| traversefaultlessashamed.com/578809753307c1950fc30d78bf8d1031/invoke.js | 192.243.59.20 | 200 OK | 9.8 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/578809753307c1950fc30d78bf8d1031/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26567), with no line terminators Hash4cdf6c0b6dff58249c052f2a0f1a14d7 0f626f52a25074fa576740a1844184629c9977bc 3228099c202a8e8d60ef5068b7ea5a545efd6b3e5615a026e0fe7824912a1c44
GET /578809753307c1950fc30d78bf8d1031/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32856054c1d2a717923531839b4e0318
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| traversefaultlessashamed.com/98/2b/a3/982ba3a0bdb46e267599ca38b14eca00.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/98/2b/a3/982ba3a0bdb46e267599ca38b14eca00.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashffc19e31ede3341bb331d3dca011733a 38859cadc1247cbd5c22dffe76f1e640b54a5849 3e49e82e70dfb13e7ceeacf8d6235d04f8ad3c34d63991e11fc7e69e53f217fa
GET /98/2b/a3/982ba3a0bdb46e267599ca38b14eca00.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 969e1203b4b1c7df1cad301475903361
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| traversefaultlessashamed.com/02/70/5e/02705efd3f66fc00b7fe8a80cc00dee7.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/02/70/5e/02705efd3f66fc00b7fe8a80cc00dee7.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (45396), with no line terminators Hash054adde386c39cad8e10a6553ba505a3 398e61e76a906ff80c85fe58840e7151f011d8bb eca4ecc9ca392bc63a7c91a77b0ce7f69ee858f4e809124dfbb245ce5e556ccd
GET /02/70/5e/02705efd3f66fc00b7fe8a80cc00dee7.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Tue, 07 May 2024 23:22:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc0bdd6a1d85706001d770d5ba377d7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 20:22:50 GMT
Last-Modified: Sat, 04 May 2024 18:51:23 GMT
Server: ECAcc (ska/F6E3)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eWkPMUJed1fV7foqMt4tUDN4soA3JQoPe0wRJNzu_si0vICxqzydQg==
Age: 5488
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 20:22:50 GMT
Last-Modified: Sat, 04 May 2024 18:54:25 GMT
Server: ECAcc (ska/F6CC)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LlD2sgS5wh31OBxgS_5F21re6FTMJQT2-0Nz0MeACPQcVLWIprrflg==
Age: 5306
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash297160963796d1c416cb1d9f164f352d f5d3ed26c28b3d4b79d064b48cb60a637ebdb9ce 88e446236b5d208c3e7ee25e7928385f22808049280d8be51d7ab205864f611f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://usstreamsgate.online
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=99f63d83-729f-4e8d-9b7a-dd82f69f58cd:1:1; expires=Tue, 02 May 2034 20:22:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hasha4e85febd7acd6c030c1a95ec4ba1653 7774b8098464cde5ec1a87cea085e5a4fbe4fea7 944b66a071f747d34f23b2e2fc551f7b3ec0788f7bce476f20de920744833bc6
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://usstreamsgate.online
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Tue, 02 May 2034 20:22:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| traversefaultlessashamed.com/1c29ee3ce0f712d228bd366a1175be4e/invoke.js | 192.243.59.20 | 200 OK | 12 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/1c29ee3ce0f712d228bd366a1175be4e/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (31284), with no line terminators Hash891465693e301a694d216ab96d6753d3 57de128bdc4d8ef5afaaf7ad18e1e4efb7b312e6 543746cb2b233cd37166f70b71ed17d36211043b48e6402a0feaca202400ebb4
GET /1c29ee3ce0f712d228bd366a1175be4e/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90d6e558b963960c184cd3ca2a3d7bbd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| traversefaultlessashamed.com/672dfd16d604016f2d67fabea989db42/invoke.js | 192.243.59.20 | 200 OK | 12 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/672dfd16d604016f2d67fabea989db42/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (31305), with no line terminators Hash817b79d444047c3e05549486541fe561 eff76d60adf38c6a515ec1723c17f5d250573d90 9378d40ff738b59b6845b8b46ae61d1fb1a171219ff6c12abf61d629d21d5484
GET /672dfd16d604016f2d67fabea989db42/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7f0dcfb7777a55d38748426f39f3266
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ | 172.67.212.138 | 200 OK | 12 kB |
URL User Request GET HTTP/2usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ IP172.67.212.138:443
CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeHTML document, ASCII text, with very long lines (9779) Hashdf80251b46bd004c95e515f1bbe40ce5 adfec78792297cbe63fa77dde6e2961df7908263 a0f30ab0801da4548c3a84738c02c16899a50a964fda991ab3034b0ec2bac045
GET /2024/05/04/chicago-cubs-vs-milwaukee-brewers/ HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:49 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.28
x-pingback: https://usstreamsgate.online/xmlrpc.php
x-ua-compatible: IE=edge
link: <https://usstreamsgate.online/wp-json/>; rel="https://api.w.org/", <https://usstreamsgate.online/wp-json/wp/v2/posts/554>; rel="alternate"; type="application/json", <https://usstreamsgate.online/?p=554>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jAB9EK254pL2NuNBjRa%2F79wOLbCVlOjF4Y7eFrLOLLOozWTzo3%2FwxlSW%2BJxyIJU6OcxWo17fbiWDpFALBaLn%2F4lssusMOjjga84VkhJSke900H7Zsqt3l3F5ahUYAjJIuJcbDKdLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb34793cfa56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| traversefaultlessashamed.com/0f7aa6ec1bf13f572091ba2179d89352/invoke.js | 192.243.59.20 | 200 OK | 12 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/0f7aa6ec1bf13f572091ba2179d89352/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (31335), with no line terminators Hashdcd6d30a325bbd2ef9feece307a9e7ab a0a7ed85fc0f2fe38ab2ad87875a3a3d532f594a 5bb7ccb39df4554b3861d649ac61c807da8906d5ac9d76eb225e5f58b39734ec
GET /0f7aa6ec1bf13f572091ba2179d89352/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 99aed00520fd85f231c8e5fd5e7d169f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| inconveniencemimic.com/pixel/purst?dl=0&th=0&sc=0&rs=2098&rd=2098&fd=1041&bv=24.5.6485&tmpl=70 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1inconveniencemimic.com/pixel/purst?dl=0&th=0&sc=0&rs=2098&rd=2098&fd=1041&bv=24.5.6485&tmpl=70 IP172.240.253.132:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2098&rd=2098&fd=1041&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| blesshunt.com/watch.1070942543867.js?key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 172.240.108.76 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1blesshunt.com/watch.1070942543867.js?key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP172.240.108.76:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectblesshunt.com Fingerprint38:54:D2:52:04:4A:D1:5A:AF:61:74:52:84:6E:7D:AD:01:13:C9:FE ValidityMon, 29 Apr 2024 08:18:39 GMT - Sun, 28 Jul 2024 08:18:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1070942543867.js?key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: blesshunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Location: https://blesshunt.com/watch.1070942543867.js?dev=e&key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=2a972ecb4ea618270219076c2641052bf883cd1f1a8fbb2484b54ca70eec53615199058a50a10ca66cc82d47268fdcfd9a00d572a17524efd4675fc541c91b9be80b360a45860813cd970431a4c163fc58cbb8f64afb8921a752af8e471901ccac&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1
Set-Cookie: u_pl=22816183; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjE4MywiayI6IjFjMjllZTNjZTBmNzEyZDIyOGJkMzY2YTExNzViZTRlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InVrZWZkanFmbXUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.T02Jp06Iz2-DyBZPKNvuA9Tn1p5E-wExpyH5wtUDHAk; expires=Sat, 04 May 2024 20:23:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70d0ea962a0b1e893c0f44fd022f1ca6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| buddycenters.shop/embed/stream-27.php | 188.114.96.1 | 200 OK | 36 kB |
URL HEAD HTTP/3buddycenters.shop/embed/stream-27.php IP188.114.96.1:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerGoogle Trust Services LLC Subjectbuddycenters.shop Fingerprint37:6E:AE:15:7A:0B:70:26:91:C3:71:5B:44:FD:6E:C2:CB:2B:56:11 ValidityThu, 04 Apr 2024 20:45:04 GMT - Wed, 03 Jul 2024 20:45:03 GMT
File typeHTML document, ASCII text, with very long lines (54385), with CRLF, LF line terminators Hashdc4fc0726a987d46ff0effa1b0ce3c67 3cb073fe398ed36fb39c40e524de641542dc77b9 33be6ecbae21ed13b80aa5fcd81f1158db4523937c01dc2d9e2d07047f573d02
GET /embed/stream-27.php HTTP/1.1
Host: buddycenters.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXhUIVsg5EDcP%2F%2B7sylKpj17LSH0NXAwYN%2Bbwt2QjWFY5Q3RFPaz6lJPu2SlsGNTK7sY4jxESChAgRWpB5EmiAno31hH7Bk%2B3Up%2B52bmlvq4NXllWpXz1Ha5gVdh%2BHyiD4NspQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb3487fed456c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| blesshunt.com/watch.1070942543867.js?dev=e&key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=2a972ecb4ea618270219076c2641052bf883cd1f1a8fbb2484b54ca70eec53615199058a50a10ca66cc82d47268fdcfd9a00d572a17524efd4675fc541c91b9be80b360a45860813cd970431a4c163fc58cbb8f64afb8921a752af8e471901ccac&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 172.240.108.76 | 200 OK | 2.1 kB |
URL GET HTTP/1.1blesshunt.com/watch.1070942543867.js?dev=e&key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=2a972ecb4ea618270219076c2641052bf883cd1f1a8fbb2484b54ca70eec53615199058a50a10ca66cc82d47268fdcfd9a00d572a17524efd4675fc541c91b9be80b360a45860813cd970431a4c163fc58cbb8f64afb8921a752af8e471901ccac&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP172.240.108.76:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectblesshunt.com Fingerprint38:54:D2:52:04:4A:D1:5A:AF:61:74:52:84:6E:7D:AD:01:13:C9:FE ValidityMon, 29 Apr 2024 08:18:39 GMT - Sun, 28 Jul 2024 08:18:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2637) Hashb45a35628cdea02eaf76042dd266bebc a15fd392d22bd3879745be6f4c87e0e1c1d3610a 64ff3d706701707bdf90c61b905693264eb6c8ee353d6409e6b1a134d086c3b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1070942543867.js?dev=e&key=1c29ee3ce0f712d228bd366a1175be4e&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=2a972ecb4ea618270219076c2641052bf883cd1f1a8fbb2484b54ca70eec53615199058a50a10ca66cc82d47268fdcfd9a00d572a17524efd4675fc541c91b9be80b360a45860813cd970431a4c163fc58cbb8f64afb8921a752af8e471901ccac&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: blesshunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
Referer: https://usstreamsgate.online/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22816183; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjE4MywiayI6IjFjMjllZTNjZTBmNzEyZDIyOGJkMzY2YTExNzViZTRlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InVrZWZkanFmbXUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.T02Jp06Iz2-DyBZPKNvuA9Tn1p5E-wExpyH5wtUDHAk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
iprc9b0077cfb9113e9f8cfc2321ef65ce19=3569808; expires=Sun, 05 May 2024 00:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 076ae7401095e6e59c5b8371cb37a5b9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| gobetweencomment.com/watch.692752833314.js?key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1gobetweencomment.com/watch.692752833314.js?key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP172.240.127.234:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectgobetweencomment.com FingerprintD1:00:8E:AF:F3:49:12:FD:98:D0:A1:73:2A:15:21:D6:9A:8D:0F:39 ValidityMon, 29 Apr 2024 08:12:38 GMT - Sun, 28 Jul 2024 08:12:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.692752833314.js?key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: gobetweencomment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Location: https://gobetweencomment.com/watch.692752833314.js?dev=e&key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=f16891a1e5e38057f6500dfc82dc437a55d83d7375a6acd5774d1b55fdae89bf75c8364f502f3dbe7b1b7fe4466bc710bd047050cb7511df3eaf9232f71ec424306d07dba0ad68a58609cbc3e4d8e21c63f1be10e9a4b5e4fc369abd7fc203461e&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1
Set-Cookie: u_pl=22816187; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjE4NywiayI6IjY3MmRmZDE2ZDYwNDAxNmYyZDY3ZmFiZWE5ODlkYjQyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoicW1kcDYxd3M5ZCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Vzc3RyZWFtc2dhdGUub25saW5lLzIwMjQvMDUvMDQvY2hpY2Fnby1jdWJzLXZzLW1pbHdhdWtlZS1icmV3ZXJzLyIsImFyIjpbXX19.DAdvU2GY-JL_cS-3PzdnmQRyqR5XhxLTZcP_EX-Bdpo; expires=Sat, 04 May 2024 20:23:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af0c1a9505118d94b8350569898e2281
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 39 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 30bd3d633645778da7470e51c17398c0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 20:22:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ba2GX55mzftfljsxj9L%2BfABdDrygqzVjh5wIqhlNZyc1lvEjLw4IpDggCXeuV8INA95QZ9Ka6k%2BiibZxNTc4VOs5cNJfqjl%2F4FA64pmi1ZRlgKGbFHz0H%2FtQcd54AmpKYUqTrAzGbFqV71X6H2wCdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34861be356c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xd.awashemeers.com/rSDwGOn9YSKf/oRBvJ | 23.109.170.114 | 200 OK | 20 B |
URL GET HTTP/1.1xd.awashemeers.com/rSDwGOn9YSKf/oRBvJ IP23.109.170.114:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectxd.awashemeers.com FingerprintE8:13:E8:7F:43:E9:0B:27:72:31:7B:5A:55:DB:38:8D:9D:23:6E:E3 ValidityThu, 28 Mar 2024 23:36:48 GMT - Wed, 26 Jun 2024 23:36:47 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rSDwGOn9YSKf/oRBvJ HTTP/1.1
Host: xd.awashemeers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://buddycenters.shop
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 20:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 20:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| buddycenters.shop/embed/adblock.php | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3buddycenters.shop/embed/adblock.php IP188.114.96.1:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerGoogle Trust Services LLC Subjectbuddycenters.shop Fingerprint37:6E:AE:15:7A:0B:70:26:91:C3:71:5B:44:FD:6E:C2:CB:2B:56:11 ValidityThu, 04 Apr 2024 20:45:04 GMT - Wed, 03 Jul 2024 20:45:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/adblock.php HTTP/1.1
Host: buddycenters.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/embed/stream-27.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: application/javascript
content-length: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k84Q5Y7dFuoUBpW9lwGdldozZZt3LIUcuurzt%2FAQG09bdYyrq0MMgIKmTdGWM7%2B2eBFjxIvg1tmJmU%2FWzo78i9bhp0%2BNXZHy7khR%2BVcv2KXZmcrt9afirIGSi%2FlTqGLYtTg1fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb34899fc15691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gobetweencomment.com/watch.692752833314.js?dev=e&key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=f16891a1e5e38057f6500dfc82dc437a55d83d7375a6acd5774d1b55fdae89bf75c8364f502f3dbe7b1b7fe4466bc710bd047050cb7511df3eaf9232f71ec424306d07dba0ad68a58609cbc3e4d8e21c63f1be10e9a4b5e4fc369abd7fc203461e&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 172.240.127.234 | 200 OK | 2.0 kB |
URL GET HTTP/1.1gobetweencomment.com/watch.692752833314.js?dev=e&key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=f16891a1e5e38057f6500dfc82dc437a55d83d7375a6acd5774d1b55fdae89bf75c8364f502f3dbe7b1b7fe4466bc710bd047050cb7511df3eaf9232f71ec424306d07dba0ad68a58609cbc3e4d8e21c63f1be10e9a4b5e4fc369abd7fc203461e&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP172.240.127.234:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectgobetweencomment.com FingerprintD1:00:8E:AF:F3:49:12:FD:98:D0:A1:73:2A:15:21:D6:9A:8D:0F:39 ValidityMon, 29 Apr 2024 08:12:38 GMT - Sun, 28 Jul 2024 08:12:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2462) Hasha73a385192486b1e3cda24a0e63e583e 8b11dd5b0980e8c25df57e053918a3885e45cb49 fa9109455107bf040af8909484566d4f4476ffe55b8eaf1864f1dcca23ba8f0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.692752833314.js?dev=e&key=672dfd16d604016f2d67fabea989db42&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=f16891a1e5e38057f6500dfc82dc437a55d83d7375a6acd5774d1b55fdae89bf75c8364f502f3dbe7b1b7fe4466bc710bd047050cb7511df3eaf9232f71ec424306d07dba0ad68a58609cbc3e4d8e21c63f1be10e9a4b5e4fc369abd7fc203461e&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: gobetweencomment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
Referer: https://usstreamsgate.online/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22816187; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjE4NywiayI6IjY3MmRmZDE2ZDYwNDAxNmYyZDY3ZmFiZWE5ODlkYjQyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoicW1kcDYxd3M5ZCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Vzc3RyZWFtc2dhdGUub25saW5lLzIwMjQvMDUvMDQvY2hpY2Fnby1jdWJzLXZzLW1pbHdhdWtlZS1icmV3ZXJzLyIsImFyIjpbXX19.DAdvU2GY-JL_cS-3PzdnmQRyqR5XhxLTZcP_EX-Bdpo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 320644aadad64a2755dcba60a9dd7ec8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| usstreamsgate.online/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.4.0 | 172.67.212.138 | 200 OK | 553 B |
URL GET HTTP/3usstreamsgate.online/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.4.0 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeASCII text, with very long lines (1495), with no line terminators Hashc77d62e5470632c2c036f1802117399a a37985eeec4c561cfacb08e6f50fddb50c389440 c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5
GET /wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.4.0 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 11:52:41 GMT
etag: W/"2f80309-5d7-6148eed7153f5-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaJXOWRXWGnnQ%2Ffg4M%2FUoybNcTIf4j966z8eLgUDbzVKnzxY9L2z%2BGi776XEKbYSkmWrt3MsdAX7ptDEqLR3%2BPzH3OXxKChPL7zz0K6gOX8X1Zgkmrxc0UpRCjWi%2F%2Bq%2FSDJvtEs7qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb347f39c40b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 46 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3d02bdd4cbab5a4b7492eed563b84443
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 20:22:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fssNoJxchuOpgyYJadknJHDz%2BlpyZJn1QaHbQY5S0qRaIk4x9HLA2nZRFEMbSAATQN0HvmCLgk9i4BB9lxYfLVUFhAHbwZaXTXLlCNxkN3gaYZxP4%2BW1H5OO0g4HXXo6Xm94UO0gjjM8Y%2BznKdPAxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34860bdc56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| designingpupilintermediary.com/sbar.json?key=02705efd3f66fc00b7fe8a80cc00dee7&psid=CF-3448_1&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.59.20 | 200 OK | 9.1 kB |
URL GET HTTP/1.1designingpupilintermediary.com/sbar.json?key=02705efd3f66fc00b7fe8a80cc00dee7&psid=CF-3448_1&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdesigningpupilintermediary.com FingerprintC6:2A:2C:CE:46:0C:19:DC:3F:A3:33:F7:CD:1E:20:1D:CC:46:93:78 ValidityMon, 29 Apr 2024 08:22:29 GMT - Sun, 28 Jul 2024 08:22:28 GMT
Hash3beeb41427d5c7f57008b1423e5148c5 bda4cb34c778898f870c76c60913732308493b1c b788d839a8bf41dbf47b2d72285331a6aec18119f177f98ce2f5d4bf84210d58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=02705efd3f66fc00b7fe8a80cc00dee7&psid=CF-3448_1&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: designingpupilintermediary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22816173; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43cf519272b1f6a19b61327c926c8b25
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png | 45.133.44.9 | 200 OK | 106 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Size106 kB (105910 bytes) Hasha36b92bb68d9b579458560ba9b94862a 782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6 9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/png
content-length: 105910
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| traditionallyrecipepiteous.com/watch.327168796498.js?dev=e&key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=c17ad2d6ad77d7e07b6a4eaf69da079994c119a270a941d92f91e199f7f50fbea5b879523670c59c35498ed5ff4f800f8765ab7a47f7787af98d1ca07266df8d556327d8833919f33f51d888ed7bb40d7001332a5c1921d0ca0c52179ee54b&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.59.12 | 200 OK | 2.0 kB |
URL GET HTTP/1.1traditionallyrecipepiteous.com/watch.327168796498.js?dev=e&key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=c17ad2d6ad77d7e07b6a4eaf69da079994c119a270a941d92f91e199f7f50fbea5b879523670c59c35498ed5ff4f800f8765ab7a47f7787af98d1ca07266df8d556327d8833919f33f51d888ed7bb40d7001332a5c1921d0ca0c52179ee54b&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraditionallyrecipepiteous.com FingerprintC5:96:CF:B1:E4:A5:34:EC:37:89:CA:97:7E:35:7C:5C:00:54:6D:92 ValidityMon, 29 Apr 2024 13:00:48 GMT - Sun, 28 Jul 2024 13:00:47 GMT
File typeJavaScript source, ASCII text, with very long lines (2456) Hashded7bbff1df5d55dc10a231d94ba2a5c 81648cefe85034bb6acb388530a8b9a0ea5ac56c 4c6da2c6fb89dc5f719d71a3f88df3667d8c2855f69ec5ed1e41e93ced8e1e2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.327168796498.js?dev=e&key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=c17ad2d6ad77d7e07b6a4eaf69da079994c119a270a941d92f91e199f7f50fbea5b879523670c59c35498ed5ff4f800f8765ab7a47f7787af98d1ca07266df8d556327d8833919f33f51d888ed7bb40d7001332a5c1921d0ca0c52179ee54b&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: traditionallyrecipepiteous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
Referer: https://usstreamsgate.online/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22816233; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjIzMywiayI6IjBmN2FhNmVjMWJmMTNmNTcyMDkxYmEyMTc5ZDg5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjYsInB0Ijo0LCJwayI6Imsyd3FodGIyMTUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.XRR6ie7FIxAnZYciybisZVHgguKN6FbWM_QLUIXyGKw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs26=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1da80621aab0a5d159b981411947ad67
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| impatientliftdiploma.com/watch.1166183441780.js?key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1impatientliftdiploma.com/watch.1166183441780.js?key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectimpatientliftdiploma.com Fingerprint64:70:CB:19:1D:86:2C:EF:2A:8A:6C:AB:E1:D1:06:C2:0E:8B:2C:49 ValidityMon, 29 Apr 2024 13:13:46 GMT - Sun, 28 Jul 2024 13:13:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1166183441780.js?key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: impatientliftdiploma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Location: https://impatientliftdiploma.com/watch.1166183441780.js?dev=e&key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=d7eb4a537870b223fff613e8eb4a2e50a179d7fcbc4cd46dce6099fcae241a7a417e7806accc741f49e900f67275c351a5b98228c1333405ee9c89e8157e533e104cd0300d6b2f5dadd88a4b3398d64d4a1dc58b6d9830fd308e34f296b730&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1
Set-Cookie: u_pl=22816221; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjIyMSwiayI6IjczNGVkMzAwMzI2YTQ2NWY1MzJjOTAzODUzOTY4OGExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjcsInB0Ijo0LCJwayI6Im1wajY0cmQ5cCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Vzc3RyZWFtc2dhdGUub25saW5lLzIwMjQvMDUvMDQvY2hpY2Fnby1jdWJzLXZzLW1pbHdhdWtlZS1icmV3ZXJzLyIsImFyIjpbXX19.TEkYUPHYcqbib_M5IZ-9JHw9YAXAAS-H8tntJrkW8oI; expires=Sat, 04 May 2024 20:23:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3f9ed5c5a78854732473c576b6b55d4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/f4/5d/a9/f45da9217a040f710ab7e6eb63f725f9/1708072373.png | 45.133.44.9 | 200 OK | 55 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/f4/5d/a9/f45da9217a040f710ab7e6eb63f725f9/1708072373.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hash1a32ad655fade33771fc11663348e89c 556c19aab477a000d35caf3172e0bf98a14d56af 51cad869f8092caf3c3cb629eec029a57c38a4917388475f6da5bed9221cecaa
GET /cti/f4/5d/a9/f45da9217a040f710ab7e6eb63f725f9/1708072373.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/png
content-length: 55084
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:33:01 GMT
etag: "65cf1dbd-d72c"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg | 45.133.44.9 | 200 OK | 23 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hash9a2dc4fe2ebb70df2dfb1566d22970b8 b85a5f4ef7bd68b834d03d8b9a552e2e546e8701 1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg | 45.133.44.9 | 200 OK | 24 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hashd71c872fb9f50bd9383abc0721d1d51e 1f69b40ef2f95798b4e0fd738d630ad4319cd739 6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg | 45.133.44.9 | 200 OK | 28 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hash1dcde64d47d24d151a1433ecf4403dd7 443d6704b5a294e000084d7a8ac823e526093928 d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg | 45.133.44.9 | 200 OK | 32 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3 Hash3528385dd0c31dbd2e5bfc4af7a6bec5 832c580ffd7711115d6c036ab4232f5bd88480a4 bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/e7/7d/e1/e77de19fd6261543e2a0ed9f4bbebba8/1708070897.png | 45.133.44.9 | 200 OK | 9.0 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/e7/7d/e1/e77de19fd6261543e2a0ed9f4bbebba8/1708070897.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 160 x 300, 8-bit/color RGB, non-interlaced Hash47c3592dfe2f02e0e3c9afed695879c7 e8228719505a1f276f184d53442d05accf6aef67 118592a5ac48f4276e635c2c76cb0a0a47d8cdcc4af480a94fe3c92af35a07e5
GET /cti/e7/7d/e1/e77de19fd6261543e2a0ed9f4bbebba8/1708070897.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: image/png
content-length: 9018
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:08:26 GMT
etag: "65cf17fa-233a"
expires: Mon, 06 May 2024 20:22:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BYKgCV4CMogBFXe2u6dnesYgwRhXQtZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsQdD7IH958QgkeZcXH0c%2Fj8qPcKXr1PfTIqjoiPgh5efFNvSaXocqvh1p9%2F1%2FPO1VdlWgzqg077g3Zwrm76L3fbDfeF%2BhuCbehl3%2FVc13O9%2Boo0ItaD5RkImd3reo2u2wj8htcKMDD%2FnW3hwFIHvH9EnoLk09pD5zQkmyBNvrso7Eaus5deTwpFc23Q57s30o1UlymSRRsbB3G6e8yGtgcrD6DTnblc6P4%2FxEhOifPoAaJ091gkov72XGekIFJE%2FP8o%2BxMINYGkEzB9C5IfEIBxXFlDmty9ok1JN%2F9G6QydktrjPyDLKan9fhpp8u0FJQf161oVudSpxSCuIAcTyN4EWbGHfOsEZLkHln8MyX8my49XkSbba1ZpSH74XMRj4bGuvyQC5i4FUbe11A1if8nzWwHl1GUBi%2BYGSTmBjCdQYghqT6CwDgrpoIgdFJmDhB%2FWmed5ocsZdTtdxpo8FFGbux4NY496bruDgs3eMESeDcHUEMzcRGY%2B%2BpI3Q9GMWDCKsCGHMMWPsOsVLHdgc4I%2Br1AKgtISlJSglARlTlD2qx2urG%2Bru1zZIvKOq39cm9VY570R3dF5T6QE1AxheDXKjsiTMy%2Bd98%2Fex4Y4rLfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQFqHWzJKel89isyOSVPX%2F4CEd2DVXtg8hRo4YGWFeh6ha30h8La3Aia2B7NRUOnSqYCXFfI8hryTWekjsiZ%2BVaf%2BSWAYPvnH518JRv%2FdhLMVMhMhQ%2FlQ4Keuj2%2BpkuyfU2Xlny%2FluUykVt0tvHrOc3F%2F76%2BLDZLbfili3b41atsBszae28Lm6%2FSlMu0Z8k3FyTnwqxowwS5f8m%2BI6KrhV2%2FUJi0yFavvrZyKcmMsFbqdAIqD9b%2BBJNTUjt7av6Vnzh4EdJMYIoKSbFPjgNS74FlN2GzhXqrCYxacKLMQVlUY%2BNHi0MlCZRYzDSqYP81R4t%2BbOjsNpXVyN5Gz9RA81tIkwp9U6GvKlA1hC1OjvPM7J%2F%2F6c4sPkekauNImdp2pIz6dG7ylDxbuzFL783SW7DysB42my5td1teGFIRRoHfidsep9QP2n67TZvI7TRu3znzFwAAAP%2F%2FAQAA%2F%2F%2F%2BooAqrgQAAA%3D%3D | 172.240.108.84 | 200 OK | 7 B |
URL GET HTTP/1.1affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BYKgCV4CMogBFXe2u6dnesYgwRhXQtZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsQdD7IH958QgkeZcXH0c%2Fj8qPcKXr1PfTIqjoiPgh5efFNvSaXocqvh1p9%2F1%2FPO1VdlWgzqg077g3Zwrm76L3fbDfeF%2BhuCbehl3%2FVc13O9%2Boo0ItaD5RkImd3reo2u2wj8htcKMDD%2FnW3hwFIHvH9EnoLk09pD5zQkmyBNvrso7Eaus5deTwpFc23Q57s30o1UlymSRRsbB3G6e8yGtgcrD6DTnblc6P4%2FxEhOifPoAaJ091gkov72XGekIFJE%2FP8o%2BxMINYGkEzB9C5IfEIBxXFlDmty9ok1JN%2F9G6QydktrjPyDLKan9fhpp8u0FJQf161oVudSpxSCuIAcTyN4EWbGHfOsEZLkHln8MyX8my49XkSbba1ZpSH74XMRj4bGuvyQC5i4FUbe11A1if8nzWwHl1GUBi%2BYGSTmBjCdQYghqT6CwDgrpoIgdFJmDhB%2FWmed5ocsZdTtdxpo8FFGbux4NY496bruDgs3eMESeDcHUEMzcRGY%2B%2BpI3Q9GMWDCKsCGHMMWPsOsVLHdgc4I%2Br1AKgtISlJSglARlTlD2qx2urG%2Bru1zZIvKOq39cm9VY570R3dF5T6QE1AxheDXKjsiTMy%2Bd98%2Fex4Y4rLfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQFqHWzJKel89isyOSVPX%2F4CEd2DVXtg8hRo4YGWFeh6ha30h8La3Aia2B7NRUOnSqYCXFfI8hryTWekjsiZ%2BVaf%2BSWAYPvnH518JRv%2FdhLMVMhMhQ%2FlQ4Keuj2%2BpkuyfU2Xlny%2FluUykVt0tvHrOc3F%2F76%2BLDZLbfili3b41atsBszae28Lm6%2FSlMu0Z8k3FyTnwqxowwS5f8m%2BI6KrhV2%2FUJi0yFavvrZyKcmMsFbqdAIqD9b%2BBJNTUjt7av6Vnzh4EdJMYIoKSbFPjgNS74FlN2GzhXqrCYxacKLMQVlUY%2BNHi0MlCZRYzDSqYP81R4t%2BbOjsNpXVyN5Gz9RA81tIkwp9U6GvKlA1hC1OjvPM7J%2F%2F6c4sPkekauNImdp2pIz6dG7ylDxbuzFL783SW7DysB42my5td1teGFIRRoHfidsep9QP2n67TZvI7TRu3znzFwAAAP%2F%2FAQAA%2F%2F%2F%2BooAqrgQAAA%3D%3D IP172.240.108.84:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectaffairsthin.com FingerprintAC:A1:40:58:37:8B:A3:C4:2D:E5:1B:D8:7A:F3:83:50:65:BD:1D:AB ValidityMon, 29 Apr 2024 08:45:52 GMT - Sun, 28 Jul 2024 08:45:51 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BYKgCV4CMogBFXe2u6dnesYgwRhXQtZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsQdD7IH958QgkeZcXH0c%2Fj8qPcKXr1PfTIqjoiPgh5efFNvSaXocqvh1p9%2F1%2FPO1VdlWgzqg077g3Zwrm76L3fbDfeF%2BhuCbehl3%2FVc13O9%2Boo0ItaD5RkImd3reo2u2wj8htcKMDD%2FnW3hwFIHvH9EnoLk09pD5zQkmyBNvrso7Eaus5deTwpFc23Q57s30o1UlymSRRsbB3G6e8yGtgcrD6DTnblc6P4%2FxEhOifPoAaJ091gkov72XGekIFJE%2FP8o%2BxMINYGkEzB9C5IfEIBxXFlDmty9ok1JN%2F9G6QydktrjPyDLKan9fhpp8u0FJQf161oVudSpxSCuIAcTyN4EWbGHfOsEZLkHln8MyX8my49XkSbba1ZpSH74XMRj4bGuvyQC5i4FUbe11A1if8nzWwHl1GUBi%2BYGSTmBjCdQYghqT6CwDgrpoIgdFJmDhB%2FWmed5ocsZdTtdxpo8FFGbux4NY496bruDgs3eMESeDcHUEMzcRGY%2B%2BpI3Q9GMWDCKsCGHMMWPsOsVLHdgc4I%2Br1AKgtISlJSglARlTlD2qx2urG%2Bru1zZIvKOq39cm9VY570R3dF5T6QE1AxheDXKjsiTMy%2Bd98%2Fex4Y4rLfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQFqHWzJKel89isyOSVPX%2F4CEd2DVXtg8hRo4YGWFeh6ha30h8La3Aia2B7NRUOnSqYCXFfI8hryTWekjsiZ%2BVaf%2BSWAYPvnH518JRv%2FdhLMVMhMhQ%2FlQ4Keuj2%2BpkuyfU2Xlny%2FluUykVt0tvHrOc3F%2F76%2BLDZLbfili3b41atsBszae28Lm6%2FSlMu0Z8k3FyTnwqxowwS5f8m%2BI6KrhV2%2FUJi0yFavvrZyKcmMsFbqdAIqD9b%2BBJNTUjt7av6Vnzh4EdJMYIoKSbFPjgNS74FlN2GzhXqrCYxacKLMQVlUY%2BNHi0MlCZRYzDSqYP81R4t%2BbOjsNpXVyN5Gz9RA81tIkwp9U6GvKlA1hC1OjvPM7J%2F%2F6c4sPkekauNImdp2pIz6dG7ylDxbuzFL783SW7DysB42my5td1teGFIRRoHfidsep9QP2n67TZvI7TRu3znzFwAAAP%2F%2FAQAA%2F%2F%2F%2BooAqrgQAAA%3D%3D HTTP/1.1
Host: affairsthin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816189; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec578809753307c1950fc30d78bf8d1031=[2019380,2229333,2229337,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8b9f11519c504fada81931e226210ef
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| designingpupilintermediary.com/ren.gif?sid=H4sIAAAAAAAC%2F4xSz4sc1Ra%2BPZnN473Ni8FNCBR2ElTsnqrq6uruxDCYmYyMGWdiMuoIQrx1762em75Vt7j3VlfPLCQYkOxs4iKoIDWnZxKjiT%2FQhQsN0hNwMRBIZ9WCs%2FAfcCFk4Uq6HRxdmbM55%2FAdON%2F3nfPuRrqLXEjxcPZluc6FwFPVsm09veI4J60FHqcdq1P3L%2FreSUu1TzT8sv2M9SIjLTnl2o5tO7ZjzXHFQtmZGoHAk9sNp9ywy55bdqoedNQ%2Fe50WQOMC0PYuOgicDibvFQ4BJ32Ioy9nmW4ZmTx3JkoFNlJBm958NW7FMosh2i9DVYAwvrk3DVI%2FmLsLMt4a0wXZ%2Fmsw4ANU%2BPEuBPHNPZIQtDfHPAMBLIaA%2Fheydh%2BY6APHfSDyCnD6AAEQCotLEEc3FqXK8NqfKB6hAzT56Dfg2QBN%2FnwI4ujz04J3rAtSpIbLWEMnzIF3%2BsCbfUjSbTDrE8CzbSDmHeD0Ppp6tABxtLmkhQROh0cDGjKHNNwS84hd8oJGtdTwQrfkuFUPU2wTjwRjgzjvAw%2F7IFgXsJ6AVBcg5QVIwwKkSQEiOrSI4zg1mxJs1xuEVGiNBT61HVwLHezYfh1SMtLQBZN0gYguEHUZEnUZWrwLKv0B9GoOmh4AbQao8MplaNMcMoYg0wgyjCDjCDKDIGvnW1RoV%2Bc3qNBp4Oxldy9X8p40zQ28JU2TxQiw6oKi%2BUayi%2F4%2FMrHw5rE70GJDy3ZrdpWFtBL6fkhsO6iFrI7rNiG2TRmrgea3ZuZKFc%2BrX3SA6wnAugDrfIDq1x9CwgfoybMfQ4C3QYttIPwJwOkRwFkOeDWH9fibVGujGI50ExtWlrHgMQMqc0jMJJi1wobYRYfHd5196wYwsjN958hHNkIIiMohUTlc4vcQNMXV3nmZoc3zMtPoq6XE8Iiv49HNLxhsGPr0LFvLpKLzs7p76wUyAkbl7WWmzQKOKY%2BbGn12mlPK1JxUhKHv5%2FXrLDiX6tXTqYrTZOHczNx8lCimNZdxHzB%2F0HkeCB%2Bg%2F%2F20Mn7mY%2Ff%2FA1xtg0qHL60ak%2BgTU1OdSJTaXpkImQaYtErOnsYpIjhpTfNTa4t%2B1byxSJ9dbl20jyennJrj1aueU3PKbqXqOhWI0p3pHj9ojURz2QeSXPmkWJyfWVosFocr%2F7rIrKZREGMuHmfZcR41zSlOZHyrWFyeX144Uyx%2B%2FcuH%2Ba%2FfvmdJLeQJ6zWsNBNfFIuzZy7MnJ8%2Ftzw%2F5vHUUpJQbJiyKDfGwrHhba5SnSjZVDiy4u0t0MkO2gvQEoES%2B32QFCB7HN8S3mGPJaWn3GBneuV9892lt38HwREItr8PBznov%2FXBft1TOB0eJdWAYurZJUIbfsmznUqpbodByas4DVwN6p5tBz2Feb6hr0JTTQA2VyCOcmirHNoiByy6oNMDPZOonemHlXFAICZ6gVATm4FQ4tr4qQfo7PVroPnQqlUqNvYbVadWw6wWeG499B2Ksev5ru%2FjChg9CP0PDv8BAAD%2F%2FwEAAP%2F%2F9S8uXRYGAAA%3D | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1designingpupilintermediary.com/ren.gif?sid=H4sIAAAAAAAC%2F4xSz4sc1Ra%2BPZnN473Ni8FNCBR2ElTsnqrq6uruxDCYmYyMGWdiMuoIQrx1762em75Vt7j3VlfPLCQYkOxs4iKoIDWnZxKjiT%2FQhQsN0hNwMRBIZ9WCs%2FAfcCFk4Uq6HRxdmbM55%2FAdON%2F3nfPuRrqLXEjxcPZluc6FwFPVsm09veI4J60FHqcdq1P3L%2FreSUu1TzT8sv2M9SIjLTnl2o5tO7ZjzXHFQtmZGoHAk9sNp9ywy55bdqoedNQ%2Fe50WQOMC0PYuOgicDibvFQ4BJ32Ioy9nmW4ZmTx3JkoFNlJBm958NW7FMosh2i9DVYAwvrk3DVI%2FmLsLMt4a0wXZ%2Fmsw4ANU%2BPEuBPHNPZIQtDfHPAMBLIaA%2Fheydh%2BY6APHfSDyCnD6AAEQCotLEEc3FqXK8NqfKB6hAzT56Dfg2QBN%2FnwI4ujz04J3rAtSpIbLWEMnzIF3%2BsCbfUjSbTDrE8CzbSDmHeD0Ppp6tABxtLmkhQROh0cDGjKHNNwS84hd8oJGtdTwQrfkuFUPU2wTjwRjgzjvAw%2F7IFgXsJ6AVBcg5QVIwwKkSQEiOrSI4zg1mxJs1xuEVGiNBT61HVwLHezYfh1SMtLQBZN0gYguEHUZEnUZWrwLKv0B9GoOmh4AbQao8MplaNMcMoYg0wgyjCDjCDKDIGvnW1RoV%2Bc3qNBp4Oxldy9X8p40zQ28JU2TxQiw6oKi%2BUayi%2F4%2FMrHw5rE70GJDy3ZrdpWFtBL6fkhsO6iFrI7rNiG2TRmrgea3ZuZKFc%2BrX3SA6wnAugDrfIDq1x9CwgfoybMfQ4C3QYttIPwJwOkRwFkOeDWH9fibVGujGI50ExtWlrHgMQMqc0jMJJi1wobYRYfHd5196wYwsjN958hHNkIIiMohUTlc4vcQNMXV3nmZoc3zMtPoq6XE8Iiv49HNLxhsGPr0LFvLpKLzs7p76wUyAkbl7WWmzQKOKY%2BbGn12mlPK1JxUhKHv5%2FXrLDiX6tXTqYrTZOHczNx8lCimNZdxHzB%2F0HkeCB%2Bg%2F%2F20Mn7mY%2Ff%2FA1xtg0qHL60ak%2BgTU1OdSJTaXpkImQaYtErOnsYpIjhpTfNTa4t%2B1byxSJ9dbl20jyennJrj1aueU3PKbqXqOhWI0p3pHj9ojURz2QeSXPmkWJyfWVosFocr%2F7rIrKZREGMuHmfZcR41zSlOZHyrWFyeX144Uyx%2B%2FcuH%2Ba%2FfvmdJLeQJ6zWsNBNfFIuzZy7MnJ8%2Ftzw%2F5vHUUpJQbJiyKDfGwrHhba5SnSjZVDiy4u0t0MkO2gvQEoES%2B32QFCB7HN8S3mGPJaWn3GBneuV9892lt38HwREItr8PBznov%2FXBft1TOB0eJdWAYurZJUIbfsmznUqpbodByas4DVwN6p5tBz2Feb6hr0JTTQA2VyCOcmirHNoiByy6oNMDPZOonemHlXFAICZ6gVATm4FQ4tr4qQfo7PVroPnQqlUqNvYbVadWw6wWeG499B2Ksev5ru%2FjChg9CP0PDv8BAAD%2F%2FwEAAP%2F%2F9S8uXRYGAAA%3D IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdesigningpupilintermediary.com FingerprintC6:2A:2C:CE:46:0C:19:DC:3F:A3:33:F7:CD:1E:20:1D:CC:46:93:78 ValidityMon, 29 Apr 2024 08:22:29 GMT - Sun, 28 Jul 2024 08:22:28 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F4xSz4sc1Ra%2BPZnN473Ni8FNCBR2ElTsnqrq6uruxDCYmYyMGWdiMuoIQrx1762em75Vt7j3VlfPLCQYkOxs4iKoIDWnZxKjiT%2FQhQsN0hNwMRBIZ9WCs%2FAfcCFk4Uq6HRxdmbM55%2FAdON%2F3nfPuRrqLXEjxcPZluc6FwFPVsm09veI4J60FHqcdq1P3L%2FreSUu1TzT8sv2M9SIjLTnl2o5tO7ZjzXHFQtmZGoHAk9sNp9ywy55bdqoedNQ%2Fe50WQOMC0PYuOgicDibvFQ4BJ32Ioy9nmW4ZmTx3JkoFNlJBm958NW7FMosh2i9DVYAwvrk3DVI%2FmLsLMt4a0wXZ%2Fmsw4ANU%2BPEuBPHNPZIQtDfHPAMBLIaA%2Fheydh%2BY6APHfSDyCnD6AAEQCotLEEc3FqXK8NqfKB6hAzT56Dfg2QBN%2FnwI4ujz04J3rAtSpIbLWEMnzIF3%2BsCbfUjSbTDrE8CzbSDmHeD0Ppp6tABxtLmkhQROh0cDGjKHNNwS84hd8oJGtdTwQrfkuFUPU2wTjwRjgzjvAw%2F7IFgXsJ6AVBcg5QVIwwKkSQEiOrSI4zg1mxJs1xuEVGiNBT61HVwLHezYfh1SMtLQBZN0gYguEHUZEnUZWrwLKv0B9GoOmh4AbQao8MplaNMcMoYg0wgyjCDjCDKDIGvnW1RoV%2Bc3qNBp4Oxldy9X8p40zQ28JU2TxQiw6oKi%2BUayi%2F4%2FMrHw5rE70GJDy3ZrdpWFtBL6fkhsO6iFrI7rNiG2TRmrgea3ZuZKFc%2BrX3SA6wnAugDrfIDq1x9CwgfoybMfQ4C3QYttIPwJwOkRwFkOeDWH9fibVGujGI50ExtWlrHgMQMqc0jMJJi1wobYRYfHd5196wYwsjN958hHNkIIiMohUTlc4vcQNMXV3nmZoc3zMtPoq6XE8Iiv49HNLxhsGPr0LFvLpKLzs7p76wUyAkbl7WWmzQKOKY%2BbGn12mlPK1JxUhKHv5%2FXrLDiX6tXTqYrTZOHczNx8lCimNZdxHzB%2F0HkeCB%2Bg%2F%2F20Mn7mY%2Ff%2FA1xtg0qHL60ak%2BgTU1OdSJTaXpkImQaYtErOnsYpIjhpTfNTa4t%2B1byxSJ9dbl20jyennJrj1aueU3PKbqXqOhWI0p3pHj9ojURz2QeSXPmkWJyfWVosFocr%2F7rIrKZREGMuHmfZcR41zSlOZHyrWFyeX144Uyx%2B%2FcuH%2Ba%2FfvmdJLeQJ6zWsNBNfFIuzZy7MnJ8%2Ftzw%2F5vHUUpJQbJiyKDfGwrHhba5SnSjZVDiy4u0t0MkO2gvQEoES%2B32QFCB7HN8S3mGPJaWn3GBneuV9892lt38HwREItr8PBznov%2FXBft1TOB0eJdWAYurZJUIbfsmznUqpbodByas4DVwN6p5tBz2Feb6hr0JTTQA2VyCOcmirHNoiByy6oNMDPZOonemHlXFAICZ6gVATm4FQ4tr4qQfo7PVroPnQqlUqNvYbVadWw6wWeG499B2Ksev5ru%2FjChg9CP0PDv8BAAD%2F%2FwEAAP%2F%2F9S8uXRYGAAA%3D HTTP/1.1
Host: designingpupilintermediary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816173; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95926377a21d76e6b51d9a8b49831678
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| sunflowercoastlineprobe.com/watch.1267507295947.js?key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.61.225 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1sunflowercoastlineprobe.com/watch.1267507295947.js?key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectsunflowercoastlineprobe.com Fingerprint3B:6A:63:2D:99:C7:E1:7E:7A:14:16:8D:76:48:71:7A:A1:46:52:76 ValidityMon, 29 Apr 2024 13:07:49 GMT - Sun, 28 Jul 2024 13:07:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1267507295947.js?key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Location: https://sunflowercoastlineprobe.com/watch.1267507295947.js?dev=e&key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=94d4e3f34eb430e71f29fe019223245586c2b21be987b3053a61d3970a394f27ecfb5792f53a9b83da99dd5953c5c0bc6525f0438c6316539a865a235842419ef302ba8c2c22a187e8a125a44aa51ab22012316eb3dd1d9468db9fbede983d&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1
Set-Cookie: u_pl=22816244; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjI0NCwiayI6ImJhYTQ5YTkwZjQ3OWExNWIyNTY5MmRjODFjNjczOTJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MzIsInB0Ijo0LCJwayI6InFhbXVjdXZ1djEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.RbRlg-NDdhbXhfeUXH_yUd0GsA3etr6ZG-9xcztEkKU; expires=Sat, 04 May 2024 20:23:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2aaed4610425e64a6c6d5c4d3877dc0c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTuaU7%2BWrCV4CMogBBXe2u6dnesYgwRg3hKzZmBhUEKS6qnpSbnVXU9U9PRkv0YDkOAdB4kF63myy%2FghBwWuCzAaCLIo7HmQPLvgXeBCCR5lxcfVz6M%2Fn9XsFr96nPhoXe8RHQXfPvKaHUim63Gq49efe8ryT9VWZFoP6oNN%2Btx2crJv%2Bi912w32%2Bflawdb3su57req5XX5FGxHqwPCchs7tdr9F1G4Hf8FoBBua%2F2BYOLHXA%2B3vkSUg%2Bqz10jkGyKdLk6zPCruc6e%2BHVpFA01wZ9vnklXU91mSI5GGPjIE4399XQdmflAXR6e2EXuv%2BPMJIz4jx6gCjd3DeJqL%2Bx8BkpiBQR%2Fx%2FK%2FhRCTSHpFEzfgOQ7BGAcF9aQJncuaFPSa3%2BzdM7OSO3xH5DljNR%2BPYY0uXdayUH9slZFLnVqMYgryMEUsjdFVmwhHx6CLLfA8g8h%2BY9k%2BfEq0mRjzSoNyXefjXgsPNb1l0TA3KUg6raWukHsL3l%2BK6Ccuixg0SIgKaeQ8RRKjEDtIRTWQSEdFLGDInOQ8N068zwvdDmjbqfLWJOHImpz16Nh7FHPbXdQsPkdRsizEZgagZnryMwHn%2FNmKJoRC8YR1uUIpvgO9moFyx3YnKDPK5SCoLQEJSUoJUGZE5T96jZX1rfVHa5sEXn73d%2FvzWqi896Y3tZ5T6QE1IxgeDXO9sgT8yydd07cx7rYrbfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQRqHQzljHQ%2B%2BRmZnJGnzn%2BGiG7Bqi0weRS08EDLCvRqhWH6bWFtbgRNbI%2FmoqFTJVMBritkeQ35NWes9sjxxVafqb0NwbZPPTryUjb55QiYqZCZCu%2FJhwQ9dXNySZdk45IuLflmLctlIod0vvHLOc3F4S%2FPi2ulNvzcGTv64mU2J%2Bbj3TeEzVdpymXas%2BSr05JzYVa0YYLcP2ffFNHFwl49XZi0yFYvvrJyLsmMsFbqdAoqd9b%2BBJMzUjtxdPGU%2F%2F%2FD75BmClNUSIptsl%2BQegssuw6bbZ%2FKh7%2BdvXfsfVhNYNSBJsoOoyyqifGjg59KEihxgGlUwf4LRwfzxND5aSqrsb2JnqmB5jeQJhX6pkJfVaBqBFscmeSZ2T71%2Fa15fYpI1SaRMrWNSBn18Yw8%2FVMwT%2FrKIu7553VYuVsPm02XtrstLwypCKPA78Rtj1PqB22%2F3aZN5HYWt28d%2FwsAAP%2F%2FAQAA%2F%2F%2F6jImfrgQAAA%3D%3D | 172.240.108.84 | 200 OK | 7 B |
URL GET HTTP/1.1affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTuaU7%2BWrCV4CMogBBXe2u6dnesYgwRg3hKzZmBhUEKS6qnpSbnVXU9U9PRkv0YDkOAdB4kF63myy%2FghBwWuCzAaCLIo7HmQPLvgXeBCCR5lxcfVz6M%2Fn9XsFr96nPhoXe8RHQXfPvKaHUim63Gq49efe8ryT9VWZFoP6oNN%2Btx2crJv%2Bi912w32%2Bflawdb3su57req5XX5FGxHqwPCchs7tdr9F1G4Hf8FoBBua%2F2BYOLHXA%2B3vkSUg%2Bqz10jkGyKdLk6zPCruc6e%2BHVpFA01wZ9vnklXU91mSI5GGPjIE4399XQdmflAXR6e2EXuv%2BPMJIz4jx6gCjd3DeJqL%2Bx8BkpiBQR%2Fx%2FK%2FhRCTSHpFEzfgOQ7BGAcF9aQJncuaFPSa3%2BzdM7OSO3xH5DljNR%2BPYY0uXdayUH9slZFLnVqMYgryMEUsjdFVmwhHx6CLLfA8g8h%2BY9k%2BfEq0mRjzSoNyXefjXgsPNb1l0TA3KUg6raWukHsL3l%2BK6Ccuixg0SIgKaeQ8RRKjEDtIRTWQSEdFLGDInOQ8N068zwvdDmjbqfLWJOHImpz16Nh7FHPbXdQsPkdRsizEZgagZnryMwHn%2FNmKJoRC8YR1uUIpvgO9moFyx3YnKDPK5SCoLQEJSUoJUGZE5T96jZX1rfVHa5sEXn73d%2FvzWqi896Y3tZ5T6QE1IxgeDXO9sgT8yydd07cx7rYrbfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQRqHQzljHQ%2B%2BRmZnJGnzn%2BGiG7Bqi0weRS08EDLCvRqhWH6bWFtbgRNbI%2FmoqFTJVMBritkeQ35NWes9sjxxVafqb0NwbZPPTryUjb55QiYqZCZCu%2FJhwQ9dXNySZdk45IuLflmLctlIod0vvHLOc3F4S%2FPi2ulNvzcGTv64mU2J%2Bbj3TeEzVdpymXas%2BSr05JzYVa0YYLcP2ffFNHFwl49XZi0yFYvvrJyLsmMsFbqdAoqd9b%2BBJMzUjtxdPGU%2F%2F%2FD75BmClNUSIptsl%2BQegssuw6bbZ%2FKh7%2BdvXfsfVhNYNSBJsoOoyyqifGjg59KEihxgGlUwf4LRwfzxND5aSqrsb2JnqmB5jeQJhX6pkJfVaBqBFscmeSZ2T71%2Fa15fYpI1SaRMrWNSBn18Yw8%2FVMwT%2FrKIu7553VYuVsPm02XtrstLwypCKPA78Rtj1PqB22%2F3aZN5HYWt28d%2FwsAAP%2F%2FAQAA%2F%2F%2F6jImfrgQAAA%3D%3D IP172.240.108.84:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectaffairsthin.com FingerprintAC:A1:40:58:37:8B:A3:C4:2D:E5:1B:D8:7A:F3:83:50:65:BD:1D:AB ValidityMon, 29 Apr 2024 08:45:52 GMT - Sun, 28 Jul 2024 08:45:51 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTuaU7%2BWrCV4CMogBBXe2u6dnesYgwRg3hKzZmBhUEKS6qnpSbnVXU9U9PRkv0YDkOAdB4kF63myy%2FghBwWuCzAaCLIo7HmQPLvgXeBCCR5lxcfVz6M%2Fn9XsFr96nPhoXe8RHQXfPvKaHUim63Gq49efe8ryT9VWZFoP6oNN%2Btx2crJv%2Bi912w32%2Bflawdb3su57req5XX5FGxHqwPCchs7tdr9F1G4Hf8FoBBua%2F2BYOLHXA%2B3vkSUg%2Bqz10jkGyKdLk6zPCruc6e%2BHVpFA01wZ9vnklXU91mSI5GGPjIE4399XQdmflAXR6e2EXuv%2BPMJIz4jx6gCjd3DeJqL%2Bx8BkpiBQR%2Fx%2FK%2FhRCTSHpFEzfgOQ7BGAcF9aQJncuaFPSa3%2BzdM7OSO3xH5DljNR%2BPYY0uXdayUH9slZFLnVqMYgryMEUsjdFVmwhHx6CLLfA8g8h%2BY9k%2BfEq0mRjzSoNyXefjXgsPNb1l0TA3KUg6raWukHsL3l%2BK6Ccuixg0SIgKaeQ8RRKjEDtIRTWQSEdFLGDInOQ8N068zwvdDmjbqfLWJOHImpz16Nh7FHPbXdQsPkdRsizEZgagZnryMwHn%2FNmKJoRC8YR1uUIpvgO9moFyx3YnKDPK5SCoLQEJSUoJUGZE5T96jZX1rfVHa5sEXn73d%2FvzWqi896Y3tZ5T6QE1IxgeDXO9sgT8yydd07cx7rYrbfCTsfthq1m0w2Z1225MWu6POxEcYd7btODlRWkPQRqHQzljHQ%2B%2BRmZnJGnzn%2BGiG7Bqi0weRS08EDLCvRqhWH6bWFtbgRNbI%2FmoqFTJVMBritkeQ35NWes9sjxxVafqb0NwbZPPTryUjb55QiYqZCZCu%2FJhwQ9dXNySZdk45IuLflmLctlIod0vvHLOc3F4S%2FPi2ulNvzcGTv64mU2J%2Bbj3TeEzVdpymXas%2BSr05JzYVa0YYLcP2ffFNHFwl49XZi0yFYvvrJyLsmMsFbqdAoqd9b%2BBJMzUjtxdPGU%2F%2F%2FD75BmClNUSIptsl%2BQegssuw6bbZ%2FKh7%2BdvXfsfVhNYNSBJsoOoyyqifGjg59KEihxgGlUwf4LRwfzxND5aSqrsb2JnqmB5jeQJhX6pkJfVaBqBFscmeSZ2T71%2Fa15fYpI1SaRMrWNSBn18Yw8%2FVMwT%2FrKIu7553VYuVsPm02XtrstLwypCKPA78Rtj1PqB22%2F3aZN5HYWt28d%2FwsAAP%2F%2FAQAA%2F%2F%2F6jImfrgQAAA%3D%3D HTTP/1.1
Host: affairsthin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816189; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec578809753307c1950fc30d78bf8d1031=[2019380,2229333,2229337,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: daae7a483c86443b9699815ff34123f0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| impatientliftdiploma.com/watch.1166183441780.js?dev=e&key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=d7eb4a537870b223fff613e8eb4a2e50a179d7fcbc4cd46dce6099fcae241a7a417e7806accc741f49e900f67275c351a5b98228c1333405ee9c89e8157e533e104cd0300d6b2f5dadd88a4b3398d64d4a1dc58b6d9830fd308e34f296b730&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.59.20 | 200 OK | 2.0 kB |
URL GET HTTP/1.1impatientliftdiploma.com/watch.1166183441780.js?dev=e&key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=d7eb4a537870b223fff613e8eb4a2e50a179d7fcbc4cd46dce6099fcae241a7a417e7806accc741f49e900f67275c351a5b98228c1333405ee9c89e8157e533e104cd0300d6b2f5dadd88a4b3398d64d4a1dc58b6d9830fd308e34f296b730&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectimpatientliftdiploma.com Fingerprint64:70:CB:19:1D:86:2C:EF:2A:8A:6C:AB:E1:D1:06:C2:0E:8B:2C:49 ValidityMon, 29 Apr 2024 13:13:46 GMT - Sun, 28 Jul 2024 13:13:45 GMT
File typeJavaScript source, ASCII text, with very long lines (2460) Hashb275a414b55808b5a65508c60d2720c2 1e734f055e37a9ff51b53599222d40ffb2e2a8fd 01567a124bba8e74d155580f2cf2f55b7da2ada7c4faed2f91d34185a8140064
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1166183441780.js?dev=e&key=734ed300326a465f532c9038539688a1&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=d7eb4a537870b223fff613e8eb4a2e50a179d7fcbc4cd46dce6099fcae241a7a417e7806accc741f49e900f67275c351a5b98228c1333405ee9c89e8157e533e104cd0300d6b2f5dadd88a4b3398d64d4a1dc58b6d9830fd308e34f296b730&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: impatientliftdiploma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
Referer: https://usstreamsgate.online/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22816221; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjIyMSwiayI6IjczNGVkMzAwMzI2YTQ2NWY1MzJjOTAzODUzOTY4OGExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjcsInB0Ijo0LCJwayI6Im1wajY0cmQ5cCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Vzc3RyZWFtc2dhdGUub25saW5lLzIwMjQvMDUvMDQvY2hpY2Fnby1jdWJzLXZzLW1pbHdhdWtlZS1icmV3ZXJzLyIsImFyIjpbXX19.TEkYUPHYcqbib_M5IZ-9JHw9YAXAAS-H8tntJrkW8oI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 378d90707a61f4e09ea3e1e85bb520bd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.108.84:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab7abf68e30c94486327f9b664d68fe7
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| pl21299698.profitablegatecpm.com/aa/16/c4/aa16c4ecfa25b37119af0dc80faaaf01.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1pl21299698.profitablegatecpm.com/aa/16/c4/aa16c4ecfa25b37119af0dc80faaaf01.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf965627745a2ebea648b1b9209d050e5 e7b1ad35a7b3e23ce84cebdbce6a575f1fa01387 19b43471d24bf51301ad5837604d2614829c901d84509703a16e7352f1add23d
GET /aa/16/c4/aa16c4ecfa25b37119af0dc80faaaf01.js HTTP/1.1
Host: pl21299698.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 550380f3e5b4f36b1caf3541d645297b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png IP188.114.97.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced Hash9e4414e85c588bf7db195e49c02ab2bb 09254e79b255f1b2dfe45adbbe44583a4b433782 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: "65aa86f3-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 360162
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnI0maEM6dSpYXJUa0GL5vZ4GIxaNWoKgg4nnEFkMUyRWIEljYD4VS%2BuqMMaKWU8AIGE2VIrD%2FoiQMmK3SUyJ2YOHwZcFEo6IfdvwrZ2ePNqWuAslXb07K8suhfhWe%2BQa9UE43ZssgZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb348f7e6756ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png IP188.114.97.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced Hash79d4fc0209580bf8b6a7190bd944f9e5 7377bfc3095b86ac5d220c5052d9b9f7a44e5506 39724e1379deb5afe7ea9139a57b6e9ada37d9db28302083b23c941ebf40b8d1
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: image/png
content-length: 6318
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: "65aa86f3-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 360162
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2GN2q%2FZ80UYf5QSCohP3AqLEyZl9E0jbI0tgBmDsu9KykVliSpBBGFrUvNv070d6BY3LfBcteShIu5xiXJ67kycf9ZVw1cp8i8AX27mHuX5Yn9%2FAlJMpNVucvVTL7%2FmmtjeiwE8Eq%2FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb348f6e6356ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sunflowercoastlineprobe.com/watch.1267507295947.js?dev=e&key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=94d4e3f34eb430e71f29fe019223245586c2b21be987b3053a61d3970a394f27ecfb5792f53a9b83da99dd5953c5c0bc6525f0438c6316539a865a235842419ef302ba8c2c22a187e8a125a44aa51ab22012316eb3dd1d9468db9fbede983d&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.61.225 | 200 OK | 2.0 kB |
URL GET HTTP/1.1sunflowercoastlineprobe.com/watch.1267507295947.js?dev=e&key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=94d4e3f34eb430e71f29fe019223245586c2b21be987b3053a61d3970a394f27ecfb5792f53a9b83da99dd5953c5c0bc6525f0438c6316539a865a235842419ef302ba8c2c22a187e8a125a44aa51ab22012316eb3dd1d9468db9fbede983d&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectsunflowercoastlineprobe.com Fingerprint3B:6A:63:2D:99:C7:E1:7E:7A:14:16:8D:76:48:71:7A:A1:46:52:76 ValidityMon, 29 Apr 2024 13:07:49 GMT - Sun, 28 Jul 2024 13:07:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2456) Hashe26c95f8d9880a355c2622058ff76c61 1ed578442bb7ddcc1d42a7724907572b18a16010 48e8b4c3850262de280e27f1bf5289c61f15652209705c2d7101ff3faae74419
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1267507295947.js?dev=e&key=baa49a90f479a15b25692dc81c67392f&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=94d4e3f34eb430e71f29fe019223245586c2b21be987b3053a61d3970a394f27ecfb5792f53a9b83da99dd5953c5c0bc6525f0438c6316539a865a235842419ef302ba8c2c22a187e8a125a44aa51ab22012316eb3dd1d9468db9fbede983d&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
Referer: https://usstreamsgate.online/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22816244; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjI0NCwiayI6ImJhYTQ5YTkwZjQ3OWExNWIyNTY5MmRjODFjNjczOTJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MzIsInB0Ijo0LCJwayI6InFhbXVjdXZ1djEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.RbRlg-NDdhbXhfeUXH_yUd0GsA3etr6ZG-9xcztEkKU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:52 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:52 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 05 May 2024 20:22:52 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 05 May 2024 20:22:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35a5d663cabbc22403fdb8715d387462
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BV7UBC8BGcSAgjvb3dMzPWOQYIwrS9ZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsUdD7IH9z%2FwJASPMpvF0c%2BhP5%2FX7xW8ep%2F6eFQcEh8FPbj4ht6UStHFVsOtP%2F%2BO552rr8i0GNQHnfb77eBc3fRf6rYb7gv11wVb14u%2B67mu53r1JWlErAeLMxIyu9v1Gl23EfgNrxVgYP6LbeHAUge8f0ieguTT2gPnNCSbIE2%2BvSjseq6zF19LCkVzbdDnO9fT9VSXKZL5GBsHcbpzrIa2%2B0v3odPtI7vQ%2FX%2BEkZwS5%2BF9ROnOsUlE%2Fa0jn5GCSBHx%2F6PsTyDUBJJOwPRNSL5PAMZxeRVpcueyNiXdeMzSGTsltUd%2FQpZTUvv9NNLkmwtKDurXtCpyqVOLQVxBDiaQvQmyYhf55gnIchcs%2FwiS%2F0wWH60gTbZWrdKQ%2FOC5iMfCY11%2FQQTMXQiibmuhG8T%2Bgue3AsqpywIWHQUk5QQynkCJIag9gcI6KKSDInZQZA4SflBnnueFLmfU7XQZa%2FJQRG3uejSMPeq57Q4KNrvDEHk2BFNDMHMDmfnwC94MRTNiwSjCuhzCFD%2FArlWw3IHNCfq8QikISktQUoJSEpQ5Qdmvtrmyvq3ucGWLyDvu%2FnFvVmOd90Z0W%2Bc9kRJQM4Th1Sg7JE%2FOsnTeO3sP6%2BKg3go7HbcbtppNN2Ret%2BXGrOnysBPFHe65TQ9WVpD2BKh1sCmnpPPpr8jklDx96XNEdBdW7YLJU6CFB1pWoGsVNtPvC2tzI2hiezQXDZ0qmQpwXSHLa8g3nJE6JGeOtvps7U0Itnf%2B4cmXs%2FFvJ8FMhcxU%2BEA%2BIOipW%2BOruiRbV3VpyXerWS4TuUlnG7%2BW01z876tLYqPUhi9ftMMvX2EzYjbefUvYfIWmXKY9S76%2BIDkXZkkbJsi9Zfu2iK4Udu1CYdIiW7ny6tJykhlhrdTpBFTur%2F4FJqekdvbU0VN%2B4qc%2FIM0EpqiQFHvkuCD1Llh2Azabu7eawKi5JspqKItqbPxo%2FlNJAiXmmEYV7L9wNJ%2FHhs5OU1mN7C30TA00v4k0qdA3FfqqAlVD2OLkOM%2FM3vkfb8%2FqM0SqNo6UqW1FyqhPpuSZX4JZ0tdnn3cfZ27lQT1sNl3a7ra8MKQijAK%2FE7c9TqkftP12mzaR22ncvn3mbwAAAP%2F%2FAQAA%2F%2F%2B6MoJdrgQAAA%3D%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BV7UBC8BGcSAgjvb3dMzPWOQYIwrS9ZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsUdD7IH9z%2FwJASPMpvF0c%2BhP5%2FX7xW8ep%2F6eFQcEh8FPbj4ht6UStHFVsOtP%2F%2BO552rr8i0GNQHnfb77eBc3fRf6rYb7gv11wVb14u%2B67mu53r1JWlErAeLMxIyu9v1Gl23EfgNrxVgYP6LbeHAUge8f0ieguTT2gPnNCSbIE2%2BvSjseq6zF19LCkVzbdDnO9fT9VSXKZL5GBsHcbpzrIa2%2B0v3odPtI7vQ%2FX%2BEkZwS5%2BF9ROnOsUlE%2Fa0jn5GCSBHx%2F6PsTyDUBJJOwPRNSL5PAMZxeRVpcueyNiXdeMzSGTsltUd%2FQpZTUvv9NNLkmwtKDurXtCpyqVOLQVxBDiaQvQmyYhf55gnIchcs%2FwiS%2F0wWH60gTbZWrdKQ%2FOC5iMfCY11%2FQQTMXQiibmuhG8T%2Bgue3AsqpywIWHQUk5QQynkCJIag9gcI6KKSDInZQZA4SflBnnueFLmfU7XQZa%2FJQRG3uejSMPeq57Q4KNrvDEHk2BFNDMHMDmfnwC94MRTNiwSjCuhzCFD%2FArlWw3IHNCfq8QikISktQUoJSEpQ5Qdmvtrmyvq3ucGWLyDvu%2FnFvVmOd90Z0W%2Bc9kRJQM4Th1Sg7JE%2FOsnTeO3sP6%2BKg3go7HbcbtppNN2Ret%2BXGrOnysBPFHe65TQ9WVpD2BKh1sCmnpPPpr8jklDx96XNEdBdW7YLJU6CFB1pWoGsVNtPvC2tzI2hiezQXDZ0qmQpwXSHLa8g3nJE6JGeOtvps7U0Itnf%2B4cmXs%2FFvJ8FMhcxU%2BEA%2BIOipW%2BOruiRbV3VpyXerWS4TuUlnG7%2BW01z876tLYqPUhi9ftMMvX2EzYjbefUvYfIWmXKY9S76%2BIDkXZkkbJsi9Zfu2iK4Udu1CYdIiW7ny6tJykhlhrdTpBFTur%2F4FJqekdvbU0VN%2B4qc%2FIM0EpqiQFHvkuCD1Llh2Azabu7eawKi5JspqKItqbPxo%2FlNJAiXmmEYV7L9wNJ%2FHhs5OU1mN7C30TA00v4k0qdA3FfqqAlVD2OLkOM%2FM3vkfb8%2FqM0SqNo6UqW1FyqhPpuSZX4JZ0tdnn3cfZ27lQT1sNl3a7ra8MKQijAK%2FE7c9TqkftP12mzaR22ncvn3mbwAAAP%2F%2FAQAA%2F%2F%2B6MoJdrgQAAA%3D%3D IP172.240.108.68:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectaffairsthin.com FingerprintAC:A1:40:58:37:8B:A3:C4:2D:E5:1B:D8:7A:F3:83:50:65:BD:1D:AB ValidityMon, 29 Apr 2024 08:45:52 GMT - Sun, 28 Jul 2024 08:45:51 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtzndO%2BV7UBC8BGcSAgjvb3dMzPWOQYIwrS9ZsTAwqCFJdVT1bbnVXU9U9PbunaEBynIMg8SA9b3az%2Fgii4DVBZgNBFsUdD7IH9z%2FwJASPMpvF0c%2BhP5%2FX7xW8ep%2F6eFQcEh8FPbj4ht6UStHFVsOtP%2F%2BO552rr8i0GNQHnfb77eBc3fRf6rYb7gv11wVb14u%2B67mu53r1JWlErAeLMxIyu9v1Gl23EfgNrxVgYP6LbeHAUge8f0ieguTT2gPnNCSbIE2%2BvSjseq6zF19LCkVzbdDnO9fT9VSXKZL5GBsHcbpzrIa2%2B0v3odPtI7vQ%2FX%2BEkZwS5%2BF9ROnOsUlE%2Fa0jn5GCSBHx%2F6PsTyDUBJJOwPRNSL5PAMZxeRVpcueyNiXdeMzSGTsltUd%2FQpZTUvv9NNLkmwtKDurXtCpyqVOLQVxBDiaQvQmyYhf55gnIchcs%2FwiS%2F0wWH60gTbZWrdKQ%2FOC5iMfCY11%2FQQTMXQiibmuhG8T%2Bgue3AsqpywIWHQUk5QQynkCJIag9gcI6KKSDInZQZA4SflBnnueFLmfU7XQZa%2FJQRG3uejSMPeq57Q4KNrvDEHk2BFNDMHMDmfnwC94MRTNiwSjCuhzCFD%2FArlWw3IHNCfq8QikISktQUoJSEpQ5Qdmvtrmyvq3ucGWLyDvu%2FnFvVmOd90Z0W%2Bc9kRJQM4Th1Sg7JE%2FOsnTeO3sP6%2BKg3go7HbcbtppNN2Ret%2BXGrOnysBPFHe65TQ9WVpD2BKh1sCmnpPPpr8jklDx96XNEdBdW7YLJU6CFB1pWoGsVNtPvC2tzI2hiezQXDZ0qmQpwXSHLa8g3nJE6JGeOtvps7U0Itnf%2B4cmXs%2FFvJ8FMhcxU%2BEA%2BIOipW%2BOruiRbV3VpyXerWS4TuUlnG7%2BW01z876tLYqPUhi9ftMMvX2EzYjbefUvYfIWmXKY9S76%2BIDkXZkkbJsi9Zfu2iK4Udu1CYdIiW7ny6tJykhlhrdTpBFTur%2F4FJqekdvbU0VN%2B4qc%2FIM0EpqiQFHvkuCD1Llh2Azabu7eawKi5JspqKItqbPxo%2FlNJAiXmmEYV7L9wNJ%2FHhs5OU1mN7C30TA00v4k0qdA3FfqqAlVD2OLkOM%2FM3vkfb8%2FqM0SqNo6UqW1FyqhPpuSZX4JZ0tdnn3cfZ27lQT1sNl3a7ra8MKQijAK%2FE7c9TqkftP12mzaR22ncvn3mbwAAAP%2F%2FAQAA%2F%2F%2B6MoJdrgQAAA%3D%3D HTTP/1.1
Host: affairsthin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816189; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec578809753307c1950fc30d78bf8d1031=[2019380,2229333,2229337,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94ba072497406d7b231e1b5b92db9e8e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitXucUL2qCl4AMYkDBne3u6ZmeMUgwxpWQNRsTgwqCVFdVT8qt7mqquqcne4oGJMc5CBIP0vNmN%2BuPIApeE2Q2EGRR3PEge3D%2FBC9C8CgzLo5%2Bh%2B9HvVfw6n318ag4JD4KenDuDb0plaIrrYZbf%2F4dzztdX5NpMagPOu3328Hpuum%2F1G033Bfqrwu2oVd813Ndz%2FXqq9KIWA9WZiBkdrfrNbpuI%2FAbXivAwPx%2FtoUDSx3w%2FiF5CpJPaw%2BcE5BsgjT59pywG7nOXnwtKRTNtUGf71xNN1JdpkgWbWwcxOnOERva7q%2Feh06353Kh%2B%2F8SIzklzsP7iNKdI5GI%2BltznZGCSBHxx1H2JxBqAkknYPomJN8nAOO4uI40uXNRm5Je%2FwelM3RKao%2F%2BhCynpPb7CaTJN2eVHNSvaFXkUqcWg7iCHEwgexNkxS7yzSXIchcs%2FwiS%2F0xWHq0hTbbWrdKQ%2FOC5iMfCY11%2FWQTMXQ6ibmu5G8T%2Bsue3AsqpywIWzQ2ScgIZT6DEENQuobAOCumgiB0UmYOEH9SZ53mhyxl1O13GmjwUUZu7Hg1jj3puu4OCzd4wRJ4NwdQQzNxAZj78gjdD0YxYMIqwIYcwxQ%2Bw1ypY7sDmBH1eoRQEpSUoKUEpCcqcoOxX21xZ31Z3uLJF5B1V%2F6g2q7HOeyO6rfOeSAmoGcLwapQdkidnXjrvnbqHDXFQb4WdjtsNW82mGzKv23Jj1nR52IniDvfcpgcrK0i7BGodbMop6Xz6KzI5JU9f%2BBwR3YVVu2DyOGjhgZYV6LUKm%2Bn3hbW5ETSxPZqLhk6VTAW4rpDlNeTXnZE6JCfnW322dhWC7Z15eOzlbPzbMTBTITMVPpAPCHrq1viyLsnWZV1a8t16lstEbtLZxq%2FkNBePfXVBXC%2B14efP2eGXr7AZMGvvviVsvkZTLtOeJV%2BflZwLs6oNE%2BTeefu2iC4V9trZwqRFtnbp1dXzSWaEtVKnE1C5v%2F4XmJyS2qnj86%2F8xE9%2FQJoJTFEhKfbIUUDqXbDsBmy2UG81gVELTpQtoSyqsfGjxaGSBEosZhpVsP%2BZo0U%2FNnR2m8pqZG%2BhZ2qg%2BU2kSYW%2BqdBXFagawhbHxnlm9s78eHsWnyFStXGkTG0rUkZ9MiXP%2FBLMnZ6ld2fpTVh5UA%2BbTZe2uy0vDKkIo8DvxG2PU%2BoHbb%2Fdpk3kdhq3b5%2F8GwAA%2F%2F8BAAD%2F%2FyyBWyquBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1affairsthin.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitXucUL2qCl4AMYkDBne3u6ZmeMUgwxpWQNRsTgwqCVFdVT8qt7mqquqcne4oGJMc5CBIP0vNmN%2BuPIApeE2Q2EGRR3PEge3D%2FBC9C8CgzLo5%2Bh%2B9HvVfw6n318ag4JD4KenDuDb0plaIrrYZbf%2F4dzztdX5NpMagPOu3328Hpuum%2F1G033Bfqrwu2oVd813Ndz%2FXqq9KIWA9WZiBkdrfrNbpuI%2FAbXivAwPx%2FtoUDSx3w%2FiF5CpJPaw%2BcE5BsgjT59pywG7nOXnwtKRTNtUGf71xNN1JdpkgWbWwcxOnOERva7q%2Feh06353Kh%2B%2F8SIzklzsP7iNKdI5GI%2BltznZGCSBHxx1H2JxBqAkknYPomJN8nAOO4uI40uXNRm5Je%2FwelM3RKao%2F%2BhCynpPb7CaTJN2eVHNSvaFXkUqcWg7iCHEwgexNkxS7yzSXIchcs%2FwiS%2F0xWHq0hTbbWrdKQ%2FOC5iMfCY11%2FWQTMXQ6ibmu5G8T%2Bsue3AsqpywIWzQ2ScgIZT6DEENQuobAOCumgiB0UmYOEH9SZ53mhyxl1O13GmjwUUZu7Hg1jj3puu4OCzd4wRJ4NwdQQzNxAZj78gjdD0YxYMIqwIYcwxQ%2Bw1ypY7sDmBH1eoRQEpSUoKUEpCcqcoOxX21xZ31Z3uLJF5B1V%2F6g2q7HOeyO6rfOeSAmoGcLwapQdkidnXjrvnbqHDXFQb4WdjtsNW82mGzKv23Jj1nR52IniDvfcpgcrK0i7BGodbMop6Xz6KzI5JU9f%2BBwR3YVVu2DyOGjhgZYV6LUKm%2Bn3hbW5ETSxPZqLhk6VTAW4rpDlNeTXnZE6JCfnW322dhWC7Z15eOzlbPzbMTBTITMVPpAPCHrq1viyLsnWZV1a8t16lstEbtLZxq%2FkNBePfXVBXC%2B14efP2eGXr7AZMGvvviVsvkZTLtOeJV%2BflZwLs6oNE%2BTeefu2iC4V9trZwqRFtnbp1dXzSWaEtVKnE1C5v%2F4XmJyS2qnj86%2F8xE9%2FQJoJTFEhKfbIUUDqXbDsBmy2UG81gVELTpQtoSyqsfGjxaGSBEosZhpVsP%2BZo0U%2FNnR2m8pqZG%2BhZ2qg%2BU2kSYW%2BqdBXFagawhbHxnlm9s78eHsWnyFStXGkTG0rUkZ9MiXP%2FBLMnZ6ld2fpTVh5UA%2BbTZe2uy0vDKkIo8DvxG2PU%2BoHbb%2Fdpk3kdhq3b5%2F8GwAA%2F%2F8BAAD%2F%2FyyBWyquBAAA IP172.240.108.68:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectaffairsthin.com FingerprintAC:A1:40:58:37:8B:A3:C4:2D:E5:1B:D8:7A:F3:83:50:65:BD:1D:AB ValidityMon, 29 Apr 2024 08:45:52 GMT - Sun, 28 Jul 2024 08:45:51 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitXucUL2qCl4AMYkDBne3u6ZmeMUgwxpWQNRsTgwqCVFdVT8qt7mqquqcne4oGJMc5CBIP0vNmN%2BuPIApeE2Q2EGRR3PEge3D%2FBC9C8CgzLo5%2Bh%2B9HvVfw6n318ag4JD4KenDuDb0plaIrrYZbf%2F4dzztdX5NpMagPOu3328Hpuum%2F1G033Bfqrwu2oVd813Ndz%2FXqq9KIWA9WZiBkdrfrNbpuI%2FAbXivAwPx%2FtoUDSx3w%2FiF5CpJPaw%2BcE5BsgjT59pywG7nOXnwtKRTNtUGf71xNN1JdpkgWbWwcxOnOERva7q%2Feh06353Kh%2B%2F8SIzklzsP7iNKdI5GI%2BltznZGCSBHxx1H2JxBqAkknYPomJN8nAOO4uI40uXNRm5Je%2FwelM3RKao%2F%2BhCynpPb7CaTJN2eVHNSvaFXkUqcWg7iCHEwgexNkxS7yzSXIchcs%2FwiS%2F0xWHq0hTbbWrdKQ%2FOC5iMfCY11%2FWQTMXQ6ibmu5G8T%2Bsue3AsqpywIWzQ2ScgIZT6DEENQuobAOCumgiB0UmYOEH9SZ53mhyxl1O13GmjwUUZu7Hg1jj3puu4OCzd4wRJ4NwdQQzNxAZj78gjdD0YxYMIqwIYcwxQ%2Bw1ypY7sDmBH1eoRQEpSUoKUEpCcqcoOxX21xZ31Z3uLJF5B1V%2F6g2q7HOeyO6rfOeSAmoGcLwapQdkidnXjrvnbqHDXFQb4WdjtsNW82mGzKv23Jj1nR52IniDvfcpgcrK0i7BGodbMop6Xz6KzI5JU9f%2BBwR3YVVu2DyOGjhgZYV6LUKm%2Bn3hbW5ETSxPZqLhk6VTAW4rpDlNeTXnZE6JCfnW322dhWC7Z15eOzlbPzbMTBTITMVPpAPCHrq1viyLsnWZV1a8t16lstEbtLZxq%2FkNBePfXVBXC%2B14efP2eGXr7AZMGvvviVsvkZTLtOeJV%2BflZwLs6oNE%2BTeefu2iC4V9trZwqRFtnbp1dXzSWaEtVKnE1C5v%2F4XmJyS2qnj86%2F8xE9%2FQJoJTFEhKfbIUUDqXbDsBmy2UG81gVELTpQtoSyqsfGjxaGSBEosZhpVsP%2BZo0U%2FNnR2m8pqZG%2BhZ2qg%2BU2kSYW%2BqdBXFagawhbHxnlm9s78eHsWnyFStXGkTG0rUkZ9MiXP%2FBLMnZ6ld2fpTVh5UA%2BbTZe2uy0vDKkIo8DvxG2PU%2BoHbb%2Fdpk3kdhq3b5%2F8GwAA%2F%2F8BAAD%2F%2FyyBWyquBAAA HTTP/1.1
Host: affairsthin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816189; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec578809753307c1950fc30d78bf8d1031=[2019380,2229333,2229337,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e642a4eb96d9e77fc65c0e43cdf4f0a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png | 45.133.44.9 | 200 OK | 30 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 468 x 60, 8-bit/color RGB, non-interlaced Hash2f616bbffea93fdb5908173cc0df570d c62417c0dc7503f1ca8852ceac347d0a074e5ff1 0aa6af37608faee30dfafd1221c7f96e2952cebb8dd52bd5401f79a5cf6b744f
GET /cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: image/png
content-length: 30301
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:10:47 GMT
etag: "61080af7-765d"
expires: Mon, 06 May 2024 20:22:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hasha4e85febd7acd6c030c1a95ec4ba1653 7774b8098464cde5ec1a87cea085e5a4fbe4fea7 944b66a071f747d34f23b2e2fc551f7b3ec0788f7bce476f20de920744833bc6
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://buddycenters.shop
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Cookie: uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://buddycenters.shop
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| olalivehdplay.ru/premiumtv/daddyhd.php?id=27 | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/2olalivehdplay.ru/premiumtv/daddyhd.php?id=27 IP188.114.96.1:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerGoogle Trust Services LLC Subjectolalivehdplay.ru Fingerprint09:63:7D:6A:D1:21:60:4D:9E:73:4A:57:8E:25:56:31:2B:5A:3C:A4 ValidityWed, 27 Mar 2024 20:52:16 GMT - Tue, 25 Jun 2024 20:52:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /premiumtv/daddyhd.php?id=27 HTTP/1.1
Host: olalivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/html
content-length: 167
location: https://claplivehdplay.ru/premiumtv/daddyhd.php?id=27
cache-control: max-age=3600
expires: Sat, 04 May 2024 21:22:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MjbK%2BO9hFLC2Eq49MhuuN7jVCPCe561gFFS3ahT4krCFl06mCisBvnjXi0agOxFew4xojng7K3A3gtqfm8ytIGkOSJf0Ntye6KjofUh8YymVubAQN4c%2BWcZSbJuxUTia%2FHI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34909e891bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/7d/3c/21/7d3c21647108c8fa192d353bedf87959/1627916152.png | 45.133.44.9 | 200 OK | 17 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/7d/3c/21/7d3c21647108c8fa192d353bedf87959/1627916152.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 320 x 50, 8-bit/color RGB, non-interlaced Hashf6c2c59740f4db842107b6655816fcf3 37d3216663c27557fa9ed8fac070a66549b16a81 e6b9fdf5e7af8da265868800c5fe9d97cb0533f06d92c5204e39c06afebe9a08
GET /cti/7d/3c/21/7d3c21647108c8fa192d353bedf87959/1627916152.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: image/png
content-length: 16975
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 14:55:59 GMT
etag: "6108077f-424f"
expires: Mon, 06 May 2024 20:22:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| buddycenters.shop/embed/stream-27.php | 188.114.96.1 | 200 OK | 0 B |
URL HEAD HTTP/3buddycenters.shop/embed/stream-27.php IP188.114.96.1:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerGoogle Trust Services LLC Subjectbuddycenters.shop Fingerprint37:6E:AE:15:7A:0B:70:26:91:C3:71:5B:44:FD:6E:C2:CB:2B:56:11 ValidityThu, 04 Apr 2024 20:45:04 GMT - Wed, 03 Jul 2024 20:45:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /embed/stream-27.php HTTP/1.1
Host: buddycenters.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/embed/stream-27.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znXcdCXoK5Jv2harrz1mNgBhuvwXiV1rmcM32qLBcfG7EdvA4U7QkvGWm77eXMizjTHzkYfdNre1QuetA2vlrm1Je8pLG%2FJpu3TD7M2%2FiTv5MtJtBcXI7t9BkU6JdtY1bt%2F4xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb349048dc5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml-v4.clouback-1.online/thumbnail?i=yN65tYNd*Tk_0&p=1714854171.235213&imgt=icon | 173.239.53.32 | 302 Found | 0 B |
URL GET HTTP/1.1xml-v4.clouback-1.online/thumbnail?i=yN65tYNd*Tk_0&p=1714854171.235213&imgt=icon IP173.239.53.32:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectclouback-1.online Fingerprint49:43:16:99:23:3B:84:3A:78:AF:92:AB:48:34:70:1F:61:2B:70:E2 ValidityWed, 24 Apr 2024 14:28:10 GMT - Tue, 23 Jul 2024 14:28:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=yN65tYNd*Tk_0&p=1714854171.235213&imgt=icon HTTP/1.1
Host: xml-v4.clouback-1.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.pdn-1.com/n159/ad/192x192_XolMKs0y.jpg
|
|
| eephaush.com/tag.min.js | 139.45.197.236 | 200 OK | 28 kB |
IP139.45.197.236:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjecteephaush.com Fingerprint8A:EA:A6:49:EF:C2:9A:D9:47:5A:F1:99:15:49:BE:91:1C:1E:84:53 ValidityThu, 21 Mar 2024 05:16:27 GMT - Wed, 19 Jun 2024 05:16:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashae155af4fc0005bd4faab65e5c1cca00 4da21aabdd22446a02c50bded5c52d74ffa102d8 0c8f928eeb6c914b37b422cc7205f36aff66c2db7522e4ee20ec887606f4dc1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 28334
content-encoding: br
x-trace-id: d21c9c46470b07c3dbf32f50a8d16577
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sat, 04 May 2024 16:53:32 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| roughindoor.com/pixel/purst?dl=0&th=0&sc=0&rs=1235&rd=1235&fd=908&bv=24.5.6485&tmpl=70 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1roughindoor.com/pixel/purst?dl=0&th=0&sc=0&rs=1235&rd=1235&fd=908&bv=24.5.6485&tmpl=70 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectroughindoor.com Fingerprint2F:BA:92:51:9E:67:BD:A3:02:2C:29:6B:2F:12:C5:AD:96:07:37:80 ValidityMon, 29 Apr 2024 12:56:52 GMT - Sun, 28 Jul 2024 12:56:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1235&rd=1235&fd=908&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: roughindoor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.108.84:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59311fa98e4e32de6983b117e7b6961b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| designingpupilintermediary.com/impr.gif?sid=H4sIAAAAAAAC%2F4ySz2tcVRvHz6TZvLzv5q3FTSlcnLaoOJN7Z%2B78ai3BJo3ExqS2USMI9fy6k9M5957LOefOnWQhxYJ051AXRQW5eSZprbb%2BQBcutMik4CJQ6HQ1gln4D7gQunAlMwajK3s2z%2FPwfeB8nu%2FzvLuR7KISJHg4%2B7JaF1LiqUrRdZ5e8byTzoKIko7TqVcvVv2Tjm6faFSL7jPOi5y21FTJ9VzXcz1nTmgeqM7USAQR3254xYZb9EtFr%2BJDR%2F%2BzNkkODM4Ba%2B%2BigyDYYPJe7hAI2oco%2FHKWm5ZV8XNnwkRiqzS02c1Xo1ak0gjC%2FTTQOQiim3vdoMyDubugoq0xLqj2X41EDFDux7tAopt7kEDam2NOIoFHQNh%2FIW33gcs%2BCNwHqq6AYA8QAGWwuARReGNR6RSv%2FanikTpAk49%2BA5EO0OTPhyAKPz8tRce5oGRihYoMdIIMRKcPotmHONkGuz4BIt0Gat8Bwe6jqUcLEIWbS0YqEGx4lLCAe7RRKnCfugWfNCqFhh%2BUCl6p4mOGXepTMjZIiD6IoA%2BSdwGbCUhMDhKRgyTIQRLnIGRDh3qeV3MZxW69QWmZ1TipMtfDtcDDnlutQ0JHM3TBxl2gsgtUX4ZYX4aW6IJOfgCzmoFhB8DYAcq9chnaLIOUI0gNghQjSAWC1CJI29kWk6ZkshtMmoR4e7G0F8tZT9nmBt5StskjBFh3QbNsI95F%2Fx%2BZmHvz2B1o8aHjlmpuhQesHFSrAXVdUgt4HdddSl2XcV4DI27NzBXKvl%2B%2F6IEwE4BNDtbFANWvP4RYDNCTZz8GgrfByG2g4gnAyRHAaQZ4NYP16JvEGKs5Dk0TW15UkRQRB6YyiO0k2LXchtxFh8d7nX3rBnC6M33nyEcuQgioziDWGVwS9xA05dXeeZWizfMqNeirpdiKUKzj0c4vWGw5%2BvQsX0uVZvOzpnvrBToSRuntZW7sAo6YiJoGfXZaMMb1nNKUo%2B%2FnzeucnEvM6ulER0m8cG5mbj6MNTdGqKgPWDzoPA9UDND%2FfloZH%2FOx%2B%2F8BobdBJ8OXVq2NzYmpqU4oC22%2FSKVKCKatgrc34xSVgramxam1xWrFvrHInl1uXXSPx6e8mufXK75X84qlcqXklSFMdqZ74qAzGlqoPtD4yhf5%2FOyZCzPn588tzy8t5vPDp5bimGHLtcOEtQ6OrGgLnZhYq6bGoRNtb32Sz8%2FPjJtX%2FhXOriYhibCQjwN4XIRNe0pQFd3K55fnlxfO5PNf%2F%2FJh9uu37znKSHXCeQ1rwyWYeAftPTAKgZb7NYlzkD6Ob7Ho8MfC6ukS2Zleed9%2Bd%2Bnt30EKBJLv%2F4dJBuZvNdnPexonw6O0QhhmvlugrFEt%2BK5XLtTdgBT8stfAFVL3XZf0NBbZhrkKTT0B2F6BKMygrTNoywyw7IJJDvRsrHemH5bHD4ic6BGpJzaJ1PLa%2BKgH6Oz1a2DE0Cm7rEZ4wGuE%2BxU%2F4JSRSoW4NKCkzOp1CtYMguoHh%2F8AAAD%2F%2FwEAAP%2F%2FMbYVPxYGAAA%3D | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1designingpupilintermediary.com/impr.gif?sid=H4sIAAAAAAAC%2F4ySz2tcVRvHz6TZvLzv5q3FTSlcnLaoOJN7Z%2B78ai3BJo3ExqS2USMI9fy6k9M5957LOefOnWQhxYJ051AXRQW5eSZprbb%2BQBcutMik4CJQ6HQ1gln4D7gQunAlMwajK3s2z%2FPwfeB8nu%2FzvLuR7KISJHg4%2B7JaF1LiqUrRdZ5e8byTzoKIko7TqVcvVv2Tjm6faFSL7jPOi5y21FTJ9VzXcz1nTmgeqM7USAQR3254xYZb9EtFr%2BJDR%2F%2BzNkkODM4Ba%2B%2BigyDYYPJe7hAI2oco%2FHKWm5ZV8XNnwkRiqzS02c1Xo1ak0gjC%2FTTQOQiim3vdoMyDubugoq0xLqj2X41EDFDux7tAopt7kEDam2NOIoFHQNh%2FIW33gcs%2BCNwHqq6AYA8QAGWwuARReGNR6RSv%2FanikTpAk49%2BA5EO0OTPhyAKPz8tRce5oGRihYoMdIIMRKcPotmHONkGuz4BIt0Gat8Bwe6jqUcLEIWbS0YqEGx4lLCAe7RRKnCfugWfNCqFhh%2BUCl6p4mOGXepTMjZIiD6IoA%2BSdwGbCUhMDhKRgyTIQRLnIGRDh3qeV3MZxW69QWmZ1TipMtfDtcDDnlutQ0JHM3TBxl2gsgtUX4ZYX4aW6IJOfgCzmoFhB8DYAcq9chnaLIOUI0gNghQjSAWC1CJI29kWk6ZkshtMmoR4e7G0F8tZT9nmBt5StskjBFh3QbNsI95F%2Fx%2BZmHvz2B1o8aHjlmpuhQesHFSrAXVdUgt4HdddSl2XcV4DI27NzBXKvl%2B%2F6IEwE4BNDtbFANWvP4RYDNCTZz8GgrfByG2g4gnAyRHAaQZ4NYP16JvEGKs5Dk0TW15UkRQRB6YyiO0k2LXchtxFh8d7nX3rBnC6M33nyEcuQgioziDWGVwS9xA05dXeeZWizfMqNeirpdiKUKzj0c4vWGw5%2BvQsX0uVZvOzpnvrBToSRuntZW7sAo6YiJoGfXZaMMb1nNKUo%2B%2FnzeucnEvM6ulER0m8cG5mbj6MNTdGqKgPWDzoPA9UDND%2FfloZH%2FOx%2B%2F8BobdBJ8OXVq2NzYmpqU4oC22%2FSKVKCKatgrc34xSVgramxam1xWrFvrHInl1uXXSPx6e8mufXK75X84qlcqXklSFMdqZ74qAzGlqoPtD4yhf5%2FOyZCzPn588tzy8t5vPDp5bimGHLtcOEtQ6OrGgLnZhYq6bGoRNtb32Sz8%2FPjJtX%2FhXOriYhibCQjwN4XIRNe0pQFd3K55fnlxfO5PNf%2F%2FJh9uu37znKSHXCeQ1rwyWYeAftPTAKgZb7NYlzkD6Ob7Ho8MfC6ukS2Zleed9%2Bd%2Bnt30EKBJLv%2F4dJBuZvNdnPexonw6O0QhhmvlugrFEt%2BK5XLtTdgBT8stfAFVL3XZf0NBbZhrkKTT0B2F6BKMygrTNoywyw7IJJDvRsrHemH5bHD4ic6BGpJzaJ1PLa%2BKgH6Oz1a2DE0Cm7rEZ4wGuE%2BxU%2F4JSRSoW4NKCkzOp1CtYMguoHh%2F8AAAD%2F%2FwEAAP%2F%2FMbYVPxYGAAA%3D IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdesigningpupilintermediary.com FingerprintC6:2A:2C:CE:46:0C:19:DC:3F:A3:33:F7:CD:1E:20:1D:CC:46:93:78 ValidityMon, 29 Apr 2024 08:22:29 GMT - Sun, 28 Jul 2024 08:22:28 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F4ySz2tcVRvHz6TZvLzv5q3FTSlcnLaoOJN7Z%2B78ai3BJo3ExqS2USMI9fy6k9M5957LOefOnWQhxYJ051AXRQW5eSZprbb%2BQBcutMik4CJQ6HQ1gln4D7gQunAlMwajK3s2z%2FPwfeB8nu%2FzvLuR7KISJHg4%2B7JaF1LiqUrRdZ5e8byTzoKIko7TqVcvVv2Tjm6faFSL7jPOi5y21FTJ9VzXcz1nTmgeqM7USAQR3254xYZb9EtFr%2BJDR%2F%2BzNkkODM4Ba%2B%2BigyDYYPJe7hAI2oco%2FHKWm5ZV8XNnwkRiqzS02c1Xo1ak0gjC%2FTTQOQiim3vdoMyDubugoq0xLqj2X41EDFDux7tAopt7kEDam2NOIoFHQNh%2FIW33gcs%2BCNwHqq6AYA8QAGWwuARReGNR6RSv%2FanikTpAk49%2BA5EO0OTPhyAKPz8tRce5oGRihYoMdIIMRKcPotmHONkGuz4BIt0Gat8Bwe6jqUcLEIWbS0YqEGx4lLCAe7RRKnCfugWfNCqFhh%2BUCl6p4mOGXepTMjZIiD6IoA%2BSdwGbCUhMDhKRgyTIQRLnIGRDh3qeV3MZxW69QWmZ1TipMtfDtcDDnlutQ0JHM3TBxl2gsgtUX4ZYX4aW6IJOfgCzmoFhB8DYAcq9chnaLIOUI0gNghQjSAWC1CJI29kWk6ZkshtMmoR4e7G0F8tZT9nmBt5StskjBFh3QbNsI95F%2Fx%2BZmHvz2B1o8aHjlmpuhQesHFSrAXVdUgt4HdddSl2XcV4DI27NzBXKvl%2B%2F6IEwE4BNDtbFANWvP4RYDNCTZz8GgrfByG2g4gnAyRHAaQZ4NYP16JvEGKs5Dk0TW15UkRQRB6YyiO0k2LXchtxFh8d7nX3rBnC6M33nyEcuQgioziDWGVwS9xA05dXeeZWizfMqNeirpdiKUKzj0c4vWGw5%2BvQsX0uVZvOzpnvrBToSRuntZW7sAo6YiJoGfXZaMMb1nNKUo%2B%2FnzeucnEvM6ulER0m8cG5mbj6MNTdGqKgPWDzoPA9UDND%2FfloZH%2FOx%2B%2F8BobdBJ8OXVq2NzYmpqU4oC22%2FSKVKCKatgrc34xSVgramxam1xWrFvrHInl1uXXSPx6e8mufXK75X84qlcqXklSFMdqZ74qAzGlqoPtD4yhf5%2FOyZCzPn588tzy8t5vPDp5bimGHLtcOEtQ6OrGgLnZhYq6bGoRNtb32Sz8%2FPjJtX%2FhXOriYhibCQjwN4XIRNe0pQFd3K55fnlxfO5PNf%2F%2FJh9uu37znKSHXCeQ1rwyWYeAftPTAKgZb7NYlzkD6Ob7Ho8MfC6ukS2Zleed9%2Bd%2Bnt30EKBJLv%2F4dJBuZvNdnPexonw6O0QhhmvlugrFEt%2BK5XLtTdgBT8stfAFVL3XZf0NBbZhrkKTT0B2F6BKMygrTNoywyw7IJJDvRsrHemH5bHD4ic6BGpJzaJ1PLa%2BKgH6Oz1a2DE0Cm7rEZ4wGuE%2BxU%2F4JSRSoW4NKCkzOp1CtYMguoHh%2F8AAAD%2F%2FwEAAP%2F%2FMbYVPxYGAAA%3D HTTP/1.1
Host: designingpupilintermediary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816173; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f0ddc077b4f96fb18e494f7cac944ac
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| claplivehdplay.ru/premiumtv/daddyhd.php?id=27 | 188.114.97.1 | 200 OK | 252 kB |
URL GET HTTP/2claplivehdplay.ru/premiumtv/daddyhd.php?id=27 IP188.114.97.1:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (61137), with CRLF line terminators Size252 kB (251791 bytes) Hash01db469e304cde312fc2a6a75141ff44 df100a245461e7e8cbe5a3fcc56a27a70b99f2f5 01d04f17e64457b19d4340424efeb0d6dfc2757d810933b10408b3e713ba7a03
GET /premiumtv/daddyhd.php?id=27 HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://buddycenters.shop/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400, immutable, no-transform
expires: Sun, 05 May 2024 10:16:12 GMT
videocdn: HIT
node: PHP
x-cache: HIT
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 14:01:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBzwaYOrhr2%2Fi0XMJwDHzEujVJGW6%2F%2F1HLwf656%2FzcawhYPIz1yjXhI4qQUqO%2FvOBw0OwAwSE9rABKIJ%2F%2BrBwZTr7KbMaKP5uPsIUVby7%2BHPqX6tvxBwG%2FDv4EIG0fYu2NZQ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb3491597956ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 39255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.premiumvertising.com/cindex.min.css | 185.76.9.25 | 200 OK | 27 kB |
URL GET HTTP/2www.premiumvertising.com/cindex.min.css IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subject1258267123.rsc.cdn77.org FingerprintB6:10:5C:DD:E0:F1:DB:2A:2F:27:00:11:08:9F:82:00:01:7F:31:F3 ValidityTue, 30 Apr 2024 08:35:05 GMT - Mon, 29 Jul 2024 08:35:04 GMT
File typegzip compressed data, from Unix Hashbc72afdead7d1d6bc921a311b6b83497 beda3fa7622072acb4f23f5fcf83abe0e17268d7 ec00ff9230475eba2bf0f65309789175d6ad8e165075fedfe69034284df1ada8
GET /cindex.min.css HTTP/1.1
Host: www.premiumvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://buddycenters.shop
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb5
expires: Sat, 11 May 2024 00:31:27 GMT
access-control-allow-origin: https://buddycenters.shop
link: <https://premiumvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwgBuUwJFAFBDAG5TAoBAfdzzAAADAElE8IuAffKSgAA
x-77-nzt-ray: af585630e23ec74b1c993666737a0b0f
x-accel-expires: @1715387487
x-accel-date: 1714801833
x-77-cache: HIT
x-77-age: 71485
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/disable-devtool@latest | 151.101.1.229 | 200 OK | 6.7 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/disable-devtool@latest IP151.101.1.229:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17245) Hashf71da0117b47fe056c382d44f7c1af53 c384c695d7a74e1e4272b13f9d5942d0f24d099d 2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
GET /npm/disable-devtool@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.7
x-jsd-version-type: version
etag: W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 20:22:52 GMT
age: 10578
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6741
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js | 151.101.1.229 | 200 OK | 8.1 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js IP151.101.1.229:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (26814) Hash835f1f7feab838f171c6334abc3d14da 68b97b433d37600647338e57f4344e5e1faf6246 189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4
GET /npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 20:22:52 GMT
age: 24061
x-served-by: cache-fra-eddf8230045-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8149
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 20:22:52 GMT
age: 710354
x-served-by: cache-lga21931-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 539935
x-timer: S1714854173.838564,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=02705efd3f66fc00b7fe8a80cc00dee7&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=02705efd3f66fc00b7fe8a80cc00dee7&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=02705efd3f66fc00b7fe8a80cc00dee7&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d581ac606e980d79a919a2a94fc1e164
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=982ba3a0bdb46e267599ca38b14eca00&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=982ba3a0bdb46e267599ca38b14eca00&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=982ba3a0bdb46e267599ca38b14eca00&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:52 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3eddd85eb1e157bf53db3becaecc2fdc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| designingpupilintermediary.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1designingpupilintermediary.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectdesigningpupilintermediary.com FingerprintC6:2A:2C:CE:46:0C:19:DC:3F:A3:33:F7:CD:1E:20:1D:CC:46:93:78 ValidityMon, 29 Apr 2024 08:22:29 GMT - Sun, 28 Jul 2024 08:22:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: designingpupilintermediary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Cookie: u_pl=22816173; uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| static.pdn-1.com/n159/ad/192x192_XolMKs0y.jpg | 23.36.76.195 | 200 OK | 7.3 kB |
URL GET HTTP/1.1static.pdn-1.com/n159/ad/192x192_XolMKs0y.jpg IP23.36.76.195:443 ASN#20940 Akamai International B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectstatic.pdn-1.com Fingerprint92:4B:0C:C7:10:81:E6:CE:3F:3E:2A:E1:77:DA:5F:50:71:B3:36:97 ValidityMon, 25 Mar 2024 20:12:40 GMT - Sun, 23 Jun 2024 20:12:39 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash86ee47872e56cb945f0a0fc164f87f2b f296f6241ad1a80e1c118373cb19dfe4f5f7f1d1 9d3bc9e838a3c4789333d55bb12afc02e1724473dbde8973b38be3bc2ca5883b
GET /n159/ad/192x192_XolMKs0y.jpg HTTP/1.1
Host: static.pdn-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 7281
Last-Modified: Wed, 17 Apr 2024 10:15:08 GMT
ETag: "661fa12c-1c71"
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Sun, 05 May 2024 20:22:53 GMT
Date: Sat, 04 May 2024 20:22:53 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
|
|
| usstreamsgate.online/wp-includes/images/w-logo-blue-white-bg.png | 172.67.212.138 | 200 OK | 4.1 kB |
URL GET HTTP/3usstreamsgate.online/wp-includes/images/w-logo-blue-white-bg.png IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1; pp_main_982ba3a0bdb46e267599ca38b14eca00=1; sb_main_02705efd3f66fc00b7fe8a80cc00dee7=1; sb_count_02705efd3f66fc00b7fe8a80cc00dee7=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=affairsthin.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=designingpupilintermediary.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:53 GMT
content-type: image/png
content-length: 4119
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
etag: "3060bc1-1017-5d0dca9a37e40"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQXgQtx5InM7Of8kQN8yVxWlbZ6gcex7DyWcUbfq2hK7YTyX7NW9oi1ftvmTN0Q%2BcfhLOL8txpG5A%2BCXsvqWFEl4tEJH2C4Ux0xH%2BWEfskqjqdmRYT%2BAidOro9Cme0PHQYGu9Jt%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb3495aad00b02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| usstreamsgate.online/favicon.ico | 172.67.212.138 | 302 Found | 4.1 kB |
URL GET HTTP/3usstreamsgate.online/favicon.ico IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1; pp_main_982ba3a0bdb46e267599ca38b14eca00=1; sb_main_02705efd3f66fc00b7fe8a80cc00dee7=1; sb_count_02705efd3f66fc00b7fe8a80cc00dee7=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=affairsthin.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=designingpupilintermediary.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 04 May 2024 20:22:53 GMT
content-type: text/html; charset=UTF-8
location: https://usstreamsgate.online/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/8.1.28
x-ua-compatible: IE=edge
link: <https://usstreamsgate.online/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSQuRGq5TPNEsDuc1uWlXMO%2B2m%2Bj3RsYwsVWJHFxEmmDKqOn6%2B6pL%2BhysbY0lQFF8tEvD4y4bevdYG0wvJQRjNT%2B8swXpahkYE2ztsmWzK8f3VrL6rwNxAGTBh8H5vEZuShyBEF%2BIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb34913e2d0b02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| usstreamsgate.online/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 172.67.212.138 | 200 OK | 19 kB |
URL GET HTTP/3usstreamsgate.online/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1; pp_main_982ba3a0bdb46e267599ca38b14eca00=1; sb_main_02705efd3f66fc00b7fe8a80cc00dee7=1; sb_count_02705efd3f66fc00b7fe8a80cc00dee7=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/javascript
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
etag: W/"2fc32c0-4926-61144508b03c0-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBmVMSEygf20%2FkEktd6%2FWiWpY%2FgUJmacaWZVwhzjw0Ss%2BAuweQuoZkTl7lM4hV89JPzOE2YX3h3nLQgWNbNuOwfgiGn4thaEO%2FROly766amG3rBl11gcqurPkZFferPeQ%2FnuWnE9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb348b6fa70b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html | 45.133.44.3 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1247), with no line terminators Hashd7e9bbdc14a6a43c585e317362083462 b534aa26ca00c609f983494f41e9d51324cf5922 c4d52e3945909d212f8f49c517f65dfe254cdd54e21d0e4ce12eb233aa73fcb4
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:51 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-49a"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 21:22:51 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/p2p-media-loader-core.min.js | 188.114.97.1 | 200 OK | 350 kB |
URL GET HTTP/3claplivehdplay.ru/p2p-media-loader-core.min.js IP188.114.97.1:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (505), with CRLF line terminators Size350 kB (350181 bytes) Hash456780886716e31a2c5031869a56024d 9ddf91b9e4e6321fbb0d0160f386203d326092fb 97ba329694ba923bc5d7d93e051cf0ecdc8121d4488adb52b682a646b3721511
GET /p2p-media-loader-core.min.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/daddyhd.php?id=27
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 17:15:39 GMT
etag: W/"65f876bb-557e5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwG5V8gJjLWzp4WwxwwuK7gFXTeUWsrcbKjo8WVBAmX9b9NAXC0%2FenRzGpWAXHbt0f7YjunzLKJ3NYorbyJzpf2867G%2FMZTHr7yqgyc%2B5K9upfHgjplbi%2BP5DPnRzybGGI19qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34933d83b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| affairsthin.com/ntv.json?key=578809753307c1950fc30d78bf8d1031&vstc=4&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D | 172.240.108.84 | 200 OK | 18 kB |
URL GET HTTP/1.1affairsthin.com/ntv.json?key=578809753307c1950fc30d78bf8d1031&vstc=4&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D IP172.240.108.84:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjectaffairsthin.com FingerprintAC:A1:40:58:37:8B:A3:C4:2D:E5:1B:D8:7A:F3:83:50:65:BD:1D:AB ValidityMon, 29 Apr 2024 08:45:52 GMT - Sun, 28 Jul 2024 08:45:51 GMT
Hashe15db36af77e49441379de51fc1d0c43 35e5b788aa789eec521c61b2223fd76d9abd6adc 1fe91e2c8d7b9c2ab63430c59730a55208ef99e24bc1fb8987bb8335f8c5fc46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=578809753307c1950fc30d78bf8d1031&vstc=4&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: affairsthin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/json
Content-Length: 18012
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22816189; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uid_id2=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb:2:1; expires=Sat, 11 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
nlec578809753307c1950fc30d78bf8d1031=[2019380,2229333,2229337,2229329]; expires=Sat, 04 May 2024 20:22:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28014dfea04a0670bdbe7cb23107c8dc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| traversefaultlessashamed.com/734ed300326a465f532c9038539688a1/invoke.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/734ed300326a465f532c9038539688a1/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (31317), with no line terminators Hasha2288c854d9d96ce6990ca6cedcc0779 96e8d312032dd3d2197b94afd8f62b071827ef70 d3f9f363170a562093d1ef5d67a395ac59239f734e28cc9f91d1a87f47dd43bd
GET /734ed300326a465f532c9038539688a1/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: faa03d1d361c3c5b249556a7d0e0c22b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| usstreamsgate.online/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 | 172.67.212.138 | 200 OK | 7.0 kB |
URL GET HTTP/3usstreamsgate.online/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeASCII text, with very long lines (7275), with no line terminators Hasheb7a856686a7ce63cca4a183aa965068 83b2f87314ee550cf9f3957ccf71afc77bb7e929 5b0db1ddc103b771492720494ff6c3b7602e0a3b130fbac531b78bd465ecedc5
GET /wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2024 11:52:41 GMT
etag: W/"2f80508-1b2d-6148eed71a216-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fKz7fQeQweLU0bzRrGZKMbiyPSMzQH6zSYKhTLH6Zjyxc2fg70asZP5ZXa%2B5p9b4fB%2FbUW6NLatSEaaR3ICimPeZvZjd6ODUJnXvPdPwdmYEL2McHsj3RXhs6haSQ0KmDL5N7tN9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb347f39cd0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| claplivehdplay.ru/clappr.min.js | 188.114.97.1 | 200 OK | 525 kB |
URL GET HTTP/3claplivehdplay.ru/clappr.min.js IP188.114.97.1:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
Size525 kB (525081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clappr.min.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/daddyhd.php?id=27
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:49 GMT
etag: W/"65e479e5-80319"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuEJLmssdXQ3Zfyf7DECPG1EWa3RTm0RSjpF7TxJhCFc7QKf9QK1Is2%2BiRHSdYgrqk0hXKhjTO%2FSPxHFRv1N31qu0XmcdzjUkkSMy%2BKELDOta7r7I67D%2F0uZmA1TVWNxRYr7pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34933d7eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 239272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css | 188.114.97.1 | 200 OK | 5.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css IP188.114.97.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (5256), with no line terminators Hash20fc3575e1f60756b6fc80254e6949be fa0debcf63ba783ca6aad97674fcb9c4ce823095 b594ebf5062e8f2f8e88dc97e9dc2a8343d3a8b1dcc09e3d9e97b1a84e296f9b
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-137e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNu9h0p7NO5odVPQb18W6fclqg%2Bt2G0zThHGyMxslteYmpZQFrQcrQ0RcENJZ9P0cpZaLnf0fZynpNJgerVpTzAFUGgfEzD5K0hKQWZWQB3avskiewpTiwmIunddLJybwKyi2sUIak1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb348efdd856ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js | 188.114.97.1 | 200 OK | 386 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js IP188.114.97.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (399), with no line terminators Hash022602a468da44628060800173771da2 9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c 6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2V6YR84vkBDp2Lce71DYT1C4t4rfSa7Q7w%2B9x3flmmQe4rTpf%2FXIaCmZ7cYv6JuFjWLaBPT%2B8J2g64Z%2B4vt02YAmZdsRKswnjilSW4mqa2xYPRQ%2FK5FJ4fjakF290ofsxylGrfzEKiF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb348efdd356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| usstreamsgate.online/wp-includes/js/comment-reply.min.js?ver=6.5.2 | 172.67.212.138 | 200 OK | 3.0 kB |
URL GET HTTP/3usstreamsgate.online/wp-includes/js/comment-reply.min.js?ver=6.5.2 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.5.2 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"31a0b86-ba5-5dc2a2438e980-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DX6LymXnWk1MzkhP9y%2F4vIne7v0TVgGto6jb%2BTorR4wWGlq0A%2FcAKMNq2X6zo7X5h9NTI8yNkuiB7uAtPn6JgGrDGeoqx544axAb%2FlTUor47a5JlqJSIIfTVj49IcCJTUqpgdyX8DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb347f39d10b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css IP188.114.97.1:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:28:03 GMT
etag: W/"65aa86f3-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkcz3QqKghEVJS62ro1yRO8vLsAfqOyRB%2Fklv8rQsKclIWoZibZtGhazeyaTm9FBHn5puJBrDolqS6ZebJot6Bx7h1yhgLsG5GnobaW8JbgdHG9YhiW4P%2FNKMBdU2gqTUt6z8Bbrfi%2FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb348f0dde56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/blast.js | 188.114.97.1 | 200 OK | 78 kB |
URL GET HTTP/3claplivehdplay.ru/blast.js IP188.114.97.1:443
Requested byhttps://claplivehdplay.ru/premiumtv/daddyhd.php?id=27 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash091faec928970e76d37a3601c19fcf8a 6441e8eebe90eb8d4a40e7c25440ff99caba3520 eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
GET /blast.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/daddyhd.php?id=27
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:46 GMT
etag: W/"65e479e2-13040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHP8H%2FLSCtjx4LBGPIgWlEs0fJ41g36%2FfqTAkRM%2BrZx5C%2F%2BB0XsqCTFCAwRIvSEI6E%2FQeuNnfShHia7g8DOcUOWDr1zh3Gu8bOxLmmybE%2B6iAIhad%2Far6BuawrUJa77FskBvYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb34933d7fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| usstreamsgate.online/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 | 172.67.212.138 | 200 OK | 20 kB |
URL GET HTTP/3usstreamsgate.online/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
File typeASCII text, with very long lines (19564), with no line terminators Hash867585929ee8b21749cdefa675d9aa11 afbd7bc967068d4e804641f4b1df78ab37417144 bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 11:52:41 GMT
etag: W/"2f6263e-4c6c-6148eed715fad-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E6Ov1oQPLsm73KQnz9Anv%2BCnLeAjW7CsOzA7Ty41PbxAXh9CqD786V3ZPME%2BDSXDHwGHpbVPckkdFHDqfxTx3x8NdL2KSSkTT4o4prdhpHyIiRmmcv5XZcHuxAXJpARK3Jq%2B1ZHJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb347f39c60b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 20:22:52 GMT
date: Sat, 04 May 2024 20:22:52 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| traditionallyrecipepiteous.com/watch.327168796498.js?key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 | 192.243.59.12 | 307 Temporary Redirect | 3.3 kB |
URL GET HTTP/1.1traditionallyrecipepiteous.com/watch.327168796498.js?key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraditionallyrecipepiteous.com FingerprintC5:96:CF:B1:E4:A5:34:EC:37:89:CA:97:7E:35:7C:5C:00:54:6D:92 ValidityMon, 29 Apr 2024 13:00:48 GMT - Sun, 28 Jul 2024 13:00:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.327168796498.js?key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&tz=0&dev=e&res=14.2071&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1 HTTP/1.1
Host: traditionallyrecipepiteous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usstreamsgate.online
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://usstreamsgate.online
Access-Control-Allow-Origin: https://usstreamsgate.online
Access-Control-Allow-Credentials: true
Location: https://traditionallyrecipepiteous.com/watch.327168796498.js?dev=e&key=0f7aa6ec1bf13f572091ba2179d89352&kw=%5B%22chicago%22%2C%22cubs%22%2C%22vs%22%2C%22milwaukee%22%2C%22brewers%22%2C%22%E2%80%93%22%2C%22usstreamsgate%22%5D&pst=1714854231&refer=https%3A%2F%2Fusstreamsgate.online%2F2024%2F05%2F04%2Fchicago-cubs-vs-milwaukee-brewers%2F&res=14.2071&rmtc=t&shu=c17ad2d6ad77d7e07b6a4eaf69da079994c119a270a941d92f91e199f7f50fbea5b879523670c59c35498ed5ff4f800f8765ab7a47f7787af98d1ca07266df8d556327d8833919f33f51d888ed7bb40d7001332a5c1921d0ca0c52179ee54b&tz=0&uuid=bdfe1c92-e4c0-4b95-94f2-1254ada0c4cb%3A2%3A1
Set-Cookie: u_pl=22816233; expires=Sun, 05 May 2024 20:22:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjgxNjIzMywiayI6IjBmN2FhNmVjMWJmMTNmNTcyMDkxYmEyMTc5ZDg5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzA4ODgzLCJwaWQiOjE0NjExNTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjYsInB0Ijo0LCJwayI6Imsyd3FodGIyMTUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c3N0cmVhbXNnYXRlLm9ubGluZS8yMDI0LzA1LzA0L2NoaWNhZ28tY3Vicy12cy1taWx3YXVrZWUtYnJld2Vycy8iLCJhciI6W119fQ.XRR6ie7FIxAnZYciybisZVHgguKN6FbWM_QLUIXyGKw; expires=Sat, 04 May 2024 20:23:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7b137127637eb8a37b7c59f7bebb51c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| c.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:22:52 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 04 Jun 2024 20:22:52 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 360313
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb3491c93f56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| usstreamsgate.online/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 172.67.212.138 | 200 OK | 113 kB |
URL GET HTTP/3usstreamsgate.online/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP172.67.212.138:443
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerGoogle Trust Services LLC Subjectusstreamsgate.online Fingerprint0A:24:B6:C5:2E:3D:7D:15:0B:CE:80:43:63:8F:BE:13:CF:C5:87:04 ValiditySat, 23 Mar 2024 12:51:49 GMT - Fri, 21 Jun 2024 12:51:48 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: usstreamsgate.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:22:50 GMT
content-type: text/css
last-modified: Tue, 27 Feb 2024 14:48:23 GMT
etag: W/"2fc31a7-1bae5-6125e1e30bbc0-br"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IF945T79H%2BUg0XQUKeZ%2FwnhkVe1a6AevIBhn%2B88T5Q7HRvfjC%2BqeDiOpPcAX%2Bgotfqp8nOpgKK9DVj%2BkZVAze%2Fyw9PrqlKTmyh2EYjYHslX7c5jAPBjVzwvwEPlVHkfwBElFlG%2BcMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb347f39c30b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| traversefaultlessashamed.com/baa49a90f479a15b25692dc81c67392f/invoke.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1traversefaultlessashamed.com/baa49a90f479a15b25692dc81c67392f/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://usstreamsgate.online/2024/05/04/chicago-cubs-vs-milwaukee-brewers/ CertificateIssuerLet's Encrypt Subjecttraversefaultlessashamed.com Fingerprint8F:05:8D:B6:11:FD:7A:0D:96:48:E5:50:09:37:21:30:F2:24:ED:24 ValiditySat, 27 Apr 2024 07:49:59 GMT - Fri, 26 Jul 2024 07:49:58 GMT
File typeJavaScript source, ASCII text, with very long lines (31326), with no line terminators Hash0ae654b2490478bcb228e766266653a0 5debc80a5a918edcc997152e9d0433331f2387e2 b0c8c26bad3ed370d7a5b3202873fc378b9b288e030f6df7fa9bd89e18a30c5c
GET /baa49a90f479a15b25692dc81c67392f/invoke.js HTTP/1.1
Host: traversefaultlessashamed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usstreamsgate.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:22:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98268f2a8348e37ac8b8b75cbd1c8205
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| eephaush.com/5/4284414/?oo=1&aab=1 | 139.45.197.236 | 200 OK | 2.9 kB |
URL GET HTTP/2eephaush.com/5/4284414/?oo=1&aab=1 IP139.45.197.236:443
Requested byhttps://buddycenters.shop/embed/stream-27.php CertificateIssuerLet's Encrypt Subjecteephaush.com Fingerprint8A:EA:A6:49:EF:C2:9A:D9:47:5A:F1:99:15:49:BE:91:1C:1E:84:53 ValidityThu, 21 Mar 2024 05:16:27 GMT - Wed, 19 Jun 2024 05:16:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3195), with no line terminators Hash0d73aca2761ac021c4546d3b55363b08 61dc46c7a9637623521cee380273d14dff774b81 958f4acf3f4b50632f69f202850dbdc0ccb53b37ca55b157311c65005082f415
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/4284414/?oo=1&aab=1 HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://buddycenters.shop
DNT: 1
Connection: keep-alive
Referer: https://buddycenters.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 20:22:52 GMT
content-type: application/json
x-trace-id: a2eb9cbed35559acee9b3ebe54ddcf01
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://buddycenters.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080520dea374253e9977f5d8ba6ff4e; expires=Sun, 04 May 2025 20:22:52 GMT; path=/; secure; SameSite=None
oaidts=1714854172; expires=Sun, 04 May 2025 20:22:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|