2024-12-01	2025-05-31
Pretty URL embed.su/static/script.js?v1.0.61 IP 172.67.160.205 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 08:51 Last Seen2025-05-31 13:50 Times Seen22 Hash 1ddd8c9db7e4010aa1ddb77bd81b6bbe aef9b2a1b15e8e0bd696ad6e6819b301284b8333 cb6568fe2d92305c0c507597672b7bf0373e9bafeb5bf7bac4b3e3d52e7ca84b Loading...

	unknown	Function	2.9 kB	2024-12-01	2025-05-31
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-12-01 08:51 Last Seen2025-05-31 13:50 Times Seen22 Hash 9d0ad3dc14220cda1b4595e679aa87b8 e3f4d7a6ccf68c8aff611b0c1d6a66b09eb8bf40 26cf94a608d79510bbc5f316ca6440325720e7e43b48c58fbffe7145b8f1b8af Loading...

	embed.su/static/hls.js	ImportedModule	394 kB	2024-10-04	2025-05-31
Pretty URL embed.su/static/hls.js IP 172.67.160.205 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-10-04 08:08 Last Seen2025-05-31 13:50 Times Seen29 Hash ac0623ed2c2086f57260333d6593a116 056082fc17f51d1086360cbd1071a0cfb08f4a4f 4626502c980790d311211ae66c9ff6e72c46630ce66e4b7a5e29d76544dfe7d2 Loading...

	freek.to/assets/index.js?7a7a619b	ScriptElement	901 kB	2024-12-01	2024-12-22
Pretty URL freek.to/assets/index.js?7a7a619b IP 104.21.57.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 14:43 Last Seen2024-12-22 01:21 Times Seen9 Hash d00c4d6e93438d8aefa3fcd4dc461436 4a75a0510e49058171038c877c306305cf535057 2d9b7644834e91b9c5036d53e92917a2cb403406a9ff53a51d7923d5e657d9b6 Loading...

	www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js	ScriptElement	560 kB	2024-11-20	2024-12-31
Pretty URL www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 23:42 Last Seen2024-12-31 13:13 Times Seen5298 Hash 81697e6cdd98e37117d7bddcecf07576 0ea9efeb29efc158cd175bb05b72c8516dbaa965 73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116 Loading...

	embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg	ScriptElement	8.7 kB	2024-12-02	2024-12-02
Pretty URL embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg IP 172.67.160.205 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-02 22:48 Last Seen2024-12-02 22:48 Times Seen1 Hash 9689d9ab069d9b57d73fe984d889e82a c3739b19137d3cacbb967b973d6fdaa2e9646993 2be06660451b7a3a32b00fa74add0f64158fb187200fa3c5c89fe7187ffd74db Loading...

HTTP Transactions (55)

URL IP Response Size

freek.to/assets/index.js?7a7a619b

104.21.57.176

200 OK

280 kB

URL GET HTTP/3
freek.to/assets/index.js?7a7a619b
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint3B:79:4D:E4:2D:C3:B2:74:40:8D:52:2E:30:2E:1A:02:E1:CD:01:71
ValidityWed, 23 Oct 2024 07:59:09 GMT - Tue, 21 Jan 2025 08:58:04 GMT

File type
JavaScript source, ASCII text, with very long lines (37550)
Size
280 kB (280516 bytes)
Hash
d00c4d6e93438d8aefa3fcd4dc461436
4a75a0510e49058171038c877c306305cf535057
2d9b7644834e91b9c5036d53e92917a2cb403406a9ff53a51d7923d5e657d9b6

HTTP Headers

GET /assets/index.js?7a7a619b HTTP/1.1
Host: freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/watch/tv/62560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: application/javascript
last-modified: Sat, 30 Nov 2024 16:55:58 GMT
etag: W/"674b439e-dc0ba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1210
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc0e1e64b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19997&min_rtt=17788&rtt_var=8248&sent=23&recv=8&lost=0&retrans=0&sent_bytes=16161&recv_bytes=1394&delivery_rate=36089&cwnd=12000&unsent_bytes=0&cid=f2188911ecb135dd&ts=313&x=1", cfHdrFlush;dur=9

fonts.gstatic.com/s/jost/v18/92zatBhPNqw73oTd4g.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/jost/v18/92zatBhPNqw73oTd4g.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26576, version 1.0
Size
27 kB (26576 bytes)
Hash
928f4210aa4859fcfdb853d2c6329589
d3fc5b412c86d44da139622eb1712e22c3c510e0
7726a5cd6f3c0e876c028ea2a643d45f7aad4b0f164b70966c669f4a4668f4b9

HTTP Headers

GET /s/jost/v18/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Nov 2024 19:03:26 GMT
expires: Sat, 29 Nov 2025 19:03:26 GMT
cache-control: public, max-age=31536000
age: 272650
last-modified: Thu, 26 Sep 2024 23:19:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=008126eb568a4530e6f6692bd9bef20e

172.67.169.157

200 OK

48 kB

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008126eb568a4530e6f6692bd9bef20e
IP
172.67.169.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint8A:B7:CD:87:FA:39:07:A8:88:41:1C:9E:2D:0E:97:51:61:75:C1:34
ValidityWed, 06 Nov 2024 10:31:42 GMT - Tue, 04 Feb 2025 10:31:41 GMT

File type
JSON text data
Size
48 kB (48301 bytes)
Hash
11a24839b7b6e9bd245c9f218c9ebf10
471ff0c926d580bee16e303b7b7bb6eaccc002c5
bae8ad34b571273aa54d22fa3af0953aa9092d7abe0a3e599965143a480b1fae

HTTP Headers

GET /gid.js?userId=008126eb568a4530e6f6692bd9bef20e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freek.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=008126eb568a4530e6f6692bd9bef20e; expires=Tue, 02 Dec 2025 22:47:35 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhqT3il3EoEmUnP6tHJRxFnSs7Z53MhZtCsJE5ymC1PaTYhKMoxFjkU1LsgopPUpNKlUDaOrB0pC%2Fxw2LmabA3q7%2Fl9tiImGiKzWANV%2B%2BqWCMCnwMVOmGtL0oDj51I8m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc1178a156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16596&min_rtt=16538&rtt_var=2715&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1096&delivery_rate=261356&cwnd=253&unsent_bytes=0&cid=3c76777bd294e568&ts=74&x=0"
X-Firefox-Spdy: h2

backend.freek.to/auth/user/refresh

104.21.57.176

401 Unauthorized

0 B

URL GET HTTP/2
backend.freek.to/auth/user/refresh
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint9C:88:67:C3:22:57:9D:88:1C:A8:98:28:CB:14:A4:90:05:9C:67:46
ValidityWed, 27 Nov 2024 17:13:29 GMT - Tue, 25 Feb 2025 17:13:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auth/user/refresh HTTP/1.1
Host: backend.freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 401 Unauthorized
date: Mon, 02 Dec 2024 22:47:36 GMT
content-length: 0
x-powered-by: Express
x-ratelimit-limit: 80
x-ratelimit-remaining: 79
x-ratelimit-reset: 1733179717
access-control-allow-origin: https://freek.to
vary: Origin
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc134c8356c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21819&min_rtt=16455&rtt_var=12583&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1098&delivery_rate=262588&cwnd=254&unsent_bytes=0&cid=b35adc189f4b55f3&ts=220&x=0"
X-Firefox-Spdy: h2

raunooligais.net/wrr?z=8213455&p_rid=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs=&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=raunooligais.net&userId=008126eb568a4530e6f6692bd9bef20e

139.45.197.244

200 OK

2 B

URL GET HTTP/2
raunooligais.net/wrr?z=8213455&p_rid=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs=&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=raunooligais.net&userId=008126eb568a4530e6f6692bd9bef20e
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectraunooligais.net
Fingerprint54:42:75:CD:7D:85:BC:4A:0D:9A:67:F9:27:60:B3:E1:D9:BE:3F:31
ValidityWed, 02 Oct 2024 06:25:54 GMT - Tue, 31 Dec 2024 06:25:53 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wrr?z=8213455&p_rid=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs=&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=raunooligais.net&userId=008126eb568a4530e6f6692bd9bef20e HTTP/1.1
Host: raunooligais.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: text/plain
content-length: 2
x-trace-id: 554d4d00e5a433f46ad88ca1da405b4c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://freek.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008126eb568a4530e6f6692bd9bef20e; expires=Tue, 02 Dec 2025 22:47:36 GMT; path=/; secure; SameSite=None
oaidts=1733179656; expires=Tue, 02 Dec 2025 22:47:36 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 09 Dec 2024 22:47:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/jost/v18/92zUtBhPNqw73oHt4D4h.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/jost/v18/92zUtBhPNqw73oHt4D4h.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30700, version 1.0
Size
31 kB (30700 bytes)
Hash
e5cfc05e59bf17fb6b82ea32a33c54da
2441fd01af2bc1a1c9031ef33c385efa65196209
0cadc07f42c10553256ae8fd50fe5eb8b09afe79443f68f50a977fdfc8d25ea8

HTTP Headers

GET /s/jost/v18/92zUtBhPNqw73oHt4D4h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Nov 2024 18:51:00 GMT
expires: Sat, 29 Nov 2025 18:51:00 GMT
cache-control: public, max-age=31536000
age: 273396
last-modified: Thu, 26 Sep 2024 23:22:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (545)
Size
221 kB (220753 bytes)
Hash
81697e6cdd98e37117d7bddcecf07576
0ea9efeb29efc158cd175bb05b72c8516dbaa965
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Dec 2024 11:40:17 GMT
expires: Tue, 02 Dec 2025 11:40:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 40039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Jost:ital,wght@0,100..900;1,100..900&family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.42

200 OK

2.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Jost:ital,wght@0,100..900;1,100..900&family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05
ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

File type
gzip compressed data, max compression
Size
2.8 kB (2780 bytes)
Hash
624b3f59afea18132d5119b7ef40ee17
5aee3baebb91cb314f3d6d3abfe0b4d64a393e68
80fa44003c8cc9e6ff0f171a599df4323342d1f51524eb3259dcbb3f5b94d842

HTTP Headers

GET /css2?family=Jost:ital,wght@0,100..900;1,100..900&family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Dec 2024 22:47:35 GMT
date: Mon, 02 Dec 2024 22:47:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg

185.59.220.198

200 OK

45 kB

URL GET HTTP/2
image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3
Size
45 kB (44961 bytes)
Hash
ed72946e82f010a015aa330e3a204c1d
86bc64ccd7a2fc06cf226b95f2d31458af1f7988
5dd22e767800383e8dfa0ce32e91adf4e0a52cceb0f2fa09dc5228e6ec321d9d

HTTP Headers

GET /t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 44961
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6296133f-afa1"
last-modified: Tue, 31 May 2022 13:08:15 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 01/25/2024 11:11:45
cdn-edgestorageid: 1075
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 9d81998220bae9335430c68921362fe2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/fbKE87mojpIETWepSbD5Qt741fp.jpg

185.59.220.198

200 OK

20 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/fbKE87mojpIETWepSbD5Qt741fp.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
20 kB (20350 bytes)
Hash
50e3237a0823c7b1cb4fcac6befd7e04
9743fa270cd3fa9b94da98916193f256193ebb0c
4f0f0239fce4b15fd5027c907e444dfd641d697cb686c58b0965c388e3028c8b

HTTP Headers

GET /t/p/w342/fbKE87mojpIETWepSbD5Qt741fp.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 20350
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bdfc-4f7e"
last-modified: Wed, 04 May 2022 17:55:08 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 08/01/2024 12:15:27
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 1502c2dbfbeee40da71c99df1002cc1a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/8MfgyFHf7XEboZJPZXCIDqqiz6e.jpg

185.59.220.198

200 OK

24 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/8MfgyFHf7XEboZJPZXCIDqqiz6e.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
24 kB (24041 bytes)
Hash
d43a84061bc03e321ee4cb40012eef45
e850ff74b8cf10977877ded4be6698276e0bad6e
e34e24561f2cce25a48c14aaec800a114fe9e6e15ed3db254265b71ecf796fb2

HTTP Headers

GET /t/p/w342/8MfgyFHf7XEboZJPZXCIDqqiz6e.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 24041
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62ae32c4-5de9"
last-modified: Sat, 18 Jun 2022 20:17:08 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.06
cdn-requestpullcode: 200
cdn-cachedat: 11/20/2024 11:23:31
cdn-edgestorageid: 864
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: b5a312ee6de5183686d43a4080828680
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/QWbPaDxiB6LW2LjASknzYBvjMj.jpg

185.59.220.198

200 OK

28 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/QWbPaDxiB6LW2LjASknzYBvjMj.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
28 kB (27606 bytes)
Hash
703dead7d5ddb98575974646fbecc498
c3966ba4d7a345cabb4d843d175619eed16cf35c
b38cdf101e4f6461b1d1611c8732a15d2f314097591172c3b74d97e2838bb421

HTTP Headers

GET /t/p/w342/QWbPaDxiB6LW2LjASknzYBvjMj.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 27606
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bdef-6bd6"
last-modified: Wed, 04 May 2022 17:54:55 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2024 14:17:25
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: a77c989abd94ff20ba77a9e6bbdd8fd1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/5UaYsGZOFhjFDwQh6GuLjjA1WlF.jpg

185.59.220.198

200 OK

26 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/5UaYsGZOFhjFDwQh6GuLjjA1WlF.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x514, components 3
Size
26 kB (25913 bytes)
Hash
c70474b4dbc88fd20976f2b7e1b9f8c2
89d397951e56b4758c47431757fa072fc14df316
b8ba0a197ebfdee2483729f0a016b00793f2ef47a55c5ce125402cd6645fe206

HTTP Headers

GET /t/p/w342/5UaYsGZOFhjFDwQh6GuLjjA1WlF.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 25913
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "644a6ef3-6539"
last-modified: Thu, 27 Apr 2023 12:47:47 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/08/2023 16:07:18
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: f54fea3d9cab70c7d63a1b11767075ce
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/cuV2O5ZyDLHSOWzg3nLVljp1ubw.jpg

185.59.220.198

200 OK

25 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/cuV2O5ZyDLHSOWzg3nLVljp1ubw.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
25 kB (25166 bytes)
Hash
4f8993fc4c9fe25226b51b3426afda62
4a3cbb800f33a8478c2bb2ade6f5ec5e10080f5c
ff91411420c300f3c3c00b678618f7fcb1a88b291fa95ea8f1ed3b1382c64360

HTTP Headers

GET /t/p/w342/cuV2O5ZyDLHSOWzg3nLVljp1ubw.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 25166
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65854c8a-624e"
last-modified: Fri, 22 Dec 2023 08:44:58 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 718
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 03/26/2024 17:26:24
cdn-edgestorageid: 864
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 52b9a18a372127b2adddefb643809c76
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/dc5r71XI1gD4YwIUoEYCLiVvtss.jpg

185.59.220.198

200 OK

51 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/dc5r71XI1gD4YwIUoEYCLiVvtss.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
51 kB (50647 bytes)
Hash
775edddddedcf5a4976bf8abfdb57e4b
f1a53b9b2d830ec8dba09493ee99c67856c02f76
1336e86f5d4239f854cade5b033e727c7dd1d13bbaa40173cedcbbbc4dadbd05

HTTP Headers

GET /t/p/w342/dc5r71XI1gD4YwIUoEYCLiVvtss.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 50647
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272dd74-c5d7"
last-modified: Wed, 04 May 2022 20:09:24 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 18:57:33
cdn-edgestorageid: 865
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 4b6d72ffd7700b6ab045f2771915b788
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6LetUxQqAAAAAEF6g4dlbMi-e1epc08YIWwyW1oG

142.250.74.164

200 OK

23 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LetUxQqAAAAAEF6g4dlbMi-e1epc08YIWwyW1oG
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC1:5D:47:A6:B2:09:5F:1C:78:06:A8:63:D5:80:5A:A2:73:83:A3:B3
ValidityMon, 21 Oct 2024 08:38:45 GMT - Mon, 13 Jan 2025 08:38:44 GMT

File type
gzip compressed data, max compression
Size
23 kB (22899 bytes)
Hash
f47405a4fcaec521743cacb644b4aed5
7dc145c91aaa433a614d6a43078f9fe2734f35c9
a7f195284a864a60ace87c355690ee994557ffeb76ed0afa184f7ef28dd2523a

HTTP Headers

GET /recaptcha/api.js?render=6LetUxQqAAAAAEF6g4dlbMi-e1epc08YIWwyW1oG HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 02 Dec 2024 22:47:36 GMT
date: Mon, 02 Dec 2024 22:47:36 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg

185.59.220.198

200 OK

92 kB

URL GET HTTP/2
image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2048x1152, components 3
Size
92 kB (92449 bytes)
Hash
b74b0af7a2351fedb839a79601169f6d
2074f8569123728507437861adfda4e11d8abb63
b11e1b39a56cfb8005afec7e90e441006cf19881e93787074f9a5e820e9d0f08

HTTP Headers

GET /t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 92449
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65b594fa-16921"
last-modified: Sat, 27 Jan 2024 23:42:50 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 628
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2024 23:56:39
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 3240d791fa7129c10da506ce0b40bfd8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/3
fonts.gstatic.com/s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10900, version 1.0
Size
11 kB (10900 bytes)
Hash
854cd8719e95c0a1a3e94e2a71ed5795
c3d9a463a7a823b41d499f26f3df090f31142585
32c2cac3d7aa657e4a427d7fa827d4cd97446df11a7b7bfa59a9d345c9b7fb2e

HTTP Headers

GET /s/sen/v9/6xK0dSxYI9_dkN18-vZKK2EISCq5L4nAlQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 30 Nov 2024 07:00:17 GMT
expires: Sun, 30 Nov 2025 07:00:17 GMT
cache-control: public, max-age=31536000
age: 229641
last-modified: Thu, 20 Jul 2023 20:47:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

142.250.74.99

200 OK

2.0 kB

URL GET HTTP/3
www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (1143)
Size
2.0 kB (2007 bytes)
Hash
b427175fa1078775eb792756e7b6d1e7
4c55c0233d3d9002b3449c025f97821f8bb8900d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

HTTP Headers

GET /cv/js/sender/v1/cast_sender.js?loadCastFramework=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="cloudview"
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-length: 2007
date: Mon, 02 Dec 2024 22:47:38 GMT
expires: Mon, 02 Dec 2024 22:47:38 GMT
cache-control: private, max-age=3000
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

viper.congacdn.cc/drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/c2VnLTEtdjEtYTEuanBn

104.21.61.162

200 OK

133 kB

URL GET HTTP/2
viper.congacdn.cc/drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/c2VnLTEtdjEtYTEuanBn
IP
104.21.61.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectcongacdn.cc
FingerprintD0:A6:B1:FD:48:CD:79:7D:0A:D0:82:1E:8E:69:79:78:BE:90:EE:1C
ValidityThu, 28 Nov 2024 15:47:45 GMT - Wed, 26 Feb 2025 15:47:44 GMT

File type
MPEG transport stream data
Size
133 kB (132728 bytes)
Hash
7f200e846771d1dc9ff6d83440aa3b97
f1248cf2b382ffbe21df59a629a728d8301251a5
2aaeadb8204ede15dfe252828e926731d3720c28142bbccd547f72d55c5978c1

HTTP Headers

GET /drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/c2VnLTEtdjEtYTEuanBn HTTP/1.1
Host: viper.congacdn.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:38 GMT
content-type: image/jpg
content-length: 132728
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: If-Modified-Since,Range
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 8ebedc224f92b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21847&min_rtt=16470&rtt_var=12670&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1376&delivery_rate=263304&cwnd=254&unsent_bytes=0&cid=1cf09c40ab40f096&ts=263&x=0"
X-Firefox-Spdy: h2

embed.su/cdn-cgi/rum?

172.67.160.205

204 No Content

0 B

URL POST HTTP/3
embed.su/cdn-cgi/rum?
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
content-type: application/json
Content-Length: 1133
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 02 Dec 2024 22:47:38 GMT
access-control-allow-origin: https://embed.su
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8ebedc246cee56c9-OSL
x-frame-options: DENY
x-content-type-options: nosniff

freek.to/cdn-cgi/rum?

104.21.57.176

204 No Content

0 B

URL POST HTTP/3
freek.to/cdn-cgi/rum?
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint3B:79:4D:E4:2D:C3:B2:74:40:8D:52:2E:30:2E:1A:02:E1:CD:01:71
ValidityWed, 23 Oct 2024 07:59:09 GMT - Tue, 21 Jan 2025 08:58:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1320
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/watch/tv/62560
Cookie: prefetchAd_8213455=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 02 Dec 2024 22:47:38 GMT
access-control-allow-origin: https://freek.to
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8ebedc248e09b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff

embed.su/static/player.js?v1.0.61

172.67.160.205

200 OK

437 kB

URL GET HTTP/3
embed.su/static/player.js?v1.0.61
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
437 kB (436833 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/player.js?v1.0.61 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"6aa61-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc19b90256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21580&min_rtt=20021&rtt_var=10626&sent=23&recv=6&lost=0&retrans=0&sent_bytes=16048&recv_bytes=1482&delivery_rate=18058&cwnd=12000&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=184&x=1", cfHdrFlush;dur=14

embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg

172.67.160.205

200 OK

10 kB

URL GET HTTP/2
embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
HTML document, ASCII text, with very long lines (8288), with CRLF, LF line terminators
Size
10 kB (10004 bytes)
Hash
fc33a0b77e65e9cfa8bc0783ede65dfb
a9d268f1e6875532914070ac2067c6ba3c24cf15
0009f8541b2d750ac0c40a7e846bac8c63b22e9746bc69440db76494b85667a9

HTTP Headers

GET /embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Mon, 02 Dec 2024 22:33:14 GMT
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc18589056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=17282&min_rtt=16406&rtt_var=3108&sent=14&recv=20&lost=0&retrans=0&sent_bytes=4392&recv_bytes=1914&delivery_rate=261923&cwnd=257&unsent_bytes=0&cid=95b35a6a4c5c89b2&ts=959&x=0"
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w342/oKIBhzZzDX07SoE2bOLhq2EE8rf.jpg

185.59.220.198

200 OK

22 kB

URL GET HTTP/2
image.tmdb.org/t/p/w342/oKIBhzZzDX07SoE2bOLhq2EE8rf.jpg
IP
185.59.220.198:443
ASN
#60068 Datacamp Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3
Size
22 kB (22327 bytes)
Hash
4f451c978fdbfb887936fe96b4ba2bcd
922ecf15fbfb91d1c744fa16ceae5fdcb3b2b44f
d96413771249fdb3eebf437abb7502e6c0faed053dd597bfce828e7d620e7bf1

HTTP Headers

GET /t/p/w342/oKIBhzZzDX07SoE2bOLhq2EE8rf.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: image/jpeg
content-length: 22327
server: BunnyCDN-DE1-723
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bda5-5737"
last-modified: Wed, 04 May 2022 17:53:41 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 19:00:47
cdn-edgestorageid: 1077
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 50d14867bdd6d7e307eca7df60bc8801
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

freek.to/watch/tv/62560

104.21.57.176

200 OK

960 B

URL User Request GET HTTP/2
freek.to/watch/tv/62560
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint3B:79:4D:E4:2D:C3:B2:74:40:8D:52:2E:30:2E:1A:02:E1:CD:01:71
ValidityWed, 23 Oct 2024 07:59:09 GMT - Tue, 21 Jan 2025 08:58:04 GMT

File type
HTML document, ASCII text, with very long lines (1043), with no line terminators
Size
960 B (960 bytes)
Hash
08a1b3d716da403c9db920dea62162e0
25ba9a0b933c0c9b8bb1a683b523d933b21b77c1
b2c3307bacb467cd2818ff7968937ebfe38809dd1273d67592227b60be2821ad

HTTP Headers

GET /watch/tv/62560 HTTP/1.1
Host: freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: text/html
last-modified: Sat, 30 Nov 2024 16:55:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc0b7e3d712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=22036&min_rtt=16502&rtt_var=12912&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1243&delivery_rate=261686&cwnd=254&unsent_bytes=0&cid=25867bf9581d0bf0&ts=120&x=0"
X-Firefox-Spdy: h2

backend.freek.to/api/bs?_=12%2F2%2F2024

104.21.57.176

200 OK

57 B

URL GET HTTP/2
backend.freek.to/api/bs?_=12%2F2%2F2024
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint9C:88:67:C3:22:57:9D:88:1C:A8:98:28:CB:14:A4:90:05:9C:67:46
ValidityWed, 27 Nov 2024 17:13:29 GMT - Tue, 25 Feb 2025 17:13:28 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
cf14ba2c86b92d9c4e1a63bf80bef97e
21ba4c1161e4b7d384487b680eb3db5488da6bc1
72a9374e8db8def64c125c89f19b60dd4b9d4e110373a1c0e54947786c6c5f4e

HTTP Headers

GET /api/bs?_=12%2F2%2F2024 HTTP/1.1
Host: backend.freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
x-ratelimit-limit: 80
x-ratelimit-remaining: 79
x-ratelimit-reset: 1733077799
access-control-allow-origin: https://freek.to
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
etag: W/"39-cILoBsYUGOpvvvRk7Tz8KMtO5iw"
cache-control: max-age=14400
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc134c5c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21765&min_rtt=16435&rtt_var=12327&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5085&recv_bytes=1298&delivery_rate=261042&cwnd=254&unsent_bytes=0&cid=44423c93d9c88a70&ts=270&x=0"
X-Firefox-Spdy: h2

embed.su/static/hls.js?v1.0.61

172.67.160.205

200 OK

394 kB

URL GET HTTP/3
embed.su/static/hls.js?v1.0.61
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
394 kB (393679 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/hls.js?v1.0.61 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"601cf-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc1e1e4256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25674&min_rtt=19573&rtt_var=9155&sent=311&recv=18&lost=0&retrans=0&sent_bytes=353257&recv_bytes=2799&delivery_rate=2161022&cwnd=142800&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=883&x=1", cfHdrFlush;dur=0

104.21.61.162

200 OK

172 kB

URL GET HTTP/3
viper.congacdn.cc/drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/NzIw/c2VnLTItdjEtYTEuaHRtbA==
IP
104.21.61.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectcongacdn.cc
FingerprintD0:A6:B1:FD:48:CD:79:7D:0A:D0:82:1E:8E:69:79:78:BE:90:EE:1C
ValidityThu, 28 Nov 2024 15:47:45 GMT - Wed, 26 Feb 2025 15:47:44 GMT

File type
TeX font metric data (ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ�)
Size
172 kB (171832 bytes)
Hash
e5a8bbf84956a429d095660ee0e27ed3
75aec3804203a4acd2953dafd341c999b8e35852
99af914c280083a589df41a332a6a6be460093f37505e8b41e88595c665b15a9

HTTP Headers

GET /drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/NzIw/c2VnLTItdjEtYTEuaHRtbA== HTTP/1.1
Host: viper.congacdn.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:39 GMT
content-type: text/html
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: If-Modified-Since,Range
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT
cf-cache-status: MISS
priority: u=3,i=?0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 8ebedc26fe69712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19818&min_rtt=17543&rtt_var=8203&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4038&recv_bytes=1243&delivery_rate=33859&cwnd=12000&unsent_bytes=0&cid=e2d17ea19cda53e0&ts=990&x=1", cfExtPri, cfHdrFlush;dur=0

embed.su/static/script.js?v1.0.61

172.67.160.205

200 OK

18 kB

URL GET HTTP/3
embed.su/static/script.js?v1.0.61
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
JavaScript source, ASCII text, with very long lines (14795), with CRLF line terminators
Size
18 kB (17877 bytes)
Hash
1ddd8c9db7e4010aa1ddb77bd81b6bbe
aef9b2a1b15e8e0bd696ad6e6819b301284b8333
cb6568fe2d92305c0c507597672b7bf0373e9bafeb5bf7bac4b3e3d52e7ca84b

HTTP Headers

GET /static/script.js?v1.0.61 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Tue, 05 Nov 2024 13:52:21 GMT
etag: W/"45d5-192fc990a08"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc19b90556c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21580&min_rtt=20021&rtt_var=10626&sent=20&recv=6&lost=0&retrans=0&sent_bytes=13118&recv_bytes=1482&delivery_rate=18058&cwnd=12000&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=179&x=1", cfHdrFlush;dur=0

embed.su/static/react.js?v1.0.61

172.67.160.205

200 OK

141 kB

URL GET HTTP/3
embed.su/static/react.js?v1.0.61
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
JavaScript source, ASCII text, with very long lines (53636)
Size
141 kB (140823 bytes)
Hash
dac75cfcc488f838789bb1b60be923d3
b29c61e8974556465038be970964c364967ba4e3
cd60bdf1ed30b1f3881940d7c543391671dbe35f57eb86a4a8b0b577ea9107db

HTTP Headers

GET /static/react.js?v1.0.61 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"22617-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc1e1e4156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25674&min_rtt=19573&rtt_var=9155&sent=301&recv=18&lost=0&retrans=0&sent_bytes=341257&recv_bytes=2799&delivery_rate=2161022&cwnd=142800&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=883&x=1", cfHdrFlush;dur=0

embed.su/api/e/fQp-Bn9bc0V_dAVLfmZ8CjtWPAM3K3x5BUJ9Z3hmfwk4

172.67.160.205

200 OK

3.9 kB

URL GET HTTP/3
embed.su/api/e/fQp-Bn9bc0V_dAVLfmZ8CjtWPAM3K3x5BUJ9Z3hmfwk4
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (4068), with no line terminators
Size
3.9 kB (3919 bytes)
Hash
2122e9636f8228a56ab2de294e6eed19
553cd53539f582bbb67e1ecb8ee29cf630abf901
2c249625b99493048653335c0a6bae0998c9468c52c2787ac0d71ec284224823

HTTP Headers

GET /api/e/fQp-Bn9bc0V_dAVLfmZ8CjtWPAM3K3x5BUJ9Z3hmfwk4 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:38 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 02 Dec 2024 21:33:26 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 565
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc1edf0256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24185&min_rtt=18907&rtt_var=7760&sent=446&recv=21&lost=0&retrans=0&sent_bytes=512310&recv_bytes=3161&delivery_rate=1492808&cwnd=285600&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=964&x=1", cfHdrFlush;dur=0

embed.su/embed/tv/62560/1/1?next-ep=undefined?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg

0.0.0.0

0 B

URL GET
embed.su/embed/tv/62560/1/1?next-ep=undefined?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/tv/62560/1/1?next-ep=undefined?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

freek.to/favicon.ico

104.21.57.176

200 OK

15 kB

URL GET HTTP/3
freek.to/favicon.ico
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint3B:79:4D:E4:2D:C3:B2:74:40:8D:52:2E:30:2E:1A:02:E1:CD:01:71
ValidityWed, 23 Oct 2024 07:59:09 GMT - Tue, 21 Jan 2025 08:58:04 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
cf7fadb1677e6c4ab4655e66b842ebf9
f2b081339837c44b16be4b36152bb03b34fdc71e
ff4ed9cae832d74131c8e6641b244cd701cfc640510a1666c30c82118f5bd990

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/watch/tv/62560
Cookie: prefetchAd_8213455=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: image/x-icon
last-modified: Mon, 14 Oct 2024 05:04:16 GMT
etag: W/"670ca650-3c2e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1210
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc16afd7b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19961&min_rtt=17788&rtt_var=4349&sent=267&recv=14&lost=0&retrans=0&sent_bytes=306827&recv_bytes=1909&delivery_rate=6098458&cwnd=192000&unsent_bytes=0&cid=f2188911ecb135dd&ts=1671&x=1", cfHdrFlush;dur=0

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintA3:1D:4E:72:41:6A:D8:04:03:98:90:E7:8B:07:8D:A6:88:FE:B6:A3
ValidityFri, 01 Nov 2024 08:16:38 GMT - Thu, 30 Jan 2025 08:16:37 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc0e7a14b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

embed.su/static/player.css?v1.0.61

172.67.160.205

200 OK

42 kB

URL GET HTTP/3
embed.su/static/player.css?v1.0.61
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
ASCII text, with very long lines (42057)
Size
42 kB (42058 bytes)
Hash
4a562dd7a51cfbe6891f5bf8b1a61747
3fc19ce4232d7f7de8026308f17db9c4c432e568
ce8e5cd5159a1b283d38c1dca9eb29809fe2f971b52890427705fdc72c5fcc76

HTTP Headers

GET /static/player.css?v1.0.61 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"a44a-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc19b90456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21580&min_rtt=20021&rtt_var=10626&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4048&recv_bytes=1482&delivery_rate=18058&cwnd=12000&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=176&x=1", cfHdrFlush;dur=0

104.21.61.162

200 OK

175 kB

URL GET HTTP/2
viper.congacdn.cc/drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/c2VnLTItdjEtYTEuaHRtbA==
IP
104.21.61.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectcongacdn.cc
FingerprintD0:A6:B1:FD:48:CD:79:7D:0A:D0:82:1E:8E:69:79:78:BE:90:EE:1C
ValidityThu, 28 Nov 2024 15:47:45 GMT - Wed, 26 Feb 2025 15:47:44 GMT

File type
TeX font metric data (ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ�)
Size
175 kB (174840 bytes)
Hash
2cdffaeb3474fa576178bf5c3fcc24ff
f66612fc5d87eaf5af05f0af2874d429859886e7
f606b9e98fa22b1e3a30ba2210f95b8bd96ee55c8372b20e5564fe18cb9e0741

HTTP Headers

GET /drivexwave25.site/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/c2VnLTItdjEtYTEuaHRtbA== HTTP/1.1
Host: viper.congacdn.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:39 GMT
content-type: text/html
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: If-Modified-Since,Range
access-control-expose-headers: Accept-Ranges,Content-Encoding,Content-Length,Content-Range
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 8ebedc248a04b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17513&min_rtt=16395&rtt_var=1591&sent=108&recv=89&lost=0&retrans=0&sent_bytes=138109&recv_bytes=1628&delivery_rate=4272415&cwnd=266&unsent_bytes=0&cid=1cf09c40ab40f096&ts=651&x=0"
X-Firefox-Spdy: h2

raunooligais.net/5/8213455

139.45.197.244

200 OK

76 kB

URL GET HTTP/2
raunooligais.net/5/8213455
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectraunooligais.net
Fingerprint54:42:75:CD:7D:85:BC:4A:0D:9A:67:F9:27:60:B3:E1:D9:BE:3F:31
ValidityWed, 02 Oct 2024 06:25:54 GMT - Tue, 31 Dec 2024 06:25:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75898 bytes)
Hash
e0a0c318ea75ab02573880ca6d31ac96
e88e50142e6a139df68c2434cc2f7db96ef4392c
9806ce5abb928921478ebb3e18820f0799a205bf068cca97f0cb5863a237fb1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/8213455 HTTP/1.1
Host: raunooligais.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: application/javascript
x-trace-id: f9a6b6be41d9efaf51ae646d88fe5ded
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008126eb568a4530e6f6692bd9bef20e; expires=Tue, 02 Dec 2025 22:47:35 GMT; path=/; secure; SameSite=None
oaidts=1733179655; expires=Tue, 02 Dec 2025 22:47:35 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Nov 2024 20:07:53 GMT
expires: Fri, 28 Nov 2025 20:07:53 GMT
cache-control: public, max-age=31536000
age: 355183
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.su/static/react.js

172.67.160.205

200 OK

141 kB

URL GET HTTP/3
embed.su/static/react.js
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
JavaScript source, ASCII text, with very long lines (53636)
Size
141 kB (140823 bytes)
Hash
dac75cfcc488f838789bb1b60be923d3
b29c61e8974556465038be970964c364967ba4e3
cd60bdf1ed30b1f3881940d7c543391671dbe35f57eb86a4a8b0b577ea9107db

HTTP Headers

GET /static/react.js HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"22617-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc1c4c3056c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22399&min_rtt=20021&rtt_var=3595&sent=155&recv=13&lost=0&retrans=0&sent_bytes=170180&recv_bytes=2169&delivery_rate=4087165&cwnd=96000&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=591&x=1", cfHdrFlush;dur=0

freek.to/assets/index.css?7a7a619b

104.21.57.176

200 OK

72 kB

URL GET HTTP/3
freek.to/assets/index.css?7a7a619b
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint3B:79:4D:E4:2D:C3:B2:74:40:8D:52:2E:30:2E:1A:02:E1:CD:01:71
ValidityWed, 23 Oct 2024 07:59:09 GMT - Tue, 21 Jan 2025 08:58:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (72459 bytes)
Hash
64610d293feb7527496626bc72cb9a62
575bb4fb762559303a2d3d83a06aa2f347715308
c5129324230eb70c8f105b21cfeea63dd321619e4b9d9bacf53ab1e82964e30a

HTTP Headers

GET /assets/index.css?7a7a619b HTTP/1.1
Host: freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/watch/tv/62560
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:35 GMT
content-type: text/css
last-modified: Sat, 30 Nov 2024 16:55:57 GMT
etag: W/"674b439d-11b0b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1210
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc0e1e68b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19997&min_rtt=17788&rtt_var=8248&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4161&recv_bytes=1394&delivery_rate=36089&cwnd=12000&unsent_bytes=0&cid=f2188911ecb135dd&ts=303&x=1", cfHdrFlush;dur=0

embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg

0.0.0.0

0 B

URL GET
embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/original/sNjAsSqeyTrYYkvmySOQJMTmi1G.jpg HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Sen&display=swap

142.250.74.42

200 OK

844 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Sen&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05
ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

File type
ASCII text, with very long lines (862), with no line terminators
Size
844 B (844 bytes)
Hash
9ccf456f54f5e294de5b4e2e9c120c10
7e0af8ebe26e420e72e40c2d9cd958389fcb12e3
d4fb112d2fe2603e92877e4dbd64975d3cb54651f9d4834078e24bf92a5caebe

HTTP Headers

GET /css?family=Sen&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Dec 2024 22:47:37 GMT
date: Mon, 02 Dec 2024 22:47:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintA3:1D:4E:72:41:6A:D8:04:03:98:90:E7:8B:07:8D:A6:88:FE:B6:A3
ValidityFri, 01 Nov 2024 08:16:38 GMT - Thu, 30 Jan 2025 08:16:37 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
Origin: https://embed.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc19be3eb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

embed.su/api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/NzIw/aW5kZXgubTN1OA==.png

172.67.160.205

200 OK

212 kB

URL GET HTTP/3
embed.su/api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/NzIw/aW5kZXgubTN1OA==.png
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
M3U playlist, ASCII text
Size
212 kB (211834 bytes)
Hash
eace32cef6a10ce26df94546f2903516
f87fb0898ab641dac84423dbd671843fafa54bcc
663eea4738fb5fb5514fd9b099ffea57497f0ba163e5d361bac74d4070b77cc9

HTTP Headers

GET /api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/NzIw/aW5kZXgubTN1OA==.png HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:39 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Mon, 02 Dec 2024 21:33:29 GMT
cache-control: max-age=43200
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc266f2856c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24019&min_rtt=17314&rtt_var=8518&sent=461&recv=30&lost=0&retrans=0&sent_bytes=522657&recv_bytes=6006&delivery_rate=3380&cwnd=285600&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=2216&x=1", cfHdrFlush;dur=0

pixel.embed.su/count?p=/embed/tv/62560/1/1&r=freek.to&t=

0.0.0.0

200 OK

0 B

URL GET
pixel.embed.su/count?p=/embed/tv/62560/1/1&r=freek.to&t=
IP
0.0.0.0:0
ASN
#0

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerLet's Encrypt
Subjectpixel.embed.su
Fingerprint89:C0:46:E6:9D:EC:6B:1A:E4:93:00:6A:1C:27:E2:FA:41:1A:C8:2C
ValidityFri, 04 Oct 2024 14:20:16 GMT - Thu, 02 Jan 2025 14:20:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /count?p=/embed/tv/62560/1/1&r=freek.to&t= HTTP/1.1
Host: pixel.embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-store,no-cache
content-security-policy: font-src 'self' https://gc.zgo.at static.zgo.at; connect-src 'self' wss:; frame-src 'self'; default-src 'none'; img-src 'self' https://gc.zgo.at static.zgo.at data:; form-action 'self'; manifest-src 'self' https://gc.zgo.at static.zgo.at; frame-ancestors 'none'; script-src 'self' https://gc.zgo.at static.zgo.at; style-src 'self' https://gc.zgo.at static.zgo.at 'unsafe-inline'
content-type: image/gif
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=7776000
x-content-type-options: nosniff
x-frame-options: deny
x-rate-limit-limit: 4
x-rate-limit-remaining: 3
x-rate-limit-reset: 1
date: Mon, 02 Dec 2024 22:47:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 24048599739
age: 0
via: 1.1 www (Varnish/7.5)
accept-ranges: bytes
X-Firefox-Spdy: h2

172.67.160.205

200 OK

227 kB

URL GET HTTP/3
embed.su/api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/aW5kZXgubTN1OA==.png
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
M3U playlist, ASCII text
Size
227 kB (227217 bytes)
Hash
8535c078a9733027cd29068d05ff5768
f915daf49e43194968ab837f21b760ca216e0225
3406df214440903e86344d4efb60e7a33225cc681e7b75cdab9965de4674fbfa

HTTP Headers

GET /api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/MTA4MA==/aW5kZXgubTN1OA==.png HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:38 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Mon, 02 Dec 2024 21:07:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc21495e56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22749&min_rtt=17314&rtt_var=6808&sent=451&recv=25&lost=0&retrans=0&sent_bytes=514599&recv_bytes=4076&delivery_rate=10368&cwnd=285600&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=1394&x=1", cfHdrFlush;dur=0

embed.su/embed/?poster=undefined

172.67.160.205

404 Not Found

0 B

URL GET HTTP/2
embed.su/embed/?poster=undefined
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/?poster=undefined HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc131b5456c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="EXPIRED", cfL4;desc="?proto=TCP&rtt=16484&min_rtt=16406&rtt_var=2015&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1264&delivery_rate=261923&cwnd=254&unsent_bytes=0&cid=95b35a6a4c5c89b2&ts=188&x=0"
X-Firefox-Spdy: h2

raunooligais.net/?rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs%3D&request_ab2=0&zoneid=8213455&js_build=iclick-v1.1018.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&wasm=1&userId=008126eb568a4530e6f6692bd9bef20e&m=link

139.45.197.244

200 OK

2.8 kB

URL GET HTTP/2
raunooligais.net/?rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs%3D&request_ab2=0&zoneid=8213455&js_build=iclick-v1.1018.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&wasm=1&userId=008126eb568a4530e6f6692bd9bef20e&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerLet's Encrypt
Subjectraunooligais.net
Fingerprint54:42:75:CD:7D:85:BC:4A:0D:9A:67:F9:27:60:B3:E1:D9:BE:3F:31
ValidityWed, 02 Oct 2024 06:25:54 GMT - Tue, 31 Dec 2024 06:25:53 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2809), with no line terminators
Size
2.8 kB (2780 bytes)
Hash
b4602eaf9ee5f146cc2cb8faeacf62a0
963927a6294ca252b7f2aabafa7cc330b902f1f3
a56c0b493ca9bdd8522cc8d09af8df7045964e557ac31d94306621f0d7de3c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=2PJW4DvD8x5rfk_XVfxZmQlUafaFDtyo4I0dt6UNFcFNg3VnicQ7-zuGb68Rf-xe80poc6zUJoRxyeXNPEesAk8quyDojqVA1W8AAjDN4OElheD5UzII45y_ZVDavai6c7euPXXEQpmwyOCbmfW0eclzmXqIhdz3477eyQc3MrNqOTmC1sR-dpyt4gtH2cjmfREyiJOWDxxL06SZizA8UXnKnmfaZ8RNC7DJS3ql6U804qHmubkKyPoxzd7R1zH20d2jawOSgMs%3D&request_ab2=0&zoneid=8213455&js_build=iclick-v1.1018.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Ffreek.to%2Fwatch%2Ftv%2F62560&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.1018.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=ef8cb4f8-d178-489f-99e5-d1448e9e3c98&wasm=1&userId=008126eb568a4530e6f6692bd9bef20e&m=link HTTP/1.1
Host: raunooligais.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Cookie: OAID=008126eb568a4530e6f6692bd9bef20e; oaidts=1733179655
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: application/json
x-trace-id: 1893f5cafc21f1205f3780161b75c5e3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://freek.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008126eb568a4530e6f6692bd9bef20e; expires=Tue, 02 Dec 2025 22:47:36 GMT; path=/; secure; SameSite=None
oaidts=1733179656; expires=Tue, 02 Dec 2025 22:47:36 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 09 Dec 2024 22:47:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.42

200 OK

27 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05
ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

File type
ASCII text, with very long lines (1572)
Size
27 kB (27389 bytes)
Hash
4a32897b510901053ea0696778c2d608
60b9a7627a760198c0eb0aaafe9d6891043c9d0b
452fc0238ac16ebf582f23652fd3e71586faf1459558774561c3f4df432f2cf8

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Dec 2024 22:47:35 GMT
date: Mon, 02 Dec 2024 22:47:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.su/embed/tv/62560/1/1?next-ep=undefined?poster=undefined

0.0.0.0

0 B

URL GET
embed.su/embed/tv/62560/1/1?next-ep=undefined?poster=undefined
IP
0.0.0.0:0
ASN
#0

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/tv/62560/1/1?next-ep=undefined?poster=undefined HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freek.to/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

backend.freek.to/api/tv/episodes/62560?season=1&v=1&_=12%2F2%2F2024

104.21.57.176

200 OK

2.9 kB

URL GET HTTP/2
backend.freek.to/api/tv/episodes/62560?season=1&v=1&_=12%2F2%2F2024
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint9C:88:67:C3:22:57:9D:88:1C:A8:98:28:CB:14:A4:90:05:9C:67:46
ValidityWed, 27 Nov 2024 17:13:29 GMT - Tue, 25 Feb 2025 17:13:28 GMT

File type
ASCII text, with very long lines (3130), with no line terminators
Size
2.9 kB (2946 bytes)
Hash
6f6d32ca30bd125851fa9cefbf475be5
58b9c5822afdc5092578b61388d923af3f7c84bf
4173ae06aafdf2eca16750334a58686b8afb810913764f7a533319d784de167e

HTTP Headers

GET /api/tv/episodes/62560?season=1&v=1&_=12%2F2%2F2024 HTTP/1.1
Host: backend.freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
x-ratelimit-limit: 80
x-ratelimit-remaining: 79
x-ratelimit-reset: 1733179717
access-control-allow-origin: https://freek.to
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
etag: W/"b82-vlsDwU0wudieg9RiwNzmFu976hU"
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc134c5a0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21765&min_rtt=16435&rtt_var=12327&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1298&delivery_rate=261042&cwnd=254&unsent_bytes=0&cid=44423c93d9c88a70&ts=268&x=0"
X-Firefox-Spdy: h2

embed.su/static/hls.js

172.67.160.205

200 OK

394 kB

URL GET HTTP/3
embed.su/static/hls.js
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type

Size
394 kB (393679 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/hls.js HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200
last-modified: Wed, 13 Nov 2024 12:45:23 GMT
etag: W/"601cf-193258e9ab8"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc1c4c3156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22399&min_rtt=20021&rtt_var=3595&sent=195&recv=13&lost=0&retrans=0&sent_bytes=217635&recv_bytes=2169&delivery_rate=4087165&cwnd=96000&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=599&x=1", cfHdrFlush;dur=0

backend.freek.to/api/tv/info/62560?_=12%2F2%2F2024

104.21.57.176

200 OK

23 kB

URL GET HTTP/2
backend.freek.to/api/tv/info/62560?_=12%2F2%2F2024
IP
104.21.57.176:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freek.to/watch/tv/62560
Certificate
IssuerGoogle Trust Services
Subjectfreek.to
Fingerprint9C:88:67:C3:22:57:9D:88:1C:A8:98:28:CB:14:A4:90:05:9C:67:46
ValidityWed, 27 Nov 2024 17:13:29 GMT - Tue, 25 Feb 2025 17:13:28 GMT

File type

Size
23 kB (23018 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/tv/info/62560?_=12%2F2%2F2024 HTTP/1.1
Host: backend.freek.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freek.to
DNT: 1
Connection: keep-alive
Referer: https://freek.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 22:47:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
x-ratelimit-limit: 80
x-ratelimit-remaining: 79
x-ratelimit-reset: 1733179717
access-control-allow-origin: https://freek.to
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
etag: W/"59ea-SCviH1HJ/iDl2EMfU6KTBIBO9kU"
cache-control: max-age=14400
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebedc133c520b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18851&min_rtt=16435&rtt_var=5053&sent=15&recv=20&lost=0&retrans=0&sent_bytes=5460&recv_bytes=1298&delivery_rate=476969&cwnd=257&unsent_bytes=0&cid=44423c93d9c88a70&ts=484&x=0"
X-Firefox-Spdy: h2

172.67.160.205

200 OK

942 B

URL GET HTTP/3
embed.su/api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/cGxheWxpc3QubTN1OA==.m3u8
IP
172.67.160.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embed.su/embed/tv/62560/1/1?next-ep=2?poster=https://image.tmdb.org/t/p/w780/4ceSkV7cmCon4exXaZwuhW1VdE0.jpg
Certificate
IssuerGoogle Trust Services
Subjectembed.su
Fingerprint2B:7E:15:97:C0:82:38:DB:D7:86:A3:71:83:2A:EE:18:99:FE:94:43
ValiditySun, 24 Nov 2024 15:11:03 GMT - Sat, 22 Feb 2025 15:11:02 GMT

File type
M3U playlist, ASCII text, with very long lines (950), with no line terminators
Size
942 B (942 bytes)
Hash
3c1fc57095b7d35f8cd37c2ea8ac165c
f9b7aeaeebe85a4689a2124a90f89bc288a4b01f
a91a9d867b288f3660a292fe6ef4439bad05f68de69b021c5b7694fb84232782

HTTP Headers

GET /api/proxy/viper/veltroncloud49.xyz/file1/ivCI0wqyeyTdD9cMS21csdfXc4sowJX3UiovL5jaF5dCx8hW0FpyAcdwhQuhJAQUKRttJw7EGNgQPVaonZ2MMdwjtoTFKDRDq5HCHFACcxdqf6cMzq1gqkHhUJzYcCsk+MKA2UFU9G4iHbG1yg98RCXRhNFI1f6qwgNix~yDREk=/cGxheWxpc3QubTN1OA==.m3u8 HTTP/1.1
Host: embed.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embed.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 22:47:38 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Mon, 02 Dec 2024 21:17:41 GMT
cache-control: max-age=43200
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebedc20b8ea56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23326&min_rtt=17314&rtt_var=7538&sent=449&recv=23&lost=0&retrans=0&sent_bytes=513799&recv_bytes=3616&delivery_rate=54227&cwnd=285600&unsent_bytes=0&cid=47f81a8d7c2d9bc8&ts=1296&x=1", cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash