| www.goal19.biz/chtv/ru.png | 188.114.96.1 | 200 OK | 216 B |
URL GET HTTP/3www.goal19.biz/chtv/ru.png IP188.114.96.1:443
Requested byhttps://www.goal19.biz/chtv/ch27.php CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typePNG image data, 182 x 121, 8-bit colormap, non-interlaced Hash14124102b4ea20d15fea44eebe3a271c 18080d1276ff6b0d021970bf2fb5ff41e5e6ee8c 57ed7257d589d646417a4de7d35b2704ea166e04f07ccd6b7ea0de388c837cd5
GET /chtv/ru.png HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/chtv/ch27.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: image/png
content-length: 216
last-modified: Fri, 19 Apr 2024 09:20:52 GMT
etag: "66223774-d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 88097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FGv2qdDK1WbJP5UHYgyyZ0YJCG8M1rSGscMVPjTH8s7PtIX1hXkxJoI9gsGcKuLtvRL5%2FrAjFsDQ9%2Bk%2B1Hzn%2F1hn%2FJ0ofIWkP1Ehxdr8HPb4jU%2FpI0af4ESeF%2FX8XM8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb05d6cc3b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.goal19.biz/live.gif | 188.114.96.1 | 200 OK | 138 B |
IP188.114.96.1:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typeGIF image data, version 89a, 8 x 8 Hash70cd3712cefcfff30931b32152115102 63103067b482530a2788d32ca2f47d1c781b31f6 2f4c64bc044b916efbf1235d0ca6f8d7dfccf526577e2ba6888f535a979393bc
GET /live.gif HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/chtv/sps.php?ch=17
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: image/gif
content-length: 138
last-modified: Fri, 19 Apr 2024 09:20:23 GMT
etag: "66223757-8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 686814
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwwmArkc5fGFIAUFB%2BvbH6XXLO4%2FyHuGVX%2BhQsuwOHBeEX88vUob92YoNWowAA42CQ%2Fm9BG6qxTzybwKlJQ%2BFL9ODj%2BwRohNEf5dgvHiJusieLNKWaWcPLNlYagfZm1m9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb05ddda4b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.goal19.biz/white.png | 188.114.96.1 | 200 OK | 1.2 kB |
IP188.114.96.1:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typePNG image data, 588 x 454, 8-bit colormap, non-interlaced Hash613678c01b1604d5cd1e515517e095a1 cb306e19705d9e1da2aa1487283b7f9f69ad330a ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
GET /white.png HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/chtv/sps.php?ch=17
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: image/png
content-length: 1220
last-modified: Fri, 19 Apr 2024 09:20:22 GMT
etag: "66223756-4c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 695030
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRbiumu1PpAIFMjsy7tHEuUVjxESvSMU5bOWxW41Fj46zwQ0GjC3EE2EsvACohRL5e127nWQxqVow76ywkhV%2Bd7tDsXz8NzOXP%2FZ8VeKiwnE3cvVJBXe7PNydWwgwA42Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb05ddd9cb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js | 151.101.129.229 | 200 OK | 58 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js IP151.101.129.229:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb918a2715e5090b0d6dbd00c85377b4e 39aeed3c73b34661b4085afcd2321e2141bbcc9e 40e0be1f17c323e84cd387c13e3191628992bc687e2046bca724ba609b92cb0b
GET /npm/swarmcloud-hls@latest/dist/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.9.16
x-jsd-version-type: version
etag: W/"2d729-Oa7tPHOzRmG0CFr80jIeIUG7zJ4"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 16158
x-served-by: cache-fra-eddf8230112-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58381
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/clappr@latest | 151.101.129.229 | 200 OK | 145 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/clappr@latest IP151.101.129.229:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145133 bytes) Hashf55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
GET /npm/clappr@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 16342
x-served-by: cache-fra-etou8220050-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js | 151.101.129.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js IP151.101.129.229:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (30387) Hash1b142ebaf5f868c4c11a73ffe9175afb aa8b49bab8e92ff04d17a5a2c7c0dafc426e2fe9 df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 5665
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10804
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 1050969
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 600843
x-timer: S1715194788.093916,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js | 151.101.129.229 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js IP151.101.129.229:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3097), with no line terminators Hash7d05b4c5566462b564acc78569c8ee5a 48b8edb405bc75c0e30038ba2754f685b8689167 a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
GET /npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.8.10
x-jsd-version-type: version
etag: W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 16877
x-served-by: cache-fra-etou8220118-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1198
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-latest.js | 151.101.194.137 | 200 OK | 84 kB |
URL GET HTTP/2code.jquery.com/jquery-latest.js IP151.101.194.137:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash3d93b072d14f2bd1ede58f4847f537fd 73e5d044bd153dd912930e8be433059454ce19cd 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-4508e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 20394170
x-served-by: cache-lga21958-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 757, 485755
x-timer: S1715194788.105822,VS0,VE0
vary: Accept-Encoding
content-length: 83875
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-migrate-1.2.1.min.js | 151.101.194.137 | 200 OK | 3.1 kB |
URL GET HTTP/2code.jquery.com/jquery-migrate-1.2.1.min.js IP151.101.194.137:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7085) Hasheb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 20290993
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 107060
x-timer: S1715194788.262762,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.11.0.min.js | 151.101.194.137 | 200 OK | 33 kB |
URL GET HTTP/2code.jquery.com/jquery-1.11.0.min.js IP151.101.194.137:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32341) Hash8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1787d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 18:59:48 GMT
age: 20290993
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 2, 120425
x-timer: S1715194788.266953,VS0,VE0
vary: Accept-Encoding
content-length: 33357
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js IP142.250.74.170:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32033) Hashd4162c9d7e520a5de05001be6e741899 0baf29230047c9cd896f14c59618c9948ea79451 2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:31 GMT
expires: Fri, 02 May 2025 01:53:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 579977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080567833de4d58f251dff84e78b79d | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080567833de4d58f251dff84e78b79d IP139.45.195.8:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashbf49844b08abfa4ae03e124afcbc0733 6f093d843678fc420e29a7fef17828b908db7c1b 8f69ad055d1cadcdd5952756012af797f370894af73c46d9bc11e7d676070062
GET /gid.js?userId=0080567833de4d58f251dff84e78b79d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.goal19.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080567833de4d58f251dff84e78b79d; expires=Thu, 08 May 2025 18:59:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| speci4leagle.com/embedws.php?player=desktop&live=spstream17 | 104.21.26.244 | 200 OK | 39 kB |
URL GET HTTP/2speci4leagle.com/embedws.php?player=desktop&live=spstream17 IP104.21.26.244:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerGoogle Trust Services LLC Subjectspeci4leagle.com FingerprintB0:D0:B6:7B:AD:B2:E7:E6:A6:65:17:2A:15:E3:18:7C:34:2D:F5:B8 ValidityFri, 12 Apr 2024 07:44:36 GMT - Thu, 11 Jul 2024 07:44:35 GMT
File typeJavaScript source, ASCII text, with very long lines (1232) Hashab4adfb5c57dbcf55e19172211daec41 d2b78a2c9590a311cf3aebc358ed44f9999c199b 22492ad85f4245aea128984778c0a1050ec06120b083ac64612251698f7f4f67
GET /embedws.php?player=desktop&live=spstream17 HTTP/1.1
Host: speci4leagle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFrG0%2B%2FnhnTu4tVTkOmkwdpAzMLz876XUvmlUmgqGsY7En5bx4uPe6mKPm%2FO9KCmakaw1ZgWmDntHo7uKz1fuLhrW9rUKnqBL0tkSzixWjNy9%2FHuZedIUiUO4WrdSiqJv3JP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb05e6f34568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 IP139.45.195.8:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashbf49844b08abfa4ae03e124afcbc0733 6f093d843678fc420e29a7fef17828b908db7c1b 8f69ad055d1cadcdd5952756012af797f370894af73c46d9bc11e7d676070062
GET /gid.js?userId=h3kv370246vv131535462y6t2gtjx021 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Cookie: ID=0080567833de4d58f251dff84e78b79d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.goal19.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080567833de4d58f251dff84e78b79d; expires=Thu, 08 May 2025 18:59:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:2087
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.goal19.biz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb067ff9356be-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.goal19.biz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb067e8bcb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.goal19.biz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| nabauxou.net/5/7387589 | 139.45.197.245 | 200 OK | 36 kB |
IP139.45.197.245:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectnabauxou.net Fingerprint5C:68:BC:04:67:32:92:60:99:B0:5D:39:78:E9:FE:AD:6F:58:7A:1C ValidityFri, 15 Mar 2024 05:26:30 GMT - Thu, 13 Jun 2024 05:26:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf7aba28071134c6f01303c4d9c114a3b aab97980abca12edfd5dad1b14b7cbb160820145 483bae2766c5f475752cecb1e8673df5d1379a7f0ffca9919abf117a9d00eceb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7387589 HTTP/1.1
Host: nabauxou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:47 GMT
content-type: application/javascript
x-trace-id: 5ab911f9a3ab03813ea3fe9b6110abf0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080567833de4d58f251dff84e78b79d; expires=Thu, 08 May 2025 18:59:47 GMT; path=/; secure; SameSite=None
oaidts=1715194787; expires=Thu, 08 May 2025 18:59:47 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 IP139.45.195.8:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashbf49844b08abfa4ae03e124afcbc0733 6f093d843678fc420e29a7fef17828b908db7c1b 8f69ad055d1cadcdd5952756012af797f370894af73c46d9bc11e7d676070062
GET /gid.js?userId=h3kv370246vv131535462y6t2gtjx021 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Cookie: ID=0080567833de4d58f251dff84e78b79d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.goal19.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080567833de4d58f251dff84e78b79d; expires=Thu, 08 May 2025 18:59:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb0699e96b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 812 B |
IP162.252.214.5:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash5499aeedfa4ce5781092ccaae88478df cb01afe468cefe701bb92c82a73d3a31b8a3a5bd 2f6d4661aa7d693b990dda56c863838e13d3f59b416c780064b7c9c6cb5e49ef
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1589
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.goal19.biz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| 8ovjkox5zhdt.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/28ovjkox5zhdt.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 8ovjkox5zhdt.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:49 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=h3kv370246vv131535462y6t2gtjx021 IP139.45.195.8:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashbf49844b08abfa4ae03e124afcbc0733 6f093d843678fc420e29a7fef17828b908db7c1b 8f69ad055d1cadcdd5952756012af797f370894af73c46d9bc11e7d676070062
GET /gid.js?userId=h3kv370246vv131535462y6t2gtjx021 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Cookie: ID=0080567833de4d58f251dff84e78b79d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.goal19.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080567833de4d58f251dff84e78b79d; expires=Thu, 08 May 2025 18:59:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 8ovjkox5zhdt.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/28ovjkox5zhdt.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 8ovjkox5zhdt.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:50 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| blockadsnot.com/uajwglvasgyvebkw?BNuxYMXR=BQLyAAAAAAAACZUAAiVP2yltntGU5648qJ6BwYKpN1LssB443yR3HddOjDKJfI3yO0IeQokFV68um5i1zeADS0CnyTNQGJ5N-3swfivKTpU-sd9xYb6BSvxrY6WiHC5RemfxpJU56Vc6r67SIsGFwhUNvo7u5TKNMfABBy8xnPYaWET0xugdabkvO7Za47fOXkflagSII1WCztccivgZJw6hi3JRjXUcUPLlgXnJGZghMZtvT7Asd4IRnpr8BIgKXlbeqXXsj1Kb0OvuUcNCtZImXcDFIMfF11zQox5gOYqd4-3Yi1InF_8kLLXBwXWx3WpYUETYXBrxidDnCYbYH1rrhGM9dVhc_iX4FpPtejWuDdhbS7hy250PqTxGam1kBCrYpbfRMEiEmg_s3kIdKFFF8g5fymHEhm4jzB0nH5ILo-sLLKuV8r26BFonOc1jzKJRE_LQNzHm3FdAGzOcnE7bW_UEiEvZlYz_4TOfIG4PRb9KKUmlLu4s0wFDul0aE8nnc9l6AAfJuwDp86COE8WE4t1wJ0VaStuPX2pzH3FaYR5ctLNOhjm6eDv6tTqNNdwUZCtZu54s_Aq3XIe74xqImYAgEEJ7o7EibXucZhrvABqU4UPXJt8RgNUkM1Smg20NbHydnZ-MbjKk3vgnszJRtPW-X59dPKIDA55BAT_20hegh9ystF1kice2j02UkG91k148dtvWXzH2JCmdC3j0t_vuqXg6FTazXzovOrWWXhmTztHT8Rsy_UGrjQxEHShgdvexCkR5szWAC_OiBIArON9ekNTKWTgoSgTXf2xJHFk1LoxMO27Fnjdzo8x3ry5NclZq_jzUMUfX82uaRsVA3S0DDXwVCWfpzG2zHfd76qqcmzBUghvpXMi8LMQyQcqTNJulIPCNX_QxgJoGsaCKHjmPHYkecgxcuNUK6DHKq5FxqcIR8EGJROGTNpH982At8S62_rZfbyAQhS67INaVsZ76f-ffY9efsRUFDECep8yHs26oB-amRGLl&gLtqWscX=4&ftpQMDPU=5092688&lcCRfAIB=&hFHJxQGM=0,0&wjpiGlHN=&TCQPMHnq=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&s=1280,1024,1,1280,1024,1 | 208.95.112.254 | 200 OK | 44 B |
URL GET HTTP/2blockadsnot.com/uajwglvasgyvebkw?BNuxYMXR=BQLyAAAAAAAACZUAAiVP2yltntGU5648qJ6BwYKpN1LssB443yR3HddOjDKJfI3yO0IeQokFV68um5i1zeADS0CnyTNQGJ5N-3swfivKTpU-sd9xYb6BSvxrY6WiHC5RemfxpJU56Vc6r67SIsGFwhUNvo7u5TKNMfABBy8xnPYaWET0xugdabkvO7Za47fOXkflagSII1WCztccivgZJw6hi3JRjXUcUPLlgXnJGZghMZtvT7Asd4IRnpr8BIgKXlbeqXXsj1Kb0OvuUcNCtZImXcDFIMfF11zQox5gOYqd4-3Yi1InF_8kLLXBwXWx3WpYUETYXBrxidDnCYbYH1rrhGM9dVhc_iX4FpPtejWuDdhbS7hy250PqTxGam1kBCrYpbfRMEiEmg_s3kIdKFFF8g5fymHEhm4jzB0nH5ILo-sLLKuV8r26BFonOc1jzKJRE_LQNzHm3FdAGzOcnE7bW_UEiEvZlYz_4TOfIG4PRb9KKUmlLu4s0wFDul0aE8nnc9l6AAfJuwDp86COE8WE4t1wJ0VaStuPX2pzH3FaYR5ctLNOhjm6eDv6tTqNNdwUZCtZu54s_Aq3XIe74xqImYAgEEJ7o7EibXucZhrvABqU4UPXJt8RgNUkM1Smg20NbHydnZ-MbjKk3vgnszJRtPW-X59dPKIDA55BAT_20hegh9ystF1kice2j02UkG91k148dtvWXzH2JCmdC3j0t_vuqXg6FTazXzovOrWWXhmTztHT8Rsy_UGrjQxEHShgdvexCkR5szWAC_OiBIArON9ekNTKWTgoSgTXf2xJHFk1LoxMO27Fnjdzo8x3ry5NclZq_jzUMUfX82uaRsVA3S0DDXwVCWfpzG2zHfd76qqcmzBUghvpXMi8LMQyQcqTNJulIPCNX_QxgJoGsaCKHjmPHYkecgxcuNUK6DHKq5FxqcIR8EGJROGTNpH982At8S62_rZfbyAQhS67INaVsZ76f-ffY9efsRUFDECep8yHs26oB-amRGLl&gLtqWscX=4&ftpQMDPU=5092688&lcCRfAIB=&hFHJxQGM=0,0&wjpiGlHN=&TCQPMHnq=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&s=1280,1024,1,1280,1024,1 IP208.95.112.254:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subjectblockadsnot.com Fingerprint96:00:00:44:50:47:F4:4D:23:DB:EE:86:80:A0:C4:5F:3A:EA:F5:03 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /uajwglvasgyvebkw?BNuxYMXR=BQLyAAAAAAAACZUAAiVP2yltntGU5648qJ6BwYKpN1LssB443yR3HddOjDKJfI3yO0IeQokFV68um5i1zeADS0CnyTNQGJ5N-3swfivKTpU-sd9xYb6BSvxrY6WiHC5RemfxpJU56Vc6r67SIsGFwhUNvo7u5TKNMfABBy8xnPYaWET0xugdabkvO7Za47fOXkflagSII1WCztccivgZJw6hi3JRjXUcUPLlgXnJGZghMZtvT7Asd4IRnpr8BIgKXlbeqXXsj1Kb0OvuUcNCtZImXcDFIMfF11zQox5gOYqd4-3Yi1InF_8kLLXBwXWx3WpYUETYXBrxidDnCYbYH1rrhGM9dVhc_iX4FpPtejWuDdhbS7hy250PqTxGam1kBCrYpbfRMEiEmg_s3kIdKFFF8g5fymHEhm4jzB0nH5ILo-sLLKuV8r26BFonOc1jzKJRE_LQNzHm3FdAGzOcnE7bW_UEiEvZlYz_4TOfIG4PRb9KKUmlLu4s0wFDul0aE8nnc9l6AAfJuwDp86COE8WE4t1wJ0VaStuPX2pzH3FaYR5ctLNOhjm6eDv6tTqNNdwUZCtZu54s_Aq3XIe74xqImYAgEEJ7o7EibXucZhrvABqU4UPXJt8RgNUkM1Smg20NbHydnZ-MbjKk3vgnszJRtPW-X59dPKIDA55BAT_20hegh9ystF1kice2j02UkG91k148dtvWXzH2JCmdC3j0t_vuqXg6FTazXzovOrWWXhmTztHT8Rsy_UGrjQxEHShgdvexCkR5szWAC_OiBIArON9ekNTKWTgoSgTXf2xJHFk1LoxMO27Fnjdzo8x3ry5NclZq_jzUMUfX82uaRsVA3S0DDXwVCWfpzG2zHfd76qqcmzBUghvpXMi8LMQyQcqTNJulIPCNX_QxgJoGsaCKHjmPHYkecgxcuNUK6DHKq5FxqcIR8EGJROGTNpH982At8S62_rZfbyAQhS67INaVsZ76f-ffY9efsRUFDECep8yHs26oB-amRGLl&gLtqWscX=4&ftpQMDPU=5092688&lcCRfAIB=&hFHJxQGM=0,0&wjpiGlHN=&TCQPMHnq=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb3
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Wed, 08 May 2024 18:59:50 GMT
X-Firefox-Spdy: h2
|
|
| 8ovjkox5zhdt.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/28ovjkox5zhdt.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 8ovjkox5zhdt.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:50 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| normandy.cdn.mozilla.net/api/v1/ | 35.201.103.21 | | 598 B |
URL normandy.cdn.mozilla.net/api/v1/ IP35.201.103.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: form-action 'self'; block-all-mixed-content; default-src 'self' https://normandy.cdn.mozilla.net/; base-uri 'none'; object-src 'none'; worker-src 'none'; frame-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Tue, 07 May 2024 23:46:24 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 69214
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash0f0c92b0553e28bc51a9facaac3d6e43 3d6b7314b113df278e09db6eadc7489f4c0f6bbc 6368b55a2258b1748006b1aab0c82fa7c6f8d54b67a7de75fbf049b590327862
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:58 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=amD-ataCq08ZGMBbm6n4VqpDTx94dXND84dQKOvQgOh0Vxxw8Ho6rYSyS1-kOXLBcxkp0ERTpFcHCV8VnqQ7ig038W0zjoKO771MiEpHoD8_k5IzZaq5og81a5pIyXL6
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Wed, 08 May 2024 18:57:47 GMT
age: 138
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.goal19.biz/favicon.ico | 188.114.96.1 | 404 Not Found | 209 B |
URL GET HTTP/3www.goal19.biz/favicon.ico IP188.114.96.1:443
Requested byhttps://www.goal19.biz/chtv/ch27.php CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typeHTML document, ASCII text, with no line terminators Hash8ace35f18ab1832bacfde13597767517 22e4ee51bbdba11b19a2d6879bc60126dc89eecd f87134d32dc903f27ed9c905bfd824f31192dac9e05887b2dedbb1ca416d1280
GET /favicon.ico HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/chtv/ch27.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 08 May 2024 18:59:47 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5m029TxhFtAsuvdqrjFLPx0Y2ODXCTG2rrGuGIjPPqndBLnLpmMIyFaGhhEcE9nF%2F%2FO0XObZM9K0risHrnM2KllshrLDEqRKUlARcajRqH6X1TZpcvKsp7hr3m4nMiUAWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb05d8d12b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| speci4leagle.com/css/embed.css?ver=1.4.4 | 104.21.26.244 | 200 OK | 537 B |
URL GET HTTP/3speci4leagle.com/css/embed.css?ver=1.4.4 IP104.21.26.244:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGoogle Trust Services LLC Subjectspeci4leagle.com FingerprintB0:D0:B6:7B:AD:B2:E7:E6:A6:65:17:2A:15:E3:18:7C:34:2D:F5:B8 ValidityFri, 12 Apr 2024 07:44:36 GMT - Thu, 11 Jul 2024 07:44:35 GMT
File typeASCII text, with very long lines (621), with no line terminators Hashde49beed17d930d6791cb4a9baa192d6 94f2019b48859afa1f1db4d4406c5db18c9b2072 92162c0c70fd45b51166adea046978d8fe827db144946385d2c5cf6dc2603462
GET /css/embed.css?ver=1.4.4 HTTP/1.1
Host: speci4leagle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/embedws.php?player=desktop&live=spstream17
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: text/css
last-modified: Fri, 29 Oct 2021 09:08:53 GMT
vary: Accept-Encoding
etag: W/"617bba25-219"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6lLbhzSJ%2BUmnybNYwITLaxoR3u4%2FJVka7vcjTY5yBZkfmzyFFSbi%2FHkmqjWDXF0%2BjNy7NmPRfJv3XA%2BpjPlFLk%2FS81DS2YRIIC2lKbTF71a4IYJd0YaLJZjahC2Ig1gsQNp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb0608c6c5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.goal19.biz/chtv/ch27.php | 188.114.96.1 | 200 OK | 1.2 kB |
URL User Request GET HTTP/2www.goal19.biz/chtv/ch27.php IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1297), with no line terminators Hashf1298f4c69810d67ef25474e5efb24e6 769e730e4c2f9f0fc5e350e1697a481b70e211ae d6903eb927bb7dffed0dd2061f76d8ec112508895927e21bf34b955c0e512ecf
GET /chtv/ch27.php HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.26
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tth3WBIORJmfwsIaAhEojwMY047ueCMrn9UsJWfgmkZ7265yau19735I9mC874IIbFc%2BkZ17rJsA1LSJCeKTkpOL0Vvpjat29DicI%2BAirMUSq2GSXE97kzi%2BvktlqPLWVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb0598dba56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.goal19.biz/chtv/sps.php?ch=17 | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3www.goal19.biz/chtv/sps.php?ch=17 IP188.114.96.1:443
Requested byhttps://www.goal19.biz/chtv/ch27.php CertificateIssuerLet's Encrypt Subjectgoal19.biz FingerprintE8:CC:E9:F1:8F:1E:18:2B:6A:C6:2E:AA:4D:A9:78:5A:34:FE:94:81 ValidityMon, 15 Apr 2024 12:11:06 GMT - Sun, 14 Jul 2024 12:11:05 GMT
File typeHTML document, ASCII text, with very long lines (3026), with no line terminators Hash094369d2bb4ca943775a66682464f4ce 6f0b5ff9326bc82423b555cb86aff8e4a43785c6 133da551765cdcc065dc14645f3c638bea0168ce6e254233c15134f26696a063
GET /chtv/sps.php?ch=17 HTTP/1.1
Host: www.goal19.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/chtv/ch27.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.26
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B%2F%2FE2yhK%2BqWIJ5ss%2Ba4HNZmF55%2FRKVU7TtUOGgnZ%2BYEDVdAXbx2zz6tJ1djyiI0vCF3bsgFknNV%2B2D4ZscqV6iRQBdPw%2Fzi7OwUxKCTdRyq%2BNJOybC6CTOS0m2Ko1nAxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb05d5ca7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| speci4leagle.com/blast.js | 104.21.26.244 | 200 OK | 78 kB |
URL GET HTTP/3speci4leagle.com/blast.js IP104.21.26.244:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGoogle Trust Services LLC Subjectspeci4leagle.com FingerprintB0:D0:B6:7B:AD:B2:E7:E6:A6:65:17:2A:15:E3:18:7C:34:2D:F5:B8 ValidityFri, 12 Apr 2024 07:44:36 GMT - Thu, 11 Jul 2024 07:44:35 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash091faec928970e76d37a3601c19fcf8a 6441e8eebe90eb8d4a40e7c25440ff99caba3520 eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
GET /blast.js HTTP/1.1
Host: speci4leagle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/embedws.php?player=desktop&live=spstream17
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 23:56:20 GMT
vary: Accept-Encoding
etag: W/"63420e24-13040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5411
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0l1QjCcHeEIlQ9Thz4kLK%2Fp8qNqdlwsyovIisrFegpZ1oLaEWjX4R0tvwPwpWrOWfEOugYZol49hjdC9zpv%2FiC2AhlmXWoAnoFN2%2FUpmKUZRIdfZV6dYrDXitnm9Fg0wuIkX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bb0609c875685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 4.adsco.re:2087/ | 162.252.214.5 | 200 OK | 0 B |
IP162.252.214.5:2087
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.goal19.biz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| www.blockadsnot.com/noEgI/cC/jhogan.min.js | 185.76.9.15 | 200 OK | 37 kB |
URL GET HTTP/2www.blockadsnot.com/noEgI/cC/jhogan.min.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subject1158060716.rsc.cdn77.org Fingerprint10:08:2B:8D:3F:3E:D5:9D:80:D3:F4:CF:0A:39:67:D3:CD:2B:9C:C1 ValidityTue, 30 Apr 2024 06:35:33 GMT - Mon, 29 Jul 2024 06:35:32 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hash1a7dcdd3a98398fdaf70115ba8d85cf8 2680c740f20420cfed3a8c298097ead2c9be8dd2 5ab722dc4dce165543a0b4b7ffd7b21b61f8a6cb2f403f2e3ae10c1747579197
GET /noEgI/cC/jhogan.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb9
expires: Wed, 15 May 2024 18:51:03 GMT
access-control-allow-origin: https://www.goal19.biz
link: <https://blockadsnot.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJDQH3tQEAAAwBuUwKEwH3UQAAAAwBnJIhHwH3BgAAAA
x-77-nzt-ray: c0a4cc28c80dba8fa3cb3b665f455225
x-accel-expires: @1715799063
x-accel-date: 1715194350
x-77-cache: HIT
x-77-age: 437
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 437
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:48 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 08 Jun 2024 18:59:48 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 261786
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb06169e11c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 37 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (32033) Hash5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 10/31/2023 19:27:53
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 1a04ea32b2f4b219188fda8349c8680c
cdn-cache: HIT
cf-cache-status: HIT
age: 686870
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880bb060dd220b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 82 kB |
IP104.17.167.186:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.goal19.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 08 Jun 2024 18:59:49 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 261787
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb0676a76b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| speci4leagle.com/css/site.css | 104.21.26.244 | 200 OK | 199 B |
URL GET HTTP/3speci4leagle.com/css/site.css IP104.21.26.244:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerGoogle Trust Services LLC Subjectspeci4leagle.com FingerprintB0:D0:B6:7B:AD:B2:E7:E6:A6:65:17:2A:15:E3:18:7C:34:2D:F5:B8 ValidityFri, 12 Apr 2024 07:44:36 GMT - Thu, 11 Jul 2024 07:44:35 GMT
File typeASCII text, with no line terminators Hash1c0354d5d809202b32e2767fd752d997 3ae81b6a2f708ebb1baa145d25dc061ebd93be57 bb217a86ff30bcaa4bb0d0dabc9809fe4da66226cb9dc7f5b3bc16fa0e781ad0
GET /css/site.css HTTP/1.1
Host: speci4leagle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/embedws.php?player=desktop&live=spstream17
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:59:47 GMT
content-type: text/css
last-modified: Fri, 29 Oct 2021 09:54:42 GMT
etag: W/"617bc4e2-c7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kC%2FbPA9IcPoHdh6j7y9Zm2P6Gq4sSXrdtceyK80iXhzCmzSzdWOCVkcSqdOn890MLXHuCEXs6gsv3HOHH9chOK0XwsaO1ugj%2FjdFx3TU67jx4GeMk3dE%2FwPNtykDQpiSW5q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bb0608c845685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nabauxou.net/?rb=8bQ2QRtj7N4P1UUBSn3GdlL9XFuNTKEB6JTGCPdwtJq9hpXOyEhNdjWk5kaopOPw06LJo1eIr3HyihwScQRIwayNHVROZ_mtTlRT7DBpxfj4K6V9FQXdq2pN1qtvXqmq0U19RY84vwYaXbIIQ0T_azxBA8nTDkBifDYZwGi8_WeaWNkyCsawqrup7jboqibPp-IUIW_Ds4b4qG0LD1maLnPNS94nUt1K-d9ul2NhNNeqED1tr8PmUS4IIs0vscRJeqPPn91LXMc%3D&request_ab2=0&zoneid=7387589&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fsps.php%3Fch%3D17&drf=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=e54175cd-5a4b-4e26-bda9-c6ebc093de1b&wasm=1&userId=h3kv370246vv131535462y6t2gtjx021&m=link | 139.45.197.245 | 200 OK | 2.4 kB |
URL GET HTTP/2nabauxou.net/?rb=8bQ2QRtj7N4P1UUBSn3GdlL9XFuNTKEB6JTGCPdwtJq9hpXOyEhNdjWk5kaopOPw06LJo1eIr3HyihwScQRIwayNHVROZ_mtTlRT7DBpxfj4K6V9FQXdq2pN1qtvXqmq0U19RY84vwYaXbIIQ0T_azxBA8nTDkBifDYZwGi8_WeaWNkyCsawqrup7jboqibPp-IUIW_Ds4b4qG0LD1maLnPNS94nUt1K-d9ul2NhNNeqED1tr8PmUS4IIs0vscRJeqPPn91LXMc%3D&request_ab2=0&zoneid=7387589&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fsps.php%3Fch%3D17&drf=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=e54175cd-5a4b-4e26-bda9-c6ebc093de1b&wasm=1&userId=h3kv370246vv131535462y6t2gtjx021&m=link IP139.45.197.245:443
Requested byhttps://www.goal19.biz/chtv/sps.php?ch=17 CertificateIssuerLet's Encrypt Subjectnabauxou.net Fingerprint5C:68:BC:04:67:32:92:60:99:B0:5D:39:78:E9:FE:AD:6F:58:7A:1C ValidityFri, 15 Mar 2024 05:26:30 GMT - Thu, 13 Jun 2024 05:26:29 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2412), with no line terminators Hashc1c5ac75497c8b4b34bd5be34e74922f e650a8717ef0a8e3ba9b33769e5aabbf37b589eb 045a5210e6ef34aef2a91eff9723f569e2195d874e56757ef8ea77ccfdb96e03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=8bQ2QRtj7N4P1UUBSn3GdlL9XFuNTKEB6JTGCPdwtJq9hpXOyEhNdjWk5kaopOPw06LJo1eIr3HyihwScQRIwayNHVROZ_mtTlRT7DBpxfj4K6V9FQXdq2pN1qtvXqmq0U19RY84vwYaXbIIQ0T_azxBA8nTDkBifDYZwGi8_WeaWNkyCsawqrup7jboqibPp-IUIW_Ds4b4qG0LD1maLnPNS94nUt1K-d9ul2NhNNeqED1tr8PmUS4IIs0vscRJeqPPn91LXMc%3D&request_ab2=0&zoneid=7387589&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fsps.php%3Fch%3D17&drf=https%3A%2F%2Fwww.goal19.biz%2Fchtv%2Fch27.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=e54175cd-5a4b-4e26-bda9-c6ebc093de1b&wasm=1&userId=h3kv370246vv131535462y6t2gtjx021&m=link HTTP/1.1
Host: nabauxou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.goal19.biz/
Origin: https://www.goal19.biz
DNT: 1
Connection: keep-alive
Cookie: OAID=0080567833de4d58f251dff84e78b79d; oaidts=1715194787
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:49 GMT
content-type: application/json
x-trace-id: 0982597a40d679fd5af63b4a82d9effe
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.goal19.biz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=h3kv370246vv131535462y6t2gtjx021; expires=Thu, 08 May 2025 18:59:49 GMT; path=/; secure; SameSite=None
oaidts=1715194789; expires=Thu, 08 May 2025 18:59:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 18:59:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| zouzougri.net/5/7389793 | 139.45.197.244 | 200 OK | 94 kB |
IP139.45.197.244:443
Requested byhttps://speci4leagle.com/embedws.php?player=desktop&live=spstream17 CertificateIssuerLet's Encrypt Subjectzouzougri.net Fingerprint38:C3:EB:91:CD:43:AD:99:97:16:00:76:1C:CF:DE:AF:63:48:93:83 ValidityThu, 25 Apr 2024 00:22:13 GMT - Wed, 24 Jul 2024 00:22:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc5e68945db04a5247c6816f14fe48547 b9f4d1a02ab11fb2c9b7d09c816ddae2fbcf1788 a4d98738bdcee62a8fda3f6fa7d914cfdb31fa99ca7a2d2d2ef083e3c5f05176
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7389793 HTTP/1.1
Host: zouzougri.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://speci4leagle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 18:59:48 GMT
content-type: application/javascript
x-trace-id: 43c5c5ece99757e510d584454a136efc
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080568a4fc54c3bf5e66437b55f4ac7; expires=Thu, 08 May 2025 18:59:48 GMT; path=/; secure; SameSite=None
oaidts=1715194788; expires=Thu, 08 May 2025 18:59:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|