| listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 | 172.67.208.196 | 200 OK | 39 kB |
URL User Request GET HTTP/2listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 IP172.67.208.196:443
CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (463) Hash894053dd204bace92b9b5ebe8d9216a9 1178be6d5561046ebf23c64ced6153f2412808aa 96c64c0f63d37644769efaf9452a8afc32ef55d5505b4db547121a7c3722bcbf
GET /v/4bQVOj7oAe45wKm/HA.mp4 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 17:46:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQkRp4cK1AVQWmj5nNC4dBPSPPLTB8bMCgkAnweJfYn8mKeouBzZVK2PbIES4nvfxJaHeiLBysRAJde62N0TKpjHIaecb%2FjxofZcSH6vqslS9oogilceKCmGGKzYPVPP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9f7d8a5569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 | 216.58.207.227 | 200 OK | 30 kB |
URL GET HTTP/2fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 IP216.58.207.227:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 30240, version 1.0 Hash2a51724cb1aefe32e3183a8e138189cc c8f36c7eee7c868b5cba392e353d47180643f5f1 964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:31:58 GMT
expires: Fri, 18 Apr 2025 17:31:58 GMT
cache-control: public, max-age=31536000
age: 519281
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| listeamed.net/e/306655524b6e336b45613031734f69 | 172.67.208.196 | 200 OK | 53 kB |
URL GET HTTP/3listeamed.net/e/306655524b6e336b45613031734f69 IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (48581) Hash31d03aced66707057019937162067b84 e2a93a5129b35cbfda44496ff04cf56979fb2b94 630633d1e33a549b6b6853b75d1b020117e1b184d64152dad3bd80c770a816a1
GET /e/306655524b6e336b45613031734f69 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JkvnEYBxuKqnx3aeUGRGrdTPdOXVn1udyEs3BjDeS4xgKxKvN7joz8qb%2BB90jbkJGssnCyQ2hAGmIJpgDpBKlwEnuRxoLnfxLt5VRUYmsQ6xE5ocXB2n9xUEi8wzXVg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9fd7d421c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a | 172.67.208.196 | 200 OK | 46 kB |
URL GET HTTP/3listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeUnicode text, UTF-8 text, with very long lines (65305) Hash025df1ec88740cad5ff14bb3380da6dd 7abed070e37ce060c0a561575f1d41a7f248fc74 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
GET /assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:31:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1TlvMW98eP1tXNi85BJCGSfVZxx1bMohAtyCQD5WgB%2FMBH8PD6fAmwR5wwfAiDnZtAMREq0RCRkKvuButoadvzvhHI5ORpkvQ2gN7r%2F5KYI%2FjmemVK%2FrAUbXG4YuwzV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9fa9a261c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js | 192.243.59.13 | 200 OK | 31 kB |
URL GET HTTP/1.1okaydisciplemeek.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectokaydisciplemeek.com Fingerprint66:C7:C8:9B:E8:68:D4:DB:8D:92:05:DD:C9:8E:61:83:F9:73:04:5A ValidityMon, 25 Mar 2024 09:21:59 GMT - Sun, 23 Jun 2024 09:21:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4f359df43f6b87ccb4769412a8ad1290 6cd72239d4f5dc69f9a222d23e8edc9f3fbf1f2e 24f653ed13b8231e6e396edb26542ed74c0ce8f58f9aef7f2693caf3c0d6c199
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js HTTP/1.1
Host: okaydisciplemeek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 17:46:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_layer=0; expires=Sat, 27 Apr 2024 17:46:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d488dc7220cb05a9c456ccb96ae5ddfd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash94e53994b1743c805b3867d17db9812c 9477b7dae49d7e05132d3490b79f84cc3189b3f8 d06b650d49b24fb078a13542c25b3682e42455688ce0e342b944f161f89329d1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f6803774-5188-4c74-8976-e693ae1d449b:3:1; expires=Sat, 22 Apr 2034 17:46:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 32 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 13bc8aec1797fb02f6aa41b8a68a8573
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 17:46:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uH09dZRWZq5BWUUNcmG8maYo%2FXQy5kXzOrd7blOmSmeNJQA7lE31nyvCi7uPj55XJvZIQcqcaWL8zIQ%2B5KvBQBfLy1iqHtAA8yUxl%2FoD4HCoS95XUVkauMfkNrQ5c3YPaUQqpLEn0Yjo%2FVZ42luiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea04b8ffb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.guardstorage.net/posters/kj4bQVOj7oAe45wKmZG2.poster.jpg | 172.67.211.88 | 200 OK | 37 kB |
URL GET HTTP/2i.guardstorage.net/posters/kj4bQVOj7oAe45wKmZG2.poster.jpg IP172.67.211.88:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjecti.guardstorage.net Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 852x476, components 3 Hashed7c18fe8a07a4c964c54e347b46ec50 4c104207fa25e37feed9850748ef82c2ded95594 ea097a17545412993128b6295a0f1b3b19380786ea50764f897e5f17b2061574
GET /posters/kj4bQVOj7oAe45wKmZG2.poster.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: image/jpeg
content-length: 36973
last-modified: Wed, 27 Mar 2024 19:31:29 GMT
etag: "66047411-906d"
access-control-allow-origin: *
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzJ3D5yE39%2BwcuXg%2BRPZVCCoLklAY0uxgHwkBEXc5ue96vcDHmkD8jRquPiwC59wa72WpBD%2FwUSEdWsztmxatqEoCCwF%2Fyo7gSPYzNOZn8zSF4xPNV%2BPFC5EHVGr19O51KS79rE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea066a84712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| oaphoace.net/401/6424058 | 139.45.197.239 | 200 OK | 43 kB |
IP139.45.197.239:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
File typegzip compressed data, max speed, from Unix Hashd9335b08d6785e94171fb2979b606c69 db76c9774ec6944f020015655cbd9443d55f5686 bb3f36fe4e8f897ea53ce87430c6c1432762b6dde04584734482dbe3b4248aa1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/6424058 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: application/javascript
x-trace-id: 9fa274bb19eb616856377009217e55d1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300487fda7d4f48e0e8efd76be02cb9; expires=Thu, 24 Apr 2025 17:46:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashb8dfda333436b644281877621fdabc1f 4e59c2a620a3151790417fe643e8a356e32ba281 1c99c16b700a6d91b07fa6f31dd4b4978e1517686b50f4d16e7b2e2659949e1b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=080048b8f0934270fd22420449cf93ea; expires=Thu, 24 Apr 2025 17:46:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/pixel/purst?dl=0&th=0&sc=0&rs=1108&rd=1108&fd=771&bv=24.4.4887&tmpl=70 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/purst?dl=0&th=0&sc=0&rs=1108&rd=1108&fd=771&bv=24.4.4887&tmpl=70 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1108&rd=1108&fd=771&bv=24.4.4887&tmpl=70 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 17:46:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-1-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 | 37.59.29.140 | 200 OK | 367 kB |
URL GET HTTP/2hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-1-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 IP37.59.29.140:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerSectigo Limited Subject*.guardstorage.net FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1 ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT
File typeMPEG transport stream data Size367 kB (367352 bytes) Hash712c8b4d68134443deec786932be10e8 051cf0828dbd143d6eb78d1ae387c0b821d09b34 b4ffb35a4656720f38085bc4c120829d9f4d3b9f79c1ecf5642cb9776722d7bf
GET /hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-1-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 HTTP/1.1
Host: hw8qpzyv9p.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.3
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: video/MP2T
content-length: 367352
etag: "3a1794b0-59af8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Fri, 02 Aug 2024 17:46:41 GMT
cache-control: max-age=8640000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f | 172.67.208.196 | 200 OK | 470 kB |
URL GET HTTP/3listeamed.net/assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Size470 kB (470279 bytes) Hashd2b0d31f74e62440ea1a557f126d0c64 5c8f6cb983397deb65673b961a8657cfd6113ad9 c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
GET /assets/js/bootstrap.bundle.min.js?id=780372263c4e1fecbb636a38f53d3a2f HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:29:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEaFi0NLdG0EnJ1ORiqKeP%2BSVw9zuoSjrXw4vnW7j%2F%2F5hm2Jc6zelUsj6o%2FVDTe4OXgHMvY%2BpyvffPaVAIGSUl23iy%2FsMv6D7PWmLtisUAdLdy2UoEhO7l6sWLGAMilX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9faaa451c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-2-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 | 37.59.29.140 | 200 OK | 247 kB |
URL GET HTTP/2hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-2-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 IP37.59.29.140:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerSectigo Limited Subject*.guardstorage.net FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1 ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT
File typeMPEG transport stream data Size247 kB (247032 bytes) Hash03d8553df91da85abd516b3a1a3bbbd1 3e55715590b3d255626a56c4a743fd7aaff3beb3 17d997cc6a6c86c1c834e80a980f1a3469bbb8363314747504e4b153471425c6
GET /hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/seg-2-v1-a1.ts?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 HTTP/1.1
Host: hw8qpzyv9p.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.3
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: video/MP2T
content-length: 247032
etag: "3a1794b0-3c4f8"
last-modified: Sun, 19 Nov 2000 08:52:00 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
expires: Fri, 02 Aug 2024 17:46:41 GMT
cache-control: max-age=8640000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| oaphoace.net/500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.239 | 200 OK | 0 B |
URL OPTIONS HTTP/2oaphoace.net/500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.239:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://listeamed.net/
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:41 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://listeamed.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aeb8dbea-bf94-40a7-8151-e04250d40958 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aeb8dbea-bf94-40a7-8151-e04250d40958 IP139.45.195.254:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aeb8dbea-bf94-40a7-8151-e04250d40958 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1460
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 17:46:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://listeamed.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js | 172.67.208.196 | 200 OK | 148 kB |
URL GET HTTP/3listeamed.net/assets/jwplayer/8.28.1/jwpsrv.js IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeJavaScript source, ASCII text, with very long lines (65100), with no line terminators Size148 kB (147618 bytes) Hash8035032c7bcdff774adfcf60e84b450d 1eb7f0268ef459954dea51343ef96720ed370566 b676f19bfd6bc7f2d07cdf0d00beb0c75ad04d1a8e4268df0f10ddbffb7313bf
GET /assets/jwplayer/8.28.1/jwpsrv.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YB74U4eB4zD8biAp3TjPcqMYVbTjGB1XfbK357ShwR0Nw3ygxMLgvTnzwi1fw03cIhzb2c9kSLRzcmNQGZNiSu4C9FwUE9KlHN282Jq7e5dCDrY9xIrgiLhI6P3sDAO%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797ea046dbc1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash94e53994b1743c805b3867d17db9812c 9477b7dae49d7e05132d3490b79f84cc3189b3f8 d06b650d49b24fb078a13542c25b3682e42455688ce0e342b944f161f89329d1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: uid_id2=f6803774-5188-4c74-8976-e693ae1d449b:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://listeamed.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/master.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 | 37.59.29.140 | 200 OK | 12 kB |
URL GET HTTP/2hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/master.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 IP37.59.29.140:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerSectigo Limited Subject*.guardstorage.net FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1 ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashd37d5f981666878f772859235d9cfdc0 7764c29901e9d1af1283e1fefeeeda6b592b85c0 a764af614f06a007877f53084f64934e0b3ee6b9a91c0ece2030ac4443749952
GET /hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/master.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 HTTP/1.1
Host: hw8qpzyv9p.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.3
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Wed, 24 Apr 2024 17:46:41 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=f6803774-5188-4c74-8976-e693ae1d449b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=f6803774-5188-4c74-8976-e693ae1d449b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=f6803774-5188-4c74-8976-e693ae1d449b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=511a5b14f9f9525cf33f9e93d660853b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 17:46:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f42760711b1a0c052884c7bb2c05140
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| oaphoace.net/500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.239 | 200 OK | 1.4 kB |
URL OPTIONS HTTP/2oaphoace.net/500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.239:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
File typegzip compressed data, max speed, from Unix Hash8e9aca66bad2543523d199c2d5f576e3 8e2ff37084b9a13c61279a4f7a2b0e1f330cd5c1 91535a67f1df25e534ce743a21f6e403f0930f9da746456f781ddac525f0d41e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /500/6424058?excludes=&oaid=080048b8f0934270fd22420449cf93ea&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=080048b8f0934270fd22420449cf93ea
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/javascript
x-trace-id: d7558c29c27ad446dbc074aa38a512ca
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://listeamed.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=080048b8f0934270fd22420449cf93ea; expires=Thu, 24 Apr 2025 17:46:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg | 104.22.33.172 | 200 OK | 10 kB |
URL GET HTTP/2offerimage.com/www/images/cf947832fe6353d6f477fd764ce28f9a.jpg IP104.22.33.172:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hashcf947832fe6353d6f477fd764ce28f9a 88926fe6b1aebbcf54c6f4a73d6b1acdcc24e62c 7cdbbe00ac6c19037fb12d41947902ce403b0590128977dfc813d78b2e0e96fb
GET /www/images/cf947832fe6353d6f477fd764ce28f9a.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:46 GMT
content-type: image/jpeg
content-length: 10346
cache-control: max-age=86400
cf-bgj: h2pri
etag: "66074aa8-286a"
expires: Thu, 25 Apr 2024 15:41:05 GMT
last-modified: Fri, 29 Mar 2024 23:11:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 7541
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea287d078f64-CPH
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 143535
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 91148
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.106 | 200 OK | 11 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP142.250.74.106:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash3d2ed381f3e3af599a03d146c593c2a0 d321d7e8feacf478276d225a0870017af7057a3e 7c7854b202c500e15d731e260dddc6b8e651e26272d61c6e9b1563656dbeaa56
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 17:46:46 GMT
date: Wed, 24 Apr 2024 17:46:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.guardstorage.net/previews/kj4bQVOj7oAe45wKmZG2.preview.jpg | 172.67.211.88 | 200 OK | 446 kB |
URL GET HTTP/3i.guardstorage.net/previews/kj4bQVOj7oAe45wKmZG2.preview.jpg IP172.67.211.88:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjecti.guardstorage.net Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 765x4080, components 3 Size446 kB (445540 bytes) Hash0884bad83ba48b3e05c825fc281491ec b7ee4a9eb898d302f640e10dad6967ebc19510a8 7952379805df39f987f605a66befb9a6a4f0522b01a1304111f95f0d63051753
GET /previews/kj4bQVOj7oAe45wKmZG2.preview.jpg HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: image/jpeg
content-length: 445540
last-modified: Wed, 27 Mar 2024 19:31:35 GMT
etag: "66047417-6cc64"
access-control-allow-origin: *
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWwiISQ59g0hi4E7%2BCX1y%2BBSrtVgT72FdvyGEKXq1FazZdAZ9JRqGu7xlW48I5cjYDsW4Ue3M4wVZgefngbsf64dQPVD0ZXoFYB0d8F1vq2oN%2FYveO3A6QskF5qpn%2FScOsXuyig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea07ba6a5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oaphoace.net/impression/Uc0EZ_cQBzXC5hOyNMtpWPzBaghlt5LWuV21c4AdCaeFZw3auxtTzLGprH5PTHUJaV1L7gCNaiyMHg1ba8DhQlZeZO3I5FJS1fL-R36cjkkCRXIUxeQKOiqKKUacbwwIjISey2AMdJfRACXxlavHkS5aBewT2__0akMnaxAhc8yxP2sKgSPYvgcDltBnjgb5l1hiO1wG0gHVRvY2XrAnaNMS6PgIv7OKEd-XXphTgn59luFlMF8uofy-HYmOsl9art4Npi2djcNC1z5ZD-lRjJ6TucQVgOwIMY0AGcWd-EMCe8UDFW-rVrXhjrRCPWSxqED7sm1izXXyFJ16e7qdHBq9HQfvElysaWe9wHi45fVkL8c69ul_BlZrdKr7mPI4L7CdwwsTGiSyi8N8_UkVfYH6-SOdRLATGpeJzg90vdt4dsPm0BQVlHaEy7kvZyvJaTKgwVwKf3vpk5z2BTuyNsbXhEQpGqmVjlrsX0rHS6YrsWKIQUgoylvm8M4XqhyG2Z1HRMbHwbXdvDfNMUjZus5DWb751XLe6bVobykYPqda7J237EMj2WxzAiDVPAySDrEbgAB6inv1BJzBqWywoPFdsg2k0dwAIYWVhydUY7_OfDZAIXPpQecAE3e3Hhf5Vtux2YsApU86aEVq2htUA3Vzg_AlmENX-alpWENVAjwGrlyzFfrU766GO3l-xzsiOfZvJrS9BO7EDIKWcdZmPvrUXcXXYpx6EDUs3XvvYPJS281SIlmOb3LeNr1GpJ97MCk1YsQ0YuqYnj8tk3oawJuf9upbnn2rmEqspsw3aMQc3Yl95fM80BbFgftIndfRydqz0OwRheiG-k97x8EhSJXcQi6MJ07S1n7uEQ==?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.239 | 200 OK | 43 B |
URL GET HTTP/2oaphoace.net/impression/Uc0EZ_cQBzXC5hOyNMtpWPzBaghlt5LWuV21c4AdCaeFZw3auxtTzLGprH5PTHUJaV1L7gCNaiyMHg1ba8DhQlZeZO3I5FJS1fL-R36cjkkCRXIUxeQKOiqKKUacbwwIjISey2AMdJfRACXxlavHkS5aBewT2__0akMnaxAhc8yxP2sKgSPYvgcDltBnjgb5l1hiO1wG0gHVRvY2XrAnaNMS6PgIv7OKEd-XXphTgn59luFlMF8uofy-HYmOsl9art4Npi2djcNC1z5ZD-lRjJ6TucQVgOwIMY0AGcWd-EMCe8UDFW-rVrXhjrRCPWSxqED7sm1izXXyFJ16e7qdHBq9HQfvElysaWe9wHi45fVkL8c69ul_BlZrdKr7mPI4L7CdwwsTGiSyi8N8_UkVfYH6-SOdRLATGpeJzg90vdt4dsPm0BQVlHaEy7kvZyvJaTKgwVwKf3vpk5z2BTuyNsbXhEQpGqmVjlrsX0rHS6YrsWKIQUgoylvm8M4XqhyG2Z1HRMbHwbXdvDfNMUjZus5DWb751XLe6bVobykYPqda7J237EMj2WxzAiDVPAySDrEbgAB6inv1BJzBqWywoPFdsg2k0dwAIYWVhydUY7_OfDZAIXPpQecAE3e3Hhf5Vtux2YsApU86aEVq2htUA3Vzg_AlmENX-alpWENVAjwGrlyzFfrU766GO3l-xzsiOfZvJrS9BO7EDIKWcdZmPvrUXcXXYpx6EDUs3XvvYPJS281SIlmOb3LeNr1GpJ97MCk1YsQ0YuqYnj8tk3oawJuf9upbnn2rmEqspsw3aMQc3Yl95fM80BbFgftIndfRydqz0OwRheiG-k97x8EhSJXcQi6MJ07S1n7uEQ==?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.239:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/Uc0EZ_cQBzXC5hOyNMtpWPzBaghlt5LWuV21c4AdCaeFZw3auxtTzLGprH5PTHUJaV1L7gCNaiyMHg1ba8DhQlZeZO3I5FJS1fL-R36cjkkCRXIUxeQKOiqKKUacbwwIjISey2AMdJfRACXxlavHkS5aBewT2__0akMnaxAhc8yxP2sKgSPYvgcDltBnjgb5l1hiO1wG0gHVRvY2XrAnaNMS6PgIv7OKEd-XXphTgn59luFlMF8uofy-HYmOsl9art4Npi2djcNC1z5ZD-lRjJ6TucQVgOwIMY0AGcWd-EMCe8UDFW-rVrXhjrRCPWSxqED7sm1izXXyFJ16e7qdHBq9HQfvElysaWe9wHi45fVkL8c69ul_BlZrdKr7mPI4L7CdwwsTGiSyi8N8_UkVfYH6-SOdRLATGpeJzg90vdt4dsPm0BQVlHaEy7kvZyvJaTKgwVwKf3vpk5z2BTuyNsbXhEQpGqmVjlrsX0rHS6YrsWKIQUgoylvm8M4XqhyG2Z1HRMbHwbXdvDfNMUjZus5DWb751XLe6bVobykYPqda7J237EMj2WxzAiDVPAySDrEbgAB6inv1BJzBqWywoPFdsg2k0dwAIYWVhydUY7_OfDZAIXPpQecAE3e3Hhf5Vtux2YsApU86aEVq2htUA3Vzg_AlmENX-alpWENVAjwGrlyzFfrU766GO3l-xzsiOfZvJrS9BO7EDIKWcdZmPvrUXcXXYpx6EDUs3XvvYPJS281SIlmOb3LeNr1GpJ97MCk1YsQ0YuqYnj8tk3oawJuf9upbnn2rmEqspsw3aMQc3Yl95fM80BbFgftIndfRydqz0OwRheiG-k97x8EhSJXcQi6MJ07S1n7uEQ==?_z=6424058&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1116&wiw=1116&wih=628&wfc=1&pl=https%3A%2F%2Flisteamed.net%2Fe%2F306655524b6e336b45613031734f69&drf=https%3A%2F%2Flisteamed.net%2Fv%2F4bQVOj7oAe45wKm%2FHA.mp4&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=080048b8f0934270fd22420449cf93ea
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:46 GMT
content-type: image/gif
content-length: 43
x-trace-id: 18a598887b67945cabed2f5e34bd0852
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js | 172.67.208.196 | 200 OK | 423 kB |
URL GET HTTP/3listeamed.net/assets/jwplayer/8.28.1/provider.hlsjs.js IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Size423 kB (423017 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/jwplayer/8.28.1/provider.hlsjs.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:31:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqE1aymcBuWx6%2BRyQfoK444WHB66T4GFeM4lMizPS9vZg4HC4MBd15otwZAlhWi6qzqlBbyIR64GaGQoU4P5zaYnR3onTZEnDZbUPrXxbXZFxHd%2Fyn2NpViIrntjGU4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797ea04ce2a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js | 172.67.208.196 | 200 OK | 325 kB |
URL GET HTTP/3listeamed.net/assets/jwplayer/8.28.1/jwplayer.core.controls.js IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Size325 kB (325119 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/jwplayer/8.28.1/jwplayer.core.controls.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBx2%2FKaDzhkgcdqIIMmB9KgsmsoPhX3ENITzuk2YXZJC4aSbZGFb745kdCy9RTLvyKORYOex5wu2pN1KwTrRpsDM7lU0lQShsrx7LfTCvnD3XIHax332Rq3azwr3IsG2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797ea04ce291c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 17:46:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1f221a04663ad4cf77e71b72a163999a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bembed.net/v/4bQVOj7oAe45wKm/HA.mp4 | 104.21.84.193 | 308 Permanent Redirect | 6.6 kB |
URL User Request GET HTTP/2bembed.net/v/4bQVOj7oAe45wKm/HA.mp4 IP104.21.84.193:443
CertificateIssuerGoogle Trust Services LLC Subjectbembed.net FingerprintB2:66:B4:93:E3:4E:ED:34:31:A3:5C:F4:7F:B9:1A:0E:62:94:2F:9B ValiditySat, 16 Mar 2024 11:58:27 GMT - Fri, 14 Jun 2024 11:58:26 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6898), with no line terminators Hasha6a1a4eede297eef23dab2356d7bd155 0cd4b94f4ac2b15a37d269b57d516dd165f63e5f 0cc8c1554c72a36159485a295cd19031a637f9756992105d5d696f36cc4f3282
GET /v/4bQVOj7oAe45wKm/HA.mp4 HTTP/1.1
Host: bembed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Wed, 24 Apr 2024 17:46:38 GMT
content-type: text/html; charset=utf-8
location: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqVPkMF8LaGzU6pjoEBzleJEESm4R3pijlbGKCWKzkYpAodiLvZ88e6O4s4abTt99SyLWYydHuodshODsC2Qzt8xvcsZJVrxZaruNo7O%2BZd3Z9zbZvtAkLfJAR5v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e9f64fe556ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/img/favicon.ico | 172.67.208.196 | 200 OK | 15 kB |
URL GET HTTP/3listeamed.net/assets/img/favicon.ico IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash7d9d17baaa54ab2b59859173c38f1a57 f383ac7a911d949ea75ebd07d8d95d5b231e9ea6 86fc3c09c4aec36ca788eabfda604e48d1ee61feb43a16371afab31f0cd2b48f
GET /assets/img/favicon.ico HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 26 Jan 2024 07:31:15 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPjrard6tZXcs7ijt%2Bl%2By6GSYb4KMzDddqjfHR0TdTMW5w5R6P6S1Y9%2FVegduhk4vNqbMVQsuREB2CPxm%2Fv3cB%2BDzOgW67u5YPjOLnccWeG9AQ8XK9ZiBnUwc23coxVR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e9fd8d451c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 | 172.67.208.196 | 200 OK | 109 kB |
URL GET HTTP/3listeamed.net/assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Size109 kB (109142 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/jwplayer/8.28.1/jwplayer.js?id=2ec1cfc87408aded985a8ebcbcd646d6 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:31:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8%2B4ehVDR9EmoFDqSURe%2FhjMrcqCStksmk3Dc9yeIQpo1eA2fFuZj9TeJGedJmpTRthDkGstd930mcLuL9c7%2BA%2BRWs4wlMe8Y6fad811w0eCZLgP6%2FMEAeKPAIT7eVrt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9ff3f4f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da | 172.67.208.196 | 200 OK | 14 kB |
URL GET HTTP/3listeamed.net/assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeASCII text, with very long lines (13852), with no line terminators Hash19b624e7fe7a86b4c7851ed61e250626 760a6c0399930b96c61b6e18a6cbb0dbf0125f97 eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e
GET /assets/js/player.js?id=a9b24acc6c8d37de23098caa2f7907da HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 07:00:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHiYfh0Y3ubTfqgPMUUW9am1ux7yAWKzhnkLz0BK7Z%2BhKN%2FoA6XtV8VoAkzw7IZJ0f5OZxjxGPCQLQHTkkVq8ic%2BH30gPNfGU0bW0VtOrr%2Fy9se3DQGbPVD%2BvZ28Ncb8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9ff3f581c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| oaphoace.net/401/6424058?oo=1&oaid=080048b8f0934270fd22420449cf93ea&sw_version=v1.337.0 | 139.45.197.239 | 200 OK | 2.3 kB |
URL GET HTTP/2oaphoace.net/401/6424058?oo=1&oaid=080048b8f0934270fd22420449cf93ea&sw_version=v1.337.0 IP139.45.197.239:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2467), with no line terminators Hashfe59f1a0d56241fb304e7b69afaedefc 0ffcd94c130deb678288c12275678c905037ddf5 759716da7b2d3300145c5338249616e05e0700949ea61ddf83f072d1f5e2b66c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/6424058?oo=1&oaid=080048b8f0934270fd22420449cf93ea&sw_version=v1.337.0 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Cookie: OAID=0300487fda7d4f48e0e8efd76be02cb9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/json
x-trace-id: 53656301363046114469145045385608
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://listeamed.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=080048b8f0934270fd22420449cf93ea; expires=Thu, 24 Apr 2025 17:46:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 19 kB |
IP172.67.193.52:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pX4EQ1%2B58XT6buDk78MlvegisibPPNHWa5VXf53fizRUN7%2B9iSj3RPYVJYqnVRaFxAXtsGcga%2FbBQO1GLb49r1mAOdGR1BRxC474iddoAFBCmzR%2BvdbLiD8EjikkhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea08c863569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3 | 172.67.208.196 | 200 OK | 105 kB |
URL GET HTTP/3listeamed.net/assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3 IP172.67.208.196:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Size105 kB (105278 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/main.js?id=eddfd74f6de7386e3162347efd9a6be3 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/e/306655524b6e336b45613031734f69
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 14:13:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPektKSUAPKAe07SPyh8pVRrecm83riS74hK3PIen4HfwhCiAlMLtmjw6iKnwZWAsAEjpHXGPqgP5BrF0F2bJthpLML7KwV2vHpIhTVeqtLlLD7mEewIR6FpEGWNoNP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9ff3f5c1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 | 172.67.208.196 | 200 OK | 89 kB |
URL GET HTTP/3listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Hash91f7cf4a3d3f0660b4e3914e5ac9298a 6e12e1ebcd983f848e5c280ab77649eeb44e74bc f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
GET /assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kom%2Bx2sMu38huTBd3siwk4N7zlUfeqvHvANlIdfyTJLXziMaKqE8OwKqmofBv8A2p2JcUZsd4O8A1hBuzYThlWcbo4mk3aKfayRx1bY%2Fj73MTQJfYTxitB80FlsVgkF9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9faaa3f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/js/load.js | 172.67.208.196 | 200 OK | 3.7 kB |
URL GET HTTP/3listeamed.net/assets/js/load.js IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeJavaScript source, ASCII text, with very long lines (3720), with no line terminators Hashd9c20c3e3512735c34d570b27902ce21 2e759ef4e518009e4414a5ef65d96f1489fd0df3 88777310a5c3f5382fcd464fbbf4d6dd119089bf94be45aa7789ce43c0184481
GET /assets/js/load.js HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 14:13:45 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZKqAgcuxW6g%2F05D7MjqWXCc4wf9zcqsIOoSZm1J%2FE0WJCySLmbtb%2B0lSkNXmhWYzLnTBL433x8TYPOhO1Cyohs6TnsCbj4K7S3FFJi%2FuzyJK6amlUAPdXlkH%2BKjDDQV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9fc4bef1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c | 172.67.208.196 | 200 OK | 46 kB |
URL GET HTTP/3listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c IP172.67.208.196:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeASCII text, with very long lines (449) Hashd54edf9aa1cde0c27571f0d70a5a800c 0280204d67163c971177fe07a97de7e7dd9d9bd4 9f323f60f1cb46c682179cbde508d1ad0ded66950f93f64abf9c80ce643ab4da
GET /assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:46:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 14:24:15 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbXJ5DDt4q7ndPjFK5T77RXszsyC70I2Ub8fYIJ5byQxspwHxp3oilZ0CcqjI7K0Mtfi0zWuR77tbKxPgtknkNUrUCVeYNf6S3BNmzN6aVZo3PLGcuAxp3DmPViDdytj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e9faaa421c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/index-v1-a1.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 | 37.59.29.140 | 200 OK | 13 kB |
URL GET HTTP/2hw8qpzyv9p.guardstorage.net/hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/index-v1-a1.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 IP37.59.29.140:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerSectigo Limited Subject*.guardstorage.net FingerprintBB:17:7F:B4:1E:14:F6:23:29:98:AF:CB:F2:A0:43:5D:16:1E:D6:C1 ValiditySun, 10 Dec 2023 00:00:00 GMT - Thu, 09 Jan 2025 23:59:59 GMT
Hashc93869a68ac5c596172068c3f4e6fb99 613751fa6186c2ee45b98ba78455f216afd35438 f17605d321ad085e791071f39049ebd575ac6ac8b9c2580b95f9adc81a53876d
GET /hls_3/_agR8spfR2FIiOJbdwxF8so8k3L10QlsyQyqZTH70Ozkg5kw74GUfnh5B3K0cJC0g4oRUVZo1bZ-KMa9oPtI6IZYtE1jRc2DwQS_dVLTIB1JwUwzY6H3Q6Hzw065-RpjVZ3YJrYnIFdY6tqevVXlD8GO99dyMTcWYrNks7fjFbkZB3mOS4TfoDQpKn80QbroVLMCj00QDzDzudm4Y-nCJA/index-v1-a1.m3u8?sig=i8q-cEkiIMXz6rKZN-kxDA&expires=1713989799 HTTP/1.1
Host: hw8qpzyv9p.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.3
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Wed, 24 Apr 2024 17:46:41 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.guardstorage.net/channellogo/sIrUHjc46xow.png | 172.67.211.88 | 200 OK | 4.2 kB |
URL GET HTTP/2i.guardstorage.net/channellogo/sIrUHjc46xow.png IP172.67.211.88:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjecti.guardstorage.net Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT
File typePNG image data, 148 x 53, 8-bit/color RGBA, non-interlaced Hash4dee385c1c06bd091ae29955bff2825d 09f68b1cdaeecd9047c37d818154adf8441cb881 7c64a9c92bf30fd24aa5694a1d9873f65f5ea2a9d7a5bd364baf49293b678a59
GET /channellogo/sIrUHjc46xow.png HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: image/png
content-length: 4161
last-modified: Thu, 14 Mar 2024 02:19:41 GMT
etag: "65f25ebd-1041"
x-server: cdn2
cache-control: max-age=14400
cf-cache-status: HIT
age: 471
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVnfA4cr4cMC6KCglhCeVTZwtZXj2t%2BI%2Bh8QYdD8xqd0VsJ0aRko7p1%2F0d4WwEdV9ecGilEWb23DqZexRNsH0SiNrGHN3gGJOG0YtqEz0WAs9DTMjfwMBJbIs9cclsq9ZpSsGuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797ea068aac712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 43 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hash3e32afaeab15a05db2c05ffbc64301d4 16263be6088f307dacc812b4db01f4e5be4cf122 659fcc80b9999153ced6cbc81530b538d814fb0a4a4029f3d0576744dc445184
GET /css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 17:46:39 GMT
date: Wed, 24 Apr 2024 17:46:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 | 216.58.207.227 | 200 OK | 25 kB |
URL GET HTTP/2fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 IP216.58.207.227:443
Requested byhttps://listeamed.net/v/4bQVOj7oAe45wKm/HA.mp4 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24964, version 1.0 Hashab1e118c3ab25d4210327093166ca977 6d6c24619115649c4c80a20d725c78f65175fb38 45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
GET /s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:32:06 GMT
expires: Fri, 18 Apr 2025 17:32:06 GMT
cache-control: public, max-age=31536000
age: 519273
last-modified: Tue, 02 May 2023 14:50:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.guardstorage.net/previews/kj4bQVOj7oAe45wKmZG2.preview.vtt | 172.67.211.88 | 200 OK | 8.8 kB |
URL GET HTTP/2i.guardstorage.net/previews/kj4bQVOj7oAe45wKmZG2.preview.vtt IP172.67.211.88:443
Requested byhttps://listeamed.net/e/306655524b6e336b45613031734f69 CertificateIssuerLet's Encrypt Subjecti.guardstorage.net Fingerprint04:03:23:15:78:06:68:60:E6:22:9F:F4:EF:79:DC:D8:DA:79:11:7B ValidityTue, 16 Apr 2024 11:01:27 GMT - Mon, 15 Jul 2024 11:01:26 GMT
File typeWebVTT subtitles, ASCII text Hash7abd969beef9bdf78ea9cfb6773237d2 d3fe967fb517cd64a8dee9c98008f93f7b64b60d ddc152e029b3663ccebecf7b9f771fa0e78785d354edb997db937fb8016cdbf9
GET /previews/kj4bQVOj7oAe45wKmZG2.preview.vtt HTTP/1.1
Host: i.guardstorage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:41 GMT
content-type: application/octet-stream
content-length: 8798
last-modified: Wed, 27 Mar 2024 19:31:35 GMT
etag: "66047417-225e"
accept-ranges: bytes
access-control-allow-origin: *
x-server: cdn2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZ43hczm%2BqDdUimO8oe97SpCNyRe4uxYgtbTqcxz0bwGIj7%2B6FOzXLwYemhaK0HnSIcO97V18l%2F41uxRtM87A4Op8pcj0f8p%2BDjmhmJLNStQEzsguyUlQ%2FkVZ8vQ%2Fy1g5QUA6Us%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797ea066d1656c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|