Report - streaam.net/T/dUFOrkrbby$cbso18e

Report Overview

Submitted URL
streaam.net/T/dUFOrkrbby$cbso18e
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 04:37:25
Access
public
Website Title
Streaam
Final URL
streaam.net/T/dUFOrkrbby$cbso18e
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-03	338 B	942 B	3.164.222.26
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-03	423 B	418 B	18.185.9.67
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-03	471 B	120 kB	45.133.44.9
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-03	944 B	57 kB	151.101.193.229
ku42hjr2e.com	unknown	2023-11-15	2023-11-15	2024-05-02	1.9 kB	112 kB	212.117.190.201
streaam.net	unknown	unknown	2022-02-11	2023-03-12	1.9 kB	103 kB	188.114.97.1
recharge.cineai.me	unknown	unknown	No data	No data	446 B	18 kB	104.21.27.102
pl18250360.highcpmrevenuenetwork.com	unknown	unknown	No data	No data	449 B	11 kB	172.240.108.84
subscription.streaam.net	unknown	unknown	No data	No data	512 B	4.8 kB	172.67.142.157
cloudflareinsights.com	84344	2019-08-30	2020-10-23	2024-05-03	498 B	365 B	104.16.80.73
inputwriter.com	unknown	unknown	No data	No data	4.0 kB	7.1 kB	192.243.59.12
cdn.pncloudfl.com	13313	2021-04-20	2021-06-07	2024-05-01	437 B	1.6 kB	104.22.58.221
korgiejoinyou.com	unknown	2022-03-22	2022-03-22	2023-11-18	4.1 kB	120 kB	212.117.190.201
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-05-03	415 B	20 kB	104.16.79.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	highcpmrevenuenetwork.com	Sinkholed
2024-05-03	medium	inputwriter.com	Sinkholed
2024-05-03	medium	inputwriter.com	Sinkholed
2024-05-03	medium	inputwriter.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	streaam.net/T/dUFOrkrbby$cbso18e	9.1 kB	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:31 Times Seen2 Hash e4e8cab12cefa835ef217488bc4419fd 3e9affed87ce732d3696ff6ad07c2d3646eb2e4c dcc3433bbdf3fe46f2c95fd0c6af69bc39ee24f3a459c27e9c68e6601f85ce26 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	103 B	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:31 Times Seen2 Hash ba0ebd7940c7840f109410ba4a70e729 b57bdf8d955458f6461fc5135db5737f3c14e11d 7ff2c609b059180f44f9be8bccf4b8881f5a8586da7bea651781d998427c5d49 Loading...

	unknown	37 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-18 07:36:32 Times Seen237767 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	korgiejoinyou.com/get/1898069?zoneid=1898069&jp=_clhtt5q0m7fgt52q615icf&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&freq=0&uf=0	3.6 kB	2024-05-04	2024-05-04
Pretty URL korgiejoinyou.com/get/1898069?zoneid=1898069&jp=_clhtt5q0m7fgt52q615icf&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&freq=0&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 06:37:31 Last Seen2024-05-04 06:37:32 Times Seen1 Hash 701c96276c502713f2a1356b4414b86c 7bf754d3686569b6c56d273f7217271e4abf063b 38b658e7e2a28b8fd114bc9bcacece9820ee6bdf911a042bd0d3b3f4acd9c23b Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	267 B	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 3796eed737c8fa2ce4fc42a7d4a5be6f 66f29b480adf261be6e7be5db22df31b3591e594 d61f0285237b59d94b78ad6bc045312bc6e148a9aec94e64abb71d768d21b438 Loading...

	static.cloudflareinsights.com/beacon.min.js	19 kB	2024-04-24	2024-05-18
Pretty URL static.cloudflareinsights.com/beacon.min.js IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-18 07:22:08 Times Seen2403 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	subscription.streaam.net/f/e	0 B	2023-03-07	2024-05-18
Pretty URL subscription.streaam.net/f/e IP 172.67.142.157 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 08:04:40 Times Seen37775305 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	79 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-18 07:36:32 Times Seen126494 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	ku42hjr2e.com/get/1935067?zoneid=1935067&jp=_clqt6gxc6ebcyfkksssrqn&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1&uf=0	2.9 kB	2024-05-04	2024-05-04
Pretty URL ku42hjr2e.com/get/1935067?zoneid=1935067&jp=_clqt6gxc6ebcyfkksssrqn&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen1 Hash 6f8e437900e84f2f98d8fe25427b8333 14d4ff3ff357e146907635360054c2b03b1259fd 18bc0bd76339348d321f242571ae41249141be8f8d0b0c54e22233ac176fdcd4 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	312 B	2024-05-04	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen1 Hash 74d2ab967f178aff29cac271b2d5d96a 9583e3f072d2a27e0f5f76a1acfc988dd4bc6b47 6b05964c7a5fe1329dd019bcbe7d53ee58130f6ab1d6ad4a8f54cf870c51d773 Loading...

	ku42hjr2e.com/aas/r45d/vki/1935067/8e6e8450.js	106 kB	2024-05-04	2024-05-04
Pretty URL ku42hjr2e.com/aas/r45d/vki/1935067/8e6e8450.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 4a449f987ca461beab764f15427560b1 73f6d8f2ab84b820fc1b088c34312cf24950032f 9f30c1293275d91249f51123940b3882904de450edc2e8e7456bdb079cafd3f2 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	3.7 kB	2024-05-04	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen1 Hash fe03b54c1402e812364ae3f9f9d63ae5 210160db4f57e0a0a2a98047c53c89478674b2af ed32b11c0bfb623e275b1ba553fd3c3e8ecef5a14df72898d27a4620edc875ad Loading...

	korgiejoinyou.com/lv/esnk/1898069/code.js	116 kB	2024-05-04	2024-05-04
Pretty URL korgiejoinyou.com/lv/esnk/1898069/code.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 4eb416d3f8c724394eb0736da8b7a5e1 6ab60bfa35f000523996508db96f57abd56c084e fc699ac481b7d579cbdaec8c59a37597cc0541fba3b0ac1a2c5e776245df0180 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	222 B	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 37bdddc9363761dfb3eabbc00aaf0dae cfe48663ccd441f94607e52423563c93dd1e18f7 ac4a045107818d3279f12a86a0f99ed125101c0f6df90af9e6c5872c8890e864 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	4.9 kB	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 92b4622aaba37fb0e03f21a3e60a45d1 4033241fb7efc0b6e6ee9c30e7b2f3851ff1c2b5 6225c6c2e468363ebbb15ad63498c39a858078ba4a2d53a8d2513b17ab97309a Loading...

	pl18250360.highcpmrevenuenetwork.com/eef597e400f2902ee4350f8e289287ed/invoke.js	27 kB	2024-05-04	2024-05-04
Pretty URL pl18250360.highcpmrevenuenetwork.com/eef597e400f2902ee4350f8e289287ed/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 06:37:32 Last Seen2024-05-04 06:37:32 Times Seen2 Hash e8089d179f47597f18eddb74dc4367fa 1f8ae69b974d3a202e3cb4b5524b85f0df7b2277 1f4a7cfa038557696d727934bd538d24bfddf750208dc2f8511798f380f0a3a0 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	8.0 kB	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:32 Times Seen2 Hash dd5d5b0467ad686ab892b05f458fec77 10314b51bdb97bbe46d8f355c01f972b03badeb5 f7bca60cc9555fa58115f9142087f2d9dbc22d398bd140bf120c03c7d76b4517 Loading...

	streaam.net/T/dUFOrkrbby$cbso18e	434 B	2023-12-25	2024-05-04
Pretty URL streaam.net/T/dUFOrkrbby$cbso18e IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 18:15:43 Last Seen2024-05-04 06:37:32 Times Seen2 Hash 398e77d00cea784520f8d72384f2ab37 9553a9844398bcf14e2daa24d8082b0e030ee301 0b236b9ec481157bb7b8de53f2907630dba0501bafe5b2f31e3a00ca9ba2e4d8 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js	81 kB	2023-03-12	2024-05-17
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:15:33 Last Seen2024-05-17 02:12:25 Times Seen2149 Hash e8890063e097beea88fd37621217af9c bff78dd9c02a5008ab43642948739ce58c761b21 061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2 Loading...

HTTP Transactions (25)

URL IP Response Size

cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

25 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65292)
Size
25 kB (24765 bytes)
Hash
e8890063e097beea88fd37621217af9c
bff78dd9c02a5008ab43642948739ce58c761b21
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

HTTP Headers

GET /npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.3.0-alpha1
x-jsd-version-type: version
etag: W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 04:36:59 GMT
age: 20215759
x-served-by: cache-fra-etou8220023-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24765
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
3f30c2c47d7d23c7a994db0c862d45a5
7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 04:36:59 GMT
age: 16549093
x-served-by: cache-fra-eddf8230122-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

recharge.cineai.me/assets/landing%20page%20logo%202.png

104.21.27.102

200 OK

17 kB

URL GET HTTP/2
recharge.cineai.me/assets/landing%20page%20logo%202.png
IP
104.21.27.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectcineai.me
Fingerprint73:0A:20:32:E6:F5:E0:29:0B:21:0C:61:4D:10:89:C3:6B:E9:FE:58
ValidityWed, 13 Mar 2024 17:08:20 GMT - Tue, 11 Jun 2024 17:08:19 GMT

File type
PNG image data, 500 x 150, 8-bit/color RGBA, non-interlaced
Size
17 kB (16816 bytes)
Hash
cab576f541782bac73926e6d713d34b8
c61064e301c59e3f1bf0f716f053aa8bcaf24e28
0c05086961f85de920ba167653e7b3e1204f04a75a8fa354defc7f6914c25d27

HTTP Headers

GET /assets/landing%20page%20logo%202.png HTTP/1.1
Host: recharge.cineai.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/png
content-length: 16816
cf-ray: 87e5cb024eecb4ed-OSL
cf-cache-status: REVALIDATED
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "64baa1a6-41b0"
expires: Sat, 04 May 2024 04:46:59 GMT
last-modified: Fri, 21 Jul 2023 15:17:58 GMT
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
permissions-policy: interest-cohort=()
x-cache: HIT
x-cache-hits: 0
x-fastly-request-id: aad8b3470768ce16cd01fdefbad2a506e19689d6
x-github-request-id: 5CE6:7677C:3AE0A25:3C77986:662F963F
x-proxy-cache: MISS
x-served-by: cache-osl6544-OSL
x-timer: S1714498007.909308,VS0,VE112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2%2BlzyCqLlvNCU1C410fHFm9NZt3z94PDteb%2FL5m9qPKLOgkdhR9zKyF8d8XDqUFoETaKvIqbYDuhpzAJ%2F1zlf8C3wbC6aBtTloD47IyzyDZUPw2LMFVCtBJu7mHZXYzKSlhTb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ku42hjr2e.com/solid.gif?z=1935067&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL POST HTTP/2
ku42hjr2e.com/solid.gif?z=1935067&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62
ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1935067&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
UID=24050323373990b84127c444648162785490; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

streaam.net/vidimg.png

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
streaam.net/vidimg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectstreaam.net
Fingerprint76:BA:43:54:5D:15:4F:77:34:D4:E5:1F:18:49:FC:78:D0:46:59:97
ValiditySat, 27 Apr 2024 13:57:43 GMT - Fri, 26 Jul 2024 13:57:42 GMT

File type
PNG image data, 545 x 300, 4-bit colormap, non-interlaced
Size
1.4 kB (1354 bytes)
Hash
3c6b9579e86b1ecec958605d9d5ee1a2
b8af1f7dd4d4a7383779bd3bdd5480f0bbbdf66d
416f51c80e536146c4eab391aa1ab67866aebbf4feedffd96dcf077621ca76f5

HTTP Headers

GET /vidimg.png HTTP/1.1
Host: streaam.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/T/dUFOrkrbby$cbso18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/png
content-length: 1354
last-modified: Tue, 27 Dec 2022 15:25:02 GMT
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1VqhLp5ad%2FW9DKwHFfkGMjuk8KWdWAaxt8nWYLKiWMEWJ71pPg%2FTf4AeLIPA2PtaAtN34Ou5TpgA9VwzIhtwrHdSZZWg2D1ir6Exmce%2FiFd02ZCn%2B3qd94IVZwhEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5cb01b893b50c-OSL
alt-svc: h3=":443"; ma=86400

streaam.net/logo-n.png

188.114.97.1

200 OK

9.3 kB

URL GET HTTP/3
streaam.net/logo-n.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectstreaam.net
Fingerprint76:BA:43:54:5D:15:4F:77:34:D4:E5:1F:18:49:FC:78:D0:46:59:97
ValiditySat, 27 Apr 2024 13:57:43 GMT - Fri, 26 Jul 2024 13:57:42 GMT

File type
PNG image data, 904 x 200, 8-bit colormap, non-interlaced
Size
9.3 kB (9297 bytes)
Hash
8443d5c4d432ebfd26e4da6d35aa83ef
8a27e938d347d3512294ca47fd2c8aea27373dab
4357604749694be12fdf5614aaf7c6de995b2594ea13a1e34c7682c3be8695cc

HTTP Headers

GET /logo-n.png HTTP/1.1
Host: streaam.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/T/dUFOrkrbby$cbso18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/png
content-length: 9297
last-modified: Tue, 27 Dec 2022 15:24:57 GMT
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gl7gKDk%2FhM2CKpttVxSPaYln1ATlruI%2FTeWafcaJQFgr01XxlfyXCATbSEGyb6D8aEtA%2BluhmiY8hLHK21udaVChMngQXcQttNMGz1e1Pxo6JbXlqA9vr8MZP56Ksg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5cb01b892b50c-OSL
alt-svc: h3=":443"; ma=86400

cdn.pncloudfl.com/pn/f07/2af/cc0/f072afcc0d5a33630168232e4cb8c3fafbeac5bb.png

104.22.58.221

200 OK

438 B

URL GET HTTP/2
cdn.pncloudfl.com/pn/f07/2af/cc0/f072afcc0d5a33630168232e4cb8c3fafbeac5bb.png
IP
104.22.58.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectcdn.pncloudfl.com
Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C
ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT

File type
RIFF (little-endian) data, Web/P image
Size
438 B (438 bytes)
Hash
a5dd32b474c64db748ca06e2b6e70fdd
7e350294518ece41c4ad071583051d7356614770
19472ac4f8154ed25911ea0304e65aff07202b33d320d75a961b34be98476637

HTTP Headers

GET /pn/f07/2af/cc0/f072afcc0d5a33630168232e4cb8c3fafbeac5bb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/webp
content-length: 438
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1481
content-disposition: inline; filename="f072afcc0d5a33630168232e4cb8c3fafbeac5bb.webp"
etag: 7de11dafa221feb3e84de3c23d22254f
expires: Sat, 04 May 2024 18:38:30 GMT
last-modified: Fri, 03 Dec 2021 16:02:20 GMT
vary: Accept
x-openstack-request-id: txb04c1f67641245a0bc35d-0061b0ac58
x-proxy-cache: HIT
x-timestamp: 1638547339.96602
x-trans-id: txb04c1f67641245a0bc35d-0061b0ac58
cf-cache-status: HIT
age: 122310
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87e5cb058c6156b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

korgiejoinyou.com/chicken.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64

212.117.190.201

200 OK

43 B

URL GET HTTP/2
korgiejoinyou.com/chicken.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint83:E6:B9:DB:8C:34:6A:E4:32:D8:1F:FE:A5:0B:B3:79:4C:02:F1:E7
ValidityTue, 09 Jan 2024 13:40:07 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64 HTTP/1.1
Host: korgiejoinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405032337fe5dd85f8a394e868b1b5b5bec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

korgiejoinyou.com/get/1898069?zoneid=1898069&jp=_clhtt5q0m7fgt52q615icf&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&freq=0&uf=0

212.117.190.201

200 OK

1.6 kB

URL GET HTTP/2
korgiejoinyou.com/get/1898069?zoneid=1898069&jp=_clhtt5q0m7fgt52q615icf&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&freq=0&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint83:E6:B9:DB:8C:34:6A:E4:32:D8:1F:FE:A5:0B:B3:79:4C:02:F1:E7
ValidityTue, 09 Jan 2024 13:40:07 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
gzip compressed data, from Unix
Size
1.6 kB (1585 bytes)
Hash
98936910f65b12e813797ec392010a14
577d06e721ee85d0583d9a96c82147586867618e
d87db41f459f6b32068967b202d4b0f11c04fa074211617989c8c6042c736d4c

HTTP Headers

GET /get/1898069?zoneid=1898069&jp=_clhtt5q0m7fgt52q615icf&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: korgiejoinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:37:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
UID=2405032337fe5dd85f8a394e868b1b5b5bec; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

pl18250360.highcpmrevenuenetwork.com/eef597e400f2902ee4350f8e289287ed/invoke.js

172.240.108.84

200 OK

9.8 kB

URL GET HTTP/1.1
pl18250360.highcpmrevenuenetwork.com/eef597e400f2902ee4350f8e289287ed/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
FingerprintF6:55:BC:70:F5:AA:3F:1E:76:72:63:6E:3B:96:A7:A0:D1:F9:BC:44
ValidityTue, 16 Apr 2024 06:37:57 GMT - Mon, 15 Jul 2024 06:37:56 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26628), with no line terminators
Size
9.8 kB (9845 bytes)
Hash
e8089d179f47597f18eddb74dc4367fa
1f8ae69b974d3a202e3cb4b5524b85f0df7b2277
1f4a7cfa038557696d727934bd538d24bfddf750208dc2f8511798f380f0a3a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /eef597e400f2902ee4350f8e289287ed/invoke.js HTTP/1.1
Host: pl18250360.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:37:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 926030d69a862e2d9060a9b427b6d5e4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cloudflareinsights.com/cdn-cgi/rum

104.16.80.73

200 OK

0 B

URL OPTIONS HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1052
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 04 May 2024 04:37:00 GMT
access-control-allow-origin: https://streaam.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87e5cb075dffb50f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
353dbae1e1b45a750770ae51bef13ba7
465917a2a0bbb947e9727e7f08b584a82aa6fb81
9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 04:37:00 GMT
Last-Modified: Sat, 04 May 2024 03:14:06 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: 98N_D9ikm2yYjggoXTWKYGFBYCcDVktZ4kA3QD_ZpK65uQ0yBBEr7Q==
Age: 4974

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
45fea0d131613ea4834eff30ae595fef
e390e6832ea3602d1ac773503bb85c34cffc27a7
c5c53910e9b11237a30c9fe114be3302eaeabcb371c6f113c4aa32d57d0f8709

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://streaam.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c69c9251-608a-4781-9596-48dc9f94d4bc:1:1; expires=Tue, 02 May 2034 04:37:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

korgiejoinyou.com/whob.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64

212.117.190.201

200 OK

43 B

URL GET HTTP/2
korgiejoinyou.com/whob.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint83:E6:B9:DB:8C:34:6A:E4:32:D8:1F:FE:A5:0B:B3:79:4C:02:F1:E7
ValidityTue, 09 Jan 2024 13:40:07 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /whob.gif?z=1898069&pb=43d6bcde78328821ae0736beb836a7a71714804620&psp=kLmo7SlyEI2TseS9wqaLgUhP6u2JCfomQPK_b7RFF5jjqybAlFOxsiogJxYmB7LORsk6KgpwAuiiQdS6YFf_X5o99oJxcPIPFyEavpnWcyi2VsnU4L3Go6uUIgo47TDkwWjr-7lQ4KOyzCglfH97iK9Br1cCU2dVOTwPqT1-qDTKXgYLWiBg-sTMcnTFzDI9ZZlkphXv2u55EJnGLZfHFHST4BeJJ4PjgZoKi3k9S_IXOzGUpaK2eDSKKCuLwSbNRspj5ZAnP2AfYSOtPhBXL-I5zSRDqi0ae5T_0qbpX5K0NEO3YKS4LeSBV7HBm-nWSkH2imvS5EG3p5xATkbtTTav0BzS_ud4FfKIH41ncirby8SF4lAuJxVBdDlh3v3FdzxP2g7JDa5nlhvDag3htU-9LoSpfcYIiJdoi9SHuVTdgtg6s7pQcJLc3fI0IXi2Avouc54i1fZSQY3VVMVNq0ymyEPI-zHnQU3ib7gRCgPu0rNfIdxD1L0euIAG7pBe6VPJ_X87tKBTynoIdR0Tdj7vdXTxXdugYK9DpB13NrtLXxO2RfKTx_iV1pUzVDCKtbgZxzBYP904iB15B1pkD6OtZ08UWuN-tCst&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=675330917189120&eclog=0&im=1&pload=64 HTTP/1.1
Host: korgiejoinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405032337fe5dd85f8a394e868b1b5b5bec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:37:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

inputwriter.com/ntv.json?key=eef597e400f2902ee4350f8e289287ed&vstc=1

192.243.59.12

200 OK

4.5 kB

URL GET HTTP/1.1
inputwriter.com/ntv.json?key=eef597e400f2902ee4350f8e289287ed&vstc=1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectinputwriter.com
Fingerprint56:75:35:A8:11:B6:5B:2C:F3:E0:C0:81:00:D8:F1:34:CC:E3:83:17
ValidityTue, 30 Apr 2024 15:40:00 GMT - Mon, 29 Jul 2024 15:39:59 GMT

File type
JSON text data
Size
4.5 kB (4462 bytes)
Hash
5912f1d11908a33108cd9949e54b6ea7
ddde8dac271f48bae770ac1a7ca98ce0c0055f5a
af3bd3cd975d4a718a1d5b7eba104130c0003f577777ab138965bf78f8727975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=eef597e400f2902ee4350f8e289287ed&vstc=1 HTTP/1.1
Host: inputwriter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streaam.net
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:37:01 GMT
Content-Type: application/json
Content-Length: 4462
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://streaam.net
Access-Control-Allow-Origin: https://streaam.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18149861; expires=Sun, 05 May 2024 04:37:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 04:37:01 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 04:37:01 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 05 May 2024 04:37:01 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 05 May 2024 04:37:01 GMT; secure; SameSite=None
nleceef597e400f2902ee4350f8e289287ed=[4991489]; expires=Sat, 04 May 2024 04:37:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc16b3359a01db9c011444114b881545
Strict-Transport-Security: max-age=0; includeSubdomains

inputwriter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMtvd89scQuK6YXHNxkTRm1R3Vc%2BWW93V1I%2Fp2RFkMSDxIIw39dT7zW4WTQh6FoPMBkQWhMxtD1nw4B8gQs7Sk8XRB8V7X31fwffeq8%2F33CkJ4ejJ6jtqJKSkK626X3v1wyC4WNsQmRvWht32R%2B3mxZoevNFr1%2F3Xald5vK1WQj%2Fw%2FcAPamtC80QNVyoSIr%2FXC%2Bo9v94M60GriaH%2BPzbOg6Ee2OCUvATBZksPvWWIeIos%2FWGVm22r8tffSp2kVmkM2OH72Xamigzpoky0hyQ7PFNDmUdrD6Cyg7ldqMG%2FwkjMiPfrA0TZ4ZlJRIP9uc9IgmeI2PMoBlNwOYWgU8TqFgR7RICY4domsvTONaULuvOUpRU7I0tP%2FoYoZmTp8TKy9P4VKYa1m0o6K1RmMExKiOEUoj9F7o5gR%2BcgiiPE9jMI9jtZebKBLN3fNFJBsHLeuxBTiGQKycegxoOrjvDgEg8u95Cyk1ocBEHHZzH1u704brAOj9rMD2gnCWjgt7twcWVvDJuPEcsxYr2LXO9iW4yh3S8wWyUM82DsjHjv7mLAShScoDAEBSUoBEFhCYpBecCkCU15h0njouAsh2e5UU6U7e%2FRA2X7PCOgegzNyr38lLxYzcdb%2FutPbPOTGudJq9fhTd9Pwp4fct5stPyky8NuL%2Bx2OIMRJYQ5N295JGbk%2FBdfIxcz8uzLlxHRIxh5hFi8AuoC0KIE3Soxyu4aqzmlaT3jFkyVyO0S7I63J0%2FJ%2BfmCNi544PHxJTv64%2Br95U8Q6xK5LvGxeEjQl7cnN1RB9m%2BowpAfN3MrUjGi1fJuWmr5M9%2B%2FzXcKpdn6qhl%2FdzmuiKq89x43doNmTGR9Q%2B5eEYxxvaZ0zMnP6%2BYDHl13ZuuK05nLN66%2Fubae5pobI1Q2BRUzsnS8g1jMyAuPP53%2FywvuSwg9hXYlUndMzgJCHSHOd2HyhX%2BjCLRcaKLcQ%2BHKiQ6jxaUUBJIvMI1KmP%2FgaFFPNK1eU1Humdvoaw%2FU3kKWlhjoEgNZgsoxjHtuYnN9fOm3b6r4FpH0JpHU3n4ktfzq6ZiNOKl1Gg2ftnutoNOhvBM1w27SDhilYbMdttu0AWtmSeun9B8AAAD%2F%2FwEAAP%2F%2F9%2BZRQmwEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
inputwriter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMtvd89scQuK6YXHNxkTRm1R3Vc%2BWW93V1I%2Fp2RFkMSDxIIw39dT7zW4WTQh6FoPMBkQWhMxtD1nw4B8gQs7Sk8XRB8V7X31fwffeq8%2F33CkJ4ejJ6jtqJKSkK626X3v1wyC4WNsQmRvWht32R%2B3mxZoevNFr1%2F3Xald5vK1WQj%2Fw%2FcAPamtC80QNVyoSIr%2FXC%2Bo9v94M60GriaH%2BPzbOg6Ee2OCUvATBZksPvWWIeIos%2FWGVm22r8tffSp2kVmkM2OH72Xamigzpoky0hyQ7PFNDmUdrD6Cyg7ldqMG%2FwkjMiPfrA0TZ4ZlJRIP9uc9IgmeI2PMoBlNwOYWgU8TqFgR7RICY4domsvTONaULuvOUpRU7I0tP%2FoYoZmTp8TKy9P4VKYa1m0o6K1RmMExKiOEUoj9F7o5gR%2BcgiiPE9jMI9jtZebKBLN3fNFJBsHLeuxBTiGQKycegxoOrjvDgEg8u95Cyk1ocBEHHZzH1u704brAOj9rMD2gnCWjgt7twcWVvDJuPEcsxYr2LXO9iW4yh3S8wWyUM82DsjHjv7mLAShScoDAEBSUoBEFhCYpBecCkCU15h0njouAsh2e5UU6U7e%2FRA2X7PCOgegzNyr38lLxYzcdb%2FutPbPOTGudJq9fhTd9Pwp4fct5stPyky8NuL%2Bx2OIMRJYQ5N295JGbk%2FBdfIxcz8uzLlxHRIxh5hFi8AuoC0KIE3Soxyu4aqzmlaT3jFkyVyO0S7I63J0%2FJ%2BfmCNi544PHxJTv64%2Br95U8Q6xK5LvGxeEjQl7cnN1RB9m%2BowpAfN3MrUjGi1fJuWmr5M9%2B%2FzXcKpdn6qhl%2FdzmuiKq89x43doNmTGR9Q%2B5eEYxxvaZ0zMnP6%2BYDHl13ZuuK05nLN66%2Fubae5pobI1Q2BRUzsnS8g1jMyAuPP53%2FywvuSwg9hXYlUndMzgJCHSHOd2HyhX%2BjCLRcaKLcQ%2BHKiQ6jxaUUBJIvMI1KmP%2FgaFFPNK1eU1Humdvoaw%2FU3kKWlhjoEgNZgsoxjHtuYnN9fOm3b6r4FpH0JpHU3n4ktfzq6ZiNOKl1Gg2ftnutoNOhvBM1w27SDhilYbMdttu0AWtmSeun9B8AAAD%2F%2FwEAAP%2F%2F9%2BZRQmwEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectinputwriter.com
Fingerprint56:75:35:A8:11:B6:5B:2C:F3:E0:C0:81:00:D8:F1:34:CC:E3:83:17
ValidityTue, 30 Apr 2024 15:40:00 GMT - Mon, 29 Jul 2024 15:39:59 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMtvd89scQuK6YXHNxkTRm1R3Vc%2BWW93V1I%2Fp2RFkMSDxIIw39dT7zW4WTQh6FoPMBkQWhMxtD1nw4B8gQs7Sk8XRB8V7X31fwffeq8%2F33CkJ4ejJ6jtqJKSkK626X3v1wyC4WNsQmRvWht32R%2B3mxZoevNFr1%2F3Xald5vK1WQj%2Fw%2FcAPamtC80QNVyoSIr%2FXC%2Bo9v94M60GriaH%2BPzbOg6Ee2OCUvATBZksPvWWIeIos%2FWGVm22r8tffSp2kVmkM2OH72Xamigzpoky0hyQ7PFNDmUdrD6Cyg7ldqMG%2FwkjMiPfrA0TZ4ZlJRIP9uc9IgmeI2PMoBlNwOYWgU8TqFgR7RICY4domsvTONaULuvOUpRU7I0tP%2FoYoZmTp8TKy9P4VKYa1m0o6K1RmMExKiOEUoj9F7o5gR%2BcgiiPE9jMI9jtZebKBLN3fNFJBsHLeuxBTiGQKycegxoOrjvDgEg8u95Cyk1ocBEHHZzH1u704brAOj9rMD2gnCWjgt7twcWVvDJuPEcsxYr2LXO9iW4yh3S8wWyUM82DsjHjv7mLAShScoDAEBSUoBEFhCYpBecCkCU15h0njouAsh2e5UU6U7e%2FRA2X7PCOgegzNyr38lLxYzcdb%2FutPbPOTGudJq9fhTd9Pwp4fct5stPyky8NuL%2Bx2OIMRJYQ5N295JGbk%2FBdfIxcz8uzLlxHRIxh5hFi8AuoC0KIE3Soxyu4aqzmlaT3jFkyVyO0S7I63J0%2FJ%2BfmCNi544PHxJTv64%2Br95U8Q6xK5LvGxeEjQl7cnN1RB9m%2BowpAfN3MrUjGi1fJuWmr5M9%2B%2FzXcKpdn6qhl%2FdzmuiKq89x43doNmTGR9Q%2B5eEYxxvaZ0zMnP6%2BYDHl13ZuuK05nLN66%2Fubae5pobI1Q2BRUzsnS8g1jMyAuPP53%2FywvuSwg9hXYlUndMzgJCHSHOd2HyhX%2BjCLRcaKLcQ%2BHKiQ6jxaUUBJIvMI1KmP%2FgaFFPNK1eU1Humdvoaw%2FU3kKWlhjoEgNZgsoxjHtuYnN9fOm3b6r4FpH0JpHU3n4ktfzq6ZiNOKl1Gg2ftnutoNOhvBM1w27SDhilYbMdttu0AWtmSeun9B8AAAD%2F%2FwEAAP%2F%2F9%2BZRQmwEAAA%3D HTTP/1.1
Host: inputwriter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Cookie: u_pl=18149861; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleceef597e400f2902ee4350f8e289287ed=[4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:37:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4fcbfce18743c11fed8268bb866eccd5
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png

45.133.44.9

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
120 kB (119965 bytes)
Hash
c5a83c3079df6439410f74f3e8de6930
66dab231922cc92db7c41f49d7bdb7da1dfde08a
ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8

HTTP Headers

GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:37:01 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Mon, 06 May 2024 04:37:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

inputwriter.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMts9O7MzYw4hcd2wuGZjouhNqquqZ8ut7mrqx%2FTsCLIYkHgQxpt66v1mN4smBD2LQWYDIgtC5raHLHjwDxAhZ%2BnJ4uiD4r2vvq%2Fge%2B%2FV53v%2BlDTg6cnqO3oolaJLrXpYe%2FXDKLpY25CZH9QGnZWPVpoXa6b%2FRnelHr5WuyrYtl5qhFEYRmFUW5NGJHqwVJGQ%2Bb1uVO%2BG9WajHrWaGJj%2FY%2BsDWBqA90%2FJS5B8uvAwWIRkE2TpD6vCbjudv%2F5W6hV12qDPD9%2FPtjNdZEjnZWICJNnhmRraPlp7AJ0dzOxC9%2F8VxnJKgl8fIM4Oz0wi7u%2FPfMYKIkPMn0fRn0CoCSSdgOlbkPwRARjHtU1k6Z1r2hR05ylLK3ZKFp78DVlMycLjRWTp%2FStKDmo3tfJO6sxikJSQgwlkb4LcH8ENz0EWR2DuM0j%2BO1l6soEs3d%2B0SkPycta7lBPIZAIlRqA2gK%2BODOCTAD4PkPKTGouiqB1yRsNOl7Fl3hbxCg8j2k4iGoUrHXhW2RvB5SMwNQIzu8jNLrblCMb%2FArtVwvIA1k1J8O4u%2BrxEIQgKS1BQgkISFI6g6JcHXNmGLe9wZX0cneXGWV4ux9r19uiBdj2REVAzguHlXn5KXqzmEyz%2B9Se2xUlNiKTVbYtmGCaNbtgQorncCpOOaHS6jU5bcFhZQtpzs5aHckrOf%2FE1cjklz758GTE9glVHYPIVUB%2BBFiXoVolhdtc6IyhN65lw4LpE7hbgdoI9dUrOzxa0cSGAYMeX3PCPq%2FcXPwEzJXJT4mP5kKCnbo9v6ILs39CFJT9u5k6mckir5d101Ilnvn9b7BTa8PVVO%2FruMquIqrz3nrBug2ZcZj1L7l6RnAuzpg0T5Od1%2B4GIr3u7dcWbzOcb199cW09zI6yVOpuAyilZON4Bk1PywuNPZ%2F%2Fygv8S0kxgfInUH5OzgNRHYPkubD73bzWBUXNNnAcofDk2jXh%2BqSSBEnNM4xL2Pzie12NDq9dUlnv2NnomAHW3kKUl%2BqZEX5WgagTrnxu73Bxf%2Bu2bKr5FrIJxrEywHyujvno6ZitPasshb8ciEe1YNFvNRDAet1pxyBIWL%2FNOh8HZadL6Kf0HAAD%2F%2FwEAAP%2F%2FdzKEqmwEAAA%3D

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
inputwriter.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMts9O7MzYw4hcd2wuGZjouhNqquqZ8ut7mrqx%2FTsCLIYkHgQxpt66v1mN4smBD2LQWYDIgtC5raHLHjwDxAhZ%2BnJ4uiD4r2vvq%2Fge%2B%2FV53v%2BlDTg6cnqO3oolaJLrXpYe%2FXDKLpY25CZH9QGnZWPVpoXa6b%2FRnelHr5WuyrYtl5qhFEYRmFUW5NGJHqwVJGQ%2Bb1uVO%2BG9WajHrWaGJj%2FY%2BsDWBqA90%2FJS5B8uvAwWIRkE2TpD6vCbjudv%2F5W6hV12qDPD9%2FPtjNdZEjnZWICJNnhmRraPlp7AJ0dzOxC9%2F8VxnJKgl8fIM4Oz0wi7u%2FPfMYKIkPMn0fRn0CoCSSdgOlbkPwRARjHtU1k6Z1r2hR05ylLK3ZKFp78DVlMycLjRWTp%2FStKDmo3tfJO6sxikJSQgwlkb4LcH8ENz0EWR2DuM0j%2BO1l6soEs3d%2B0SkPycta7lBPIZAIlRqA2gK%2BODOCTAD4PkPKTGouiqB1yRsNOl7Fl3hbxCg8j2k4iGoUrHXhW2RvB5SMwNQIzu8jNLrblCMb%2FArtVwvIA1k1J8O4u%2BrxEIQgKS1BQgkISFI6g6JcHXNmGLe9wZX0cneXGWV4ux9r19uiBdj2REVAzguHlXn5KXqzmEyz%2B9Se2xUlNiKTVbYtmGCaNbtgQorncCpOOaHS6jU5bcFhZQtpzs5aHckrOf%2FE1cjklz758GTE9glVHYPIVUB%2BBFiXoVolhdtc6IyhN65lw4LpE7hbgdoI9dUrOzxa0cSGAYMeX3PCPq%2FcXPwEzJXJT4mP5kKCnbo9v6ILs39CFJT9u5k6mckir5d101Ilnvn9b7BTa8PVVO%2FruMquIqrz3nrBug2ZcZj1L7l6RnAuzpg0T5Od1%2B4GIr3u7dcWbzOcb199cW09zI6yVOpuAyilZON4Bk1PywuNPZ%2F%2Fygv8S0kxgfInUH5OzgNRHYPkubD73bzWBUXNNnAcofDk2jXh%2BqSSBEnNM4xL2Pzie12NDq9dUlnv2NnomAHW3kKUl%2BqZEX5WgagTrnxu73Bxf%2Bu2bKr5FrIJxrEywHyujvno6ZitPasshb8ciEe1YNFvNRDAet1pxyBIWL%2FNOh8HZadL6Kf0HAAD%2F%2FwEAAP%2F%2FdzKEqmwEAAA%3D
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectinputwriter.com
Fingerprint56:75:35:A8:11:B6:5B:2C:F3:E0:C0:81:00:D8:F1:34:CC:E3:83:17
ValidityTue, 30 Apr 2024 15:40:00 GMT - Mon, 29 Jul 2024 15:39:59 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujosHBUHZg5DLXAQNMts9O7MzYw4hcd2wuGZjouhNqquqZ8ut7mrqx%2FTsCLIYkHgQxpt66v1mN4smBD2LQWYDIgtC5raHLHjwDxAhZ%2BnJ4uiD4r2vvq%2Fge%2B%2FV53v%2BlDTg6cnqO3oolaJLrXpYe%2FXDKLpY25CZH9QGnZWPVpoXa6b%2FRnelHr5WuyrYtl5qhFEYRmFUW5NGJHqwVJGQ%2Bb1uVO%2BG9WajHrWaGJj%2FY%2BsDWBqA90%2FJS5B8uvAwWIRkE2TpD6vCbjudv%2F5W6hV12qDPD9%2FPtjNdZEjnZWICJNnhmRraPlp7AJ0dzOxC9%2F8VxnJKgl8fIM4Oz0wi7u%2FPfMYKIkPMn0fRn0CoCSSdgOlbkPwRARjHtU1k6Z1r2hR05ylLK3ZKFp78DVlMycLjRWTp%2FStKDmo3tfJO6sxikJSQgwlkb4LcH8ENz0EWR2DuM0j%2BO1l6soEs3d%2B0SkPycta7lBPIZAIlRqA2gK%2BODOCTAD4PkPKTGouiqB1yRsNOl7Fl3hbxCg8j2k4iGoUrHXhW2RvB5SMwNQIzu8jNLrblCMb%2FArtVwvIA1k1J8O4u%2BrxEIQgKS1BQgkISFI6g6JcHXNmGLe9wZX0cneXGWV4ux9r19uiBdj2REVAzguHlXn5KXqzmEyz%2B9Se2xUlNiKTVbYtmGCaNbtgQorncCpOOaHS6jU5bcFhZQtpzs5aHckrOf%2FE1cjklz758GTE9glVHYPIVUB%2BBFiXoVolhdtc6IyhN65lw4LpE7hbgdoI9dUrOzxa0cSGAYMeX3PCPq%2FcXPwEzJXJT4mP5kKCnbo9v6ILs39CFJT9u5k6mckir5d101Ilnvn9b7BTa8PVVO%2FruMquIqrz3nrBug2ZcZj1L7l6RnAuzpg0T5Od1%2B4GIr3u7dcWbzOcb199cW09zI6yVOpuAyilZON4Bk1PywuNPZ%2F%2Fygv8S0kxgfInUH5OzgNRHYPkubD73bzWBUXNNnAcofDk2jXh%2BqSSBEnNM4xL2Pzie12NDq9dUlnv2NnomAHW3kKUl%2BqZEX5WgagTrnxu73Bxf%2Bu2bKr5FrIJxrEywHyujvno6ZitPasshb8ciEe1YNFvNRDAet1pxyBIWL%2FNOh8HZadL6Kf0HAAD%2F%2FwEAAP%2F%2FdzKEqmwEAAA%3D HTTP/1.1
Host: inputwriter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Cookie: u_pl=18149861; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleceef597e400f2902ee4350f8e289287ed=[4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:37:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89cc253cc83271ecd4f80b49c45652e1
Strict-Transport-Security: max-age=0; includeSubdomains

subscription.streaam.net/f/e

172.67.142.157

200 OK

4.3 kB

URL GET HTTP/2
subscription.streaam.net/f/e
IP
172.67.142.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectstreaam.net
Fingerprint4F:72:9D:4D:8C:90:BC:5F:30:7A:C9:CE:10:5D:6A:50:63:95:75:20
ValiditySat, 13 Apr 2024 18:53:47 GMT - Fri, 12 Jul 2024 18:53:46 GMT

File type
JavaScript source, ASCII text, with very long lines (4265), with no line terminators
Size
4.3 kB (4261 bytes)
Hash
df4cb5cad79034c1c256a0d24db3ff1d
46c5644f74aa4caab361f65126f751a40e639ea7
75ee9914dca3285d564bd8e5a3c89ba2568e27428fc89a3abd483c150656664d

HTTP Headers

GET /f/e HTTP/1.1
Host: subscription.streaam.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:37:00 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18eTrfHVDGkQDyWQq2xpDk1IY1%2BCjHKuTUad5sK8niaugscQ1fCUGMKmKds0dtKj5HUppDNIHPXwA%2FgJdFXuTMy89T9ZsmGV9VlgjKujjNzeCd93oLLbcxTSDHD0mdSWLzwisbBdXCWhRbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5cb04cbba7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

streaam.net/T/dUFOrkrbby$cbso18e

188.114.97.1

200 OK

89 kB

URL User Request GET HTTP/2
streaam.net/T/dUFOrkrbby$cbso18e
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectstreaam.net
Fingerprint76:BA:43:54:5D:15:4F:77:34:D4:E5:1F:18:49:FC:78:D0:46:59:97
ValiditySat, 27 Apr 2024 13:57:43 GMT - Fri, 26 Jul 2024 13:57:42 GMT

File type

Size
89 kB (89441 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /T/dUFOrkrbby$cbso18e HTTP/1.1
Host: streaam.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:36:59 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvim%2Fg1ITMGkvzhtLD6B0AXFkpgdsCLL%2BqDaOHuXkuPw2TwaJayxYD3pzgwzmiqGmKYOT%2FAK06xWQi%2BI8YrCFDLYNCOm%2Fp29VRednqzpvTiTv9jdpXX032rIWuDIgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5cafe292156b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

korgiejoinyou.com/lv/esnk/1898069/code.js

212.117.190.201

200 OK

116 kB

URL GET HTTP/2
korgiejoinyou.com/lv/esnk/1898069/code.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint83:E6:B9:DB:8C:34:6A:E4:32:D8:1F:FE:A5:0B:B3:79:4C:02:F1:E7
ValidityTue, 09 Jan 2024 13:40:07 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65107)
Size
116 kB (115701 bytes)
Hash
4eb416d3f8c724394eb0736da8b7a5e1
6ab60bfa35f000523996508db96f57abd56c084e
fc699ac481b7d579cbdaec8c59a37597cc0541fba3b0ac1a2c5e776245df0180

HTTP Headers

GET /lv/esnk/1898069/code.js HTTP/1.1
Host: korgiejoinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:36:59 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1c437"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

streaam.net/favicon.ico

188.114.97.1

404 Not Found

584 B

URL GET HTTP/3
streaam.net/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerLet's Encrypt
Subjectstreaam.net
Fingerprint76:BA:43:54:5D:15:4F:77:34:D4:E5:1F:18:49:FC:78:D0:46:59:97
ValiditySat, 27 Apr 2024 13:57:43 GMT - Fri, 26 Jul 2024 13:57:42 GMT

File type
HTML document, ASCII text, with very long lines (609), with no line terminators
Size
584 B (584 bytes)
Hash
2048a68b1c5638a3bdf784d352bdd884
ca3c639e9c80c778b7b4ec7ceb5136c07b0fc908
108538b981b7c7ae58bcecd8888c0f498abb2895dec7c408eb1a009c9f6f8e8b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: streaam.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/T/dUFOrkrbby$cbso18e
Cookie: bnState_1898069={"impressions":1,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 04:37:00 GMT
content-type: text/html
last-modified: Mon, 01 Mar 2021 15:36:36 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCrWvUarXtX38eLT5rYhXJ1k3RlkgfKhPLTHKY0xFQZ3QFvdrNJ%2Bxg%2FOx3gllwEmlLdg719KgJ%2BVqB9EpaDmQxkxceFVVg0fhsvUaT9msVG42e8WIDiyWO9oShXqzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e5cb05dadbb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js

104.16.79.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19189), with no line terminators
Size
19 kB (19189 bytes)
Hash
4c980ee97cb5c001b4d19e2895fa5603
2c6fe998aa7486c4becd74cf253bdd82666a64c3
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

HTTP Headers

GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 04:36:59 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5cb01debbb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ku42hjr2e.com/aas/r45d/vki/1935067/8e6e8450.js

212.117.190.201

200 OK

106 kB

URL GET HTTP/2
ku42hjr2e.com/aas/r45d/vki/1935067/8e6e8450.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62
ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65106)
Size
106 kB (106460 bytes)
Hash
4a449f987ca461beab764f15427560b1
73f6d8f2ab84b820fc1b088c34312cf24950032f
9f30c1293275d91249f51123940b3882904de450edc2e8e7456bdb079cafd3f2

HTTP Headers

GET /aas/r45d/vki/1935067/8e6e8450.js HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:36:59 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

ku42hjr2e.com/get/1935067?zoneid=1935067&jp=_clqt6gxc6ebcyfkksssrqn&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1&uf=0

212.117.190.201

200 OK

2.9 kB

URL GET HTTP/2
ku42hjr2e.com/get/1935067?zoneid=1935067&jp=_clqt6gxc6ebcyfkksssrqn&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1&uf=0
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://streaam.net/T/dUFOrkrbby$cbso18e
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62
ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
ASCII text, with very long lines (3287), with no line terminators
Size
2.9 kB (2947 bytes)
Hash
48be7986c27172555059908d00040d54
17901e986c81ab63950becd14adb168aab9a9c10
d7c6eeb7a434c9dd0dd65278d8b87fe1f65c08f25ec66f366d5340fee48a5ece

HTTP Headers

GET /get/1935067?zoneid=1935067&jp=_clqt6gxc6ebcyfkksssrqn&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238280870574592&eclog=0&im=1&uf=0 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streaam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 04:37:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
UID=24050323379db80371c2ed46bfa59cb0f292; Path=/; Expires=Sat, 07 Jun 2025 04:37:00 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by