hdlivegames.xyz/hd/ch10.php?sport=basketball
104.21.95.238200 OK 772 B URL HTTP/1.1 hdlivegames.xyz/hd/ch10.php?sport=basketball
IP 104.21.95.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (599), with CRLF, LF line terminators
Hash ae13ac30faeb957331bfbebfe9e2f92c
b42bf384a6941bbe3b992e11d52b9fcbd669da48
a00897318a06c35c9e158e38afa5e1374fdc73f629cfa2c809b607f32a0f4908
GET /hd/ch10.php?sport=basketball HTTP/1.1
Host: hdlivegames.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijULTEWD419D%2FlCpQ2AoibQk7VE2glSQOxjNttbzzgE7pKe8X7FZxuexqFTZPA3g67bxBGk%2FKZUGQUF5pYOljYecMYonTMqjOt0qRFlEaiD1iqPcRDhQh%2BpKnpUfJb0xzso%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748792a5ca3b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3945
Expires: Mon, 05 Dec 2022 01:01:15 GMT
Date: Sun, 04 Dec 2022 23:55:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 207
Cache-Control: max-age=124754
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:30 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:34:44 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10231
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Sun, 04 Dec 2022 23:55:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2121
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0TcS384fFFtwbAkl5OIlHKy+QifvgVeIPOXOdyTZMvh/9Ew2udutvllj0Gq16oORxeUBNYL4LSU=
x-amz-request-id: YWJTD3QTZN181VMA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:10 GMT
age: 500
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:55:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/8unncMEHDI0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8unncMEHDI0
IP 142.250.74.131:0
Hash 2e628dbad95c14eeddb98ae423a3e310
550eca85ba70018becd0463adfeebf6cba76b370
dec08a4f78971745e03b0411998fe214445834f3f0db525a119ed0dc1147f0cb
POST /s/gts1p5/8unncMEHDI0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/8unncMEHDI0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8unncMEHDI0
IP 142.250.74.131:0
Hash 2e628dbad95c14eeddb98ae423a3e310
550eca85ba70018becd0463adfeebf6cba76b370
dec08a4f78971745e03b0411998fe214445834f3f0db525a119ed0dc1147f0cb
POST /s/gts1p5/8unncMEHDI0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/8unncMEHDI0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8unncMEHDI0
IP 142.250.74.131:0
Hash 2e628dbad95c14eeddb98ae423a3e310
550eca85ba70018becd0463adfeebf6cba76b370
dec08a4f78971745e03b0411998fe214445834f3f0db525a119ed0dc1147f0cb
POST /s/gts1p5/8unncMEHDI0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hdlivegames.xyz/nflbite.png
104.21.95.238200 OK 30 kB URL HTTP/2 hdlivegames.xyz/nflbite.png
IP 104.21.95.238:0
File type PNG image data, 912 x 246, 8-bit/color RGB, non-interlaced\012- data
Hash 24c84cc7b81f9dbc6d8804870c0b600b
802eeafd2efffa5970c74c9c93e43d36599a834a
32ad9e4da16c05811c9903700109fdab9811fc291ce294bbe5bd5946bbde843c
GET /nflbite.png HTTP/1.1
Host: hdlivegames.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:30 GMT
content-type: image/png
content-length: 29613
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 18:33:14 GMT
last-modified: Sun, 31 Oct 2021 20:36:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 192136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhRfOrIjcmlCZOwtoosd7IX7Isva8iGXYEQ7q8hSf%2BNVM%2F0qs07TZlXbrwBeuEhHlFwJ%2FMyK8rjuNo4NKX8vmXcITQVbkkeHw4Fdo0Y8CPeRL7Grj3OQ%2BvWnkJLAt2O%2B5J4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748792d4df7b512-OSL
X-Firefox-Spdy: h2
hdlivegames.xyz/soccer.png
104.21.95.238200 OK 18 kB URL HTTP/2 hdlivegames.xyz/soccer.png
IP 104.21.95.238:0
File type PNG image data, 992 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash cf2cad656b2c4bd55a4651620df8d581
6f12f8a9abfbe19c45c9820f6ad8fd24e2a57c72
0b1ac0b54c33cf9c6358f45bf97293b27bcd03f40c8c4ae82f96000364015bd7
GET /soccer.png HTTP/1.1
Host: hdlivegames.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:30 GMT
content-type: image/png
content-length: 17676
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 18:13:25 GMT
last-modified: Tue, 15 Nov 2022 10:58:19 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 193325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kz1f0jx7hRkQM%2FWRgPNc9xYUZpH1H4a7V8FObw8Bx9xjLo5OIB%2FOkbIoeBxt4Qhk19iDKgHCtaX6W4lwoPiOd1LfHf3FcieYVAZbG12MCW1s9P3jqqkRbUYLQrAnN3XTrYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748792d4df4b512-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/8unncMEHDI0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8unncMEHDI0
IP 142.250.74.131:0
Hash 2e628dbad95c14eeddb98ae423a3e310
550eca85ba70018becd0463adfeebf6cba76b370
dec08a4f78971745e03b0411998fe214445834f3f0db525a119ed0dc1147f0cb
POST /s/gts1p5/8unncMEHDI0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fdcac60cec70cdb6a8f766fa9cc15884
d66ae441f40437c7445e592cf7f4fb2bdda8504f
95ea5891829383863dc4f25ea8d8e56210ebc1c545f3ab712dfd6d9fabb4c576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168079
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:31 GMT
Etag: "638d2102-116"
Expires: Tue, 06 Dec 2022 22:36:50 GMT
Last-Modified: Sun, 04 Dec 2022 22:36:50 GMT
Server: nginx
Content-Length: 278
cdn.jsdelivr.net/clappr/latest/clappr.min.js
151.101.129.229200 OK 130 kB URL HTTP/2 cdn.jsdelivr.net/clappr/latest/clappr.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129736 bytes)
Hash 02e8b36a76324b84738a71a477029182
eaca54f922d155e9519320a9da0b33b9df4628bb
0393d8c906f95f9c97074a073d0f2a07d19bc6825b3afecd50107ddc0d231812
GET /clappr/latest/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 23:55:31 GMT
age: 3864711
x-served-by: cache-fra-eddf8230027-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 129736
X-Firefox-Spdy: h2
cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
151.101.129.229200 OK 3.1 kB URL HTTP/2 cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (6153)
Hash 87c919267521efbaf544ecf60ac34a00
97e52de332e9bc6a7d5b215e52a1a9fbd06c2069
884dd7679b870ff192faf80cc6a71169fe00268ca641e7a4ab20a4c67c159d5c
GET /clappr.level-selector/latest/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 23:55:31 GMT
age: 6562113
x-served-by: cache-fra19175-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3061
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 91bb39e5645ba036608e611547130a9e
5f86f5b96f81e44614118e41deab0bece8927185
87eea434adeb3ff9934a4f31041a847696740d4f2328d89ae848b3b1ce8fe704
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "93AED4033B6284A80A20169A0D04E8371B704872"
Expires: Mon, 05 Dec 2022 10:00:00 GMT
Last-Modified: Sun, 04 Dec 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3544
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748792f1c3e0afa-OSL
www.profitabledisplayformat.com/efe516cf443be9626415f64a97857a99/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/efe516cf443be9626415f64a97857a99/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26982), with no line terminators
Hash ce00acc51e668bf2e5b282e4478e5ed0
150873c888eea3e7415871904921a3ca844dcd66
cf05078fb7fbe8052bd68f245291756a2c3a66a07b944433801391d696325ae4
Analyzer Verdict Alert quad9 Sinkholed
GET /efe516cf443be9626415f64a97857a99/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c60bd55be545e9769f0c897a2aac714c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 23:11:19 GMT
cache-control: public,max-age=3600
age: 2652
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
claimedinvestcharitable.com/905d9f0c3eab6503e39adeb7a6b95cc9/invoke.js
173.233.137.44200 OK 9.3 kB URL HTTP/1.1 claimedinvestcharitable.com/905d9f0c3eab6503e39adeb7a6b95cc9/invoke.js
IP 173.233.137.44:0
File type Unicode text, UTF-8 text, with very long lines (25118), with no line terminators
Hash 275ed24014b78c484d1749dfdba67d10
bbf01aa575f4905537ed79791155e2defa451e04
573fe95988bf85d9a05a57a119fb538e736bc3471fa8209995c3dcbae4958f7e
Analyzer Verdict Alert quad9 Sinkholed
GET /905d9f0c3eab6503e39adeb7a6b95cc9/invoke.js HTTP/1.1
Host: claimedinvestcharitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 825ebc62bd6598cff2cf9e4eabbef9d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 202
Cache-Control: max-age=119682
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:31 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:10:13 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
st.chatango.com/js/gz/emb.js
208.93.230.28200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP 208.93.230.28:0
File type ASCII text, with very long lines (1651)
Hash a543b2d0bd0671737d07034ada375e34
4f8a72210ccd1bbd1c254cf9138b7399503bb654
c237062303aaf130c2f1a7c9f7b71e6ba23e7c6f307c5d1f9ab2858371421cc3
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Sun, 04 Dec 2022 23:55:31 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141494
Date: Sun, 04 Dec 2022 23:55:31 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 15:13:45 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sxrhDaGeyvfcGGna2bPX5yaZHyS0giohlYSMbHxVCMqPXkBFMdltGw==
Age: 6157
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141559
Date: Sun, 04 Dec 2022 23:55:31 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 15:14:50 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5NgIXOhzH3vktO6CZSF6FxeOgbWlW8pZFs7GcF8WkNC8eV3CfkecEA==
Age: 6222
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 801896cc8a68fb9fb24442d24dc585fe
072972bf683abdf3f8da2fd8deb56e8c47ae2b9b
30f52c6045b3dec837bdfd789f10a601f2580eeb2619e2feea32d6cac162b3ab
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hdlivegames.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=15f61b8d-2ec8-435d-9c52-294c53dca5d6:1:1; expires=Wed, 01 Dec 2032 23:55:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0124a8f28ed6e58b5b535ea22d1a0
b8e4973951eeb633838ba87f0f740e17a8aee065
7d1547b201957578477129e11b6ca08bc4b60dd6e3eb0d188b115a2ff6d92420
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D1547B201957578477129E11B6CA08BC4B60DD6E3EB0D188B115A2FF6D92420"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11628
Expires: Mon, 05 Dec 2022 03:09:19 GMT
Date: Sun, 04 Dec 2022 23:55:31 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash f39790929e3bab1e89aa1e4343afbd28
4b007bdd87c9d06f2d3cc0af90d65d281f762c6b
1346a397cd2e5f44c770b3cde75f002c9d8a51ab86e5e2ec7aab3d0c88e2c2d6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hdlivegames.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; expires=Wed, 01 Dec 2032 23:55:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/T3bfnGJoB30
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/T3bfnGJoB30
IP 142.250.74.131:0
Hash b57ee53aeb5e1fde9605e83e3cc4f71c
49f79906e6e23f497191d079aa9f70ebcfcfa27f
b2477a675955cb34e8220265d715eecc3b48652c6aaef8b060a39562bd1dc0a5
POST /s/gts1p5/T3bfnGJoB30 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lightssyrupdecree.com/e2/fb/70/e2fb7072ede77ca8ad55204515c4d991.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 lightssyrupdecree.com/e2/fb/70/e2fb7072ede77ca8ad55204515c4d991.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 96aa7cfa88093f3263ad7a6245454808
6d7c328e15e25096fe901fd41a7618df13af5275
4daa4c453f08885d53d0dd5be7f860c4f250a8e088de78a1d02fa91e6cbef894
Analyzer Verdict Alert quad9 Sinkholed
GET /e2/fb/70/e2fb7072ede77ca8ad55204515c4d991.js HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 175a403d78ddd90693f1775802ecdc27
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/T3bfnGJoB30
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/T3bfnGJoB30
IP 142.250.74.131:0
Hash b57ee53aeb5e1fde9605e83e3cc4f71c
49f79906e6e23f497191d079aa9f70ebcfcfa27f
b2477a675955cb34e8220265d715eecc3b48652c6aaef8b060a39562bd1dc0a5
POST /s/gts1p5/T3bfnGJoB30 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash f39790929e3bab1e89aa1e4343afbd28
4b007bdd87c9d06f2d3cc0af90d65d281f762c6b
1346a397cd2e5f44c770b3cde75f002c9d8a51ab86e5e2ec7aab3d0c88e2c2d6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hdlivegames.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VK3PA3DtOeZMQG/SHQPpdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aermpLVMLlG79P93Z9sVelqAOOk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0124a8f28ed6e58b5b535ea22d1a0
b8e4973951eeb633838ba87f0f740e17a8aee065
7d1547b201957578477129e11b6ca08bc4b60dd6e3eb0d188b115a2ff6d92420
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D1547B201957578477129E11B6CA08BC4B60DD6E3EB0D188B115A2FF6D92420"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Mon, 05 Dec 2022 05:55:04 GMT
Date: Sun, 04 Dec 2022 23:55:31 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
attendancemeaningleaped.com/14/5b/f0/145bf03c9c141030a6f69624a0359b29.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 attendancemeaningleaped.com/14/5b/f0/145bf03c9c141030a6f69624a0359b29.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash 662ece3fc181b56ad11958f94cfa2df5
32c4cae42d4f9c39ad8dc0d86846665429a3e340
ae67b7d20c0a91ca2e6efa07c4292e0b24b7324115b43e26961737216c2e139c
Analyzer Verdict Alert quad9 Sinkholed
GET /14/5b/f0/145bf03c9c141030a6f69624a0359b29.js HTTP/1.1
Host: attendancemeaningleaped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a84c080b91113a6865bef3ba5aae4f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=1403&rd=1403&fd=413&bv=22.10.v.10&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=1403&rd=1403&fd=413&bv=22.10.v.10&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1403&rd=1403&fd=413&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 23:55:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hdlivegames.xyz/footy/ch10.php
104.21.95.238200 OK 24 kB URL HTTP/2 hdlivegames.xyz/footy/ch10.php
IP 104.21.95.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2958), with CRLF, LF line terminators
Hash fa9770f76fc6142b01beb78e0ac9099b
19a52922970ef02aefe35cb2ab9e806cfa8a8325
2f12f13c67800950a934b48fff263ee1441c7fbcd62acd4a74179501208a18ae
GET /footy/ch10.php HTTP/1.1
Host: hdlivegames.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ2zjYfRyRKbNWWoM7j2c31FIp2oqXbbrqyu95ExUguNfZByV9J5CTlCfkJoOq0kuwTN95CuroK5RTGHV2xsUmXFilolHhTDo2U3CwoE7YKkNN0pT%2BHOJKOBILgjRRbxCpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748792d5e03b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 88033d954114dcc1f9e3000e0cc24502
efb03d2f2038269e952d160a61419164d99720c9
da7e469915a385a9cd894a327553a9297a034dd323be7e41dd1d677b0df4e17b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA7E469915A385A9CD894A327553A9297A034DD323BE7E41DD1D677B0DF4E17B"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6493
Expires: Mon, 05 Dec 2022 01:43:44 GMT
Date: Sun, 04 Dec 2022 23:55:31 GMT
Connection: keep-alive
befirstcdn.com/script/bootstrap.js
104.16.164.101200 OK 33 kB URL HTTP/2 befirstcdn.com/script/bootstrap.js
IP 104.16.164.101:0
Hash 0ed1923e79e0ed6ddd8a3e66edac55df
ab8760d174ba35d6e83fe9fa6a4b9d306c25daf4
fc40dd4a787f46068b30ab9f06796a256fbde93f7642ce1d67927f5545796225
GET /script/bootstrap.js HTTP/1.1
Host: befirstcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsMfrV3hk6xLib6PuHEYM7oOviLb8sUyuI5x1zTODBzuWS41UZS7ByQNoVURwhS79fAfe36_ot9npv9gMqdZI1SVw
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 03:55:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748792f0c160b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash f39790929e3bab1e89aa1e4343afbd28
4b007bdd87c9d06f2d3cc0af90d65d281f762c6b
1346a397cd2e5f44c770b3cde75f002c9d8a51ab86e5e2ec7aab3d0c88e2c2d6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hdlivegames.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Mon, 05 Dec 2022 02:13:58 GMT
Date: Sun, 04 Dec 2022 23:55:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de7882ab113113ac974214ed195c1c09
6403b2259bd82f2e3bbbce830e20c7efd1dba98f
8be10c0fe85e64985905329b6984d6ad82f762d5cc93b09e5850a23e9a1c02cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BE10C0FE85E64985905329B6984D6AD82F762D5CC93B09E5850A23E9A1C02CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9682
Expires: Mon, 05 Dec 2022 02:36:53 GMT
Date: Sun, 04 Dec 2022 23:55:31 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ff9e4d5c542d5d271c96098ee3f89da0
245feae57fce74a392b0587789f630b3deaf2f24
5f6577b297b5e428ffab51d6a4d6e82db6d5343cae00c158e90fcb8a9abf2571
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:12:23 GMT
Expires: Sat, 10 Dec 2022 06:12:22 GMT
Etag: "245feae57fce74a392b0587789f630b3deaf2f24"
Cache-Control: max-age=454009,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77487934dac7b518-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45c43e5b26053b335bb3640bd3d0a1e9
14b4f1ec318f6a67d0015665a3aecc261f31a2cb
b42111f71fbb7b68f5dc8d0b6233bb109855bc7403403ca9f962df7dfb0e54c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B42111F71FBB7B68F5DC8D0B6233BB109855BC7403403CA9F962DF7DFB0E54C7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12190
Expires: Mon, 05 Dec 2022 03:18:42 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8306
Expires: Mon, 05 Dec 2022 02:13:58 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hdlivegames.xyz
Access-Control-Allow-Origin: http://hdlivegames.xyz
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1&shu=5ce06b5a589c17131ebb89bb71cefbaf3140c62d7126ab30887bd587055c5817467cac937bbd258ea51cd2ae1b46719f6ee4ad6f20d2474561db03d2a5d213150e144af358ceae71a17856a89337f796c409df0bb625e9afb025c26f809453&pst=1670198192&rmtc=t
Set-Cookie: u_pl=17852426; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1MjQyNiwiayI6ImVmZTUxNmNmNDQzYmU5NjI2NDE1ZjY0YTk3ODU3YTk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjE0LCJwaWQiOjI2MDc0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoic2tqazhyYWJ6eiIsImNwa3MiOnsgIjI4IjoiZTJmYjcwNzJlZGU3N2NhOGFkNTUyMDQ1MTVjNGQ5OTEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZGxpdmVnYW1lcy54eXovaGQvY2gxMC5waHA_c3BvcnQ9YmFza2V0YmFsbCJ9fQ.S8P-FlDKf4MJheTRaawhwYJDoZoo133hEHI4LhJatEs; expires=Sun, 04 Dec 2022 23:56:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58a54dfa38172cfc21e67fd6cbae1d4c
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ff9e4d5c542d5d271c96098ee3f89da0
245feae57fce74a392b0587789f630b3deaf2f24
5f6577b297b5e428ffab51d6a4d6e82db6d5343cae00c158e90fcb8a9abf2571
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:12:23 GMT
Expires: Sat, 10 Dec 2022 06:12:22 GMT
Etag: "245feae57fce74a392b0587789f630b3deaf2f24"
Cache-Control: max-age=454009,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77487934ff6fb511-OSL
friendshipmale.com/sfp.js
172.64.203.23200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 17f8bec9b8219d7018a6066e8c40dda3
77d1d4b1154b5a430e2b4c855dbda6684734d084
aedcacaa60c4bd797d0c55bc59f30c2eb5d547de6a6c8a7d9bd5ce1dae15e59f
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ceec4b1da2c2d9861628feccbfd0d7d1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 04 Dec 2022 23:55:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCHqQTnx0jqJGlqx2S0hFkZiRUM1gokU5gSF1U3fJdRS3j7Rgwjyur%2FUYDzAPP%2FYqAE7E770zHlCJNtBz4WANq4HPzSqIsuskZ2q898dDv0RHezz4rotmqyMtwk5Hms9SwVUELw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487934dcd97515-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=1303&rd=1303&fd=939&bv=22.10.v.9&tmpl=70
173.233.137.44200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/purst?dl=0&th=0&sc=0&rs=1303&rd=1303&fd=939&bv=22.10.v.9&tmpl=70
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1303&rd=1303&fd=939&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
eveningproclamationarched.com/ntv.json?key=905d9f0c3eab6503e39adeb7a6b95cc9&vstc=4
173.233.137.36200 OK 17 kB URL HTTP/1.1 eveningproclamationarched.com/ntv.json?key=905d9f0c3eab6503e39adeb7a6b95cc9&vstc=4
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (17064), with no line terminators
Hash 2d22f22d85645c43f8bd61e98587a772
4f9bca6bb437e9d544099459d2194dcc0be5b26e
831fb41f31ec4c5c3fb7d08e0f5365023917307378358ae935384dd23e0ace6b
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=905d9f0c3eab6503e39adeb7a6b95cc9&vstc=4 HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/json
Content-Length: 17064
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hdlivegames.xyz
Access-Control-Allow-Origin: http://hdlivegames.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17851852; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]; expires=Sun, 04 Dec 2022 23:55:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 31ce2ea3181b1b66995e51580a77bd42
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=561540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748793698e9b511-OSL
lightssyrupdecree.com/watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1&shu=5ce06b5a589c17131ebb89bb71cefbaf3140c62d7126ab30887bd587055c5817467cac937bbd258ea51cd2ae1b46719f6ee4ad6f20d2474561db03d2a5d213150e144af358ceae71a17856a89337f796c409df0bb625e9afb025c26f809453&pst=1670198192&rmtc=t
192.243.61.227200 OK 2.1 kB URL HTTP/1.1 lightssyrupdecree.com/watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1&shu=5ce06b5a589c17131ebb89bb71cefbaf3140c62d7126ab30887bd587055c5817467cac937bbd258ea51cd2ae1b46719f6ee4ad6f20d2474561db03d2a5d213150e144af358ceae71a17856a89337f796c409df0bb625e9afb025c26f809453&pst=1670198192&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2637)
Hash 0fac5d8c5b94ada4d27a21ebcdd6c211
d27e6a36470654ffbfad7bf1772834df92065480
531c7ef612d57c8fe3bf73b4424509721a29ed302e32640fd0b89c451e9e006e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.682849074367.js?key=efe516cf443be9626415f64a97857a99&kw=%5B%5D&refer=http%3A%2F%2Fhdlivegames.xyz%2Fhd%2Fch10.php%3Fsport%3Dbasketball&tz=0&dev=e&res=12.1053&uuid=15f61b8d-2ec8-435d-9c52-294c53dca5d6%3A1%3A1&shu=5ce06b5a589c17131ebb89bb71cefbaf3140c62d7126ab30887bd587055c5817467cac937bbd258ea51cd2ae1b46719f6ee4ad6f20d2474561db03d2a5d213150e144af358ceae71a17856a89337f796c409df0bb625e9afb025c26f809453&pst=1670198192&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Referer: http://hdlivegames.xyz/
Connection: keep-alive
Cookie: u_pl=17852426; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1MjQyNiwiayI6ImVmZTUxNmNmNDQzYmU5NjI2NDE1ZjY0YTk3ODU3YTk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDIyMjE0LCJwaWQiOjI2MDc0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoic2tqazhyYWJ6eiIsImNwa3MiOnsgIjI4IjoiZTJmYjcwNzJlZGU3N2NhOGFkNTUyMDQ1MTVjNGQ5OTEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZGxpdmVnYW1lcy54eXovaGQvY2gxMC5waHA_c3BvcnQ9YmFza2V0YmFsbCJ9fQ.S8P-FlDKf4MJheTRaawhwYJDoZoo133hEHI4LhJatEs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hdlivegames.xyz
Access-Control-Allow-Origin: http://hdlivegames.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=15f61b8d-2ec8-435d-9c52-294c53dca5d6:1:1; expires=Sun, 11 Dec 2022 23:55:32 GMT; secure; SameSite=None
iprc0df89f3d2807bf86c7af1b68578bd873=3569808; expires=Mon, 05 Dec 2022 03:55:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 05 Dec 2022 23:55:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b2463a3d318a55009e923ec66a7a2e9b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
st.chatango.com/cfg/nc/r.json?cb89540020000199407514170
208.93.230.28200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?cb89540020000199407514170
IP 208.93.230.28:0
File type JSON data\012- , ASCII text
Hash 345dbbbf4120bf2cc616c0cda02d92de
d0e690c4cb67b9443d45d8342c5788c9583a0064
fc6476e99bc2028c9c0d7d28edafdcc7c2fdeb1630913f685887a25125f4f4e2
GET /cfg/nc/r.json?cb89540020000199407514170 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdlivegames.xyz
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 54e9dde1154370864c9481c52f1eb224
f4b2a065300f5ac9a27ba41a034b7e2d6fd98f5a
1ecefe4ad72f4afd1741ad6e2ac98ef0e5e2c15e8e03d25afffff09439818ddb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 17:22:25 GMT
Expires: Sat, 10 Dec 2022 17:22:24 GMT
Etag: "f4b2a065300f5ac9a27ba41a034b7e2d6fd98f5a"
Cache-Control: max-age=494211,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774879365c2cb518-OSL
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/jpeg
Content-Length: 22757
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:56:41 GMT
ETag: "5eaa84b9-58e5"
Expires: Tue, 06 Dec 2022 23:55:32 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/jpeg
Content-Length: 24518
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:34 GMT
ETag: "5eaa852a-5fc6"
Expires: Tue, 06 Dec 2022 23:55:32 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NbabCKKOGzfSCIKKdKr6kaQcZDCOkWBMMi%2BCy%2FuqzjW36hb3VnV1sgoOyGyEXrhQV5XTyQR1UOcHCNIRZIiI6c0QwfwJYXAp1dPQzgf1Pep8i3O%2Bcz8%2FyC%2BIj5yeb35s9pTWdL7T8OtvbKlEmMLV12%2FVA7%2FhX6lvqWShfaXer5LtvRP4nYb%2FZv1DyXfMfNMPfD%2Fwg%2FqKsjIy%2FfkJCpXeD4NG6DfazUbQaaNvn55d7sFRD6J3QV6CEuNntx8%2BgOIjJPFP16TbyUz69gdxrmlmLHri%2BHayk5giQTxrI%2BshSo6n2zBuTMhXl2CS46kCmN5hpQBMjYn3KABLjqc0wXpHT5gyDZmAiedQ9EaQegRFR%2BDmDpQ4IwAXWN9AEt9bN7agu09QWqFjUnv8D1QxJrW%2FX0YS%2F7CsVb9%2B0%2Bg8UyZx6EclVH8E1R0hzU%2BQ7XlQxQl49hmU%2BIPMP15DEh9uOG2gRDlRr9QIKhpBywGo85BXn%2FKQRx7y1EMszuu0E0a%2BvxixqNVaanPOWy3OO0sLoiNa7aXIR84regNk6QBcD8DtPlK7jx01gM1%2Fgdsu4YQHl42Jd30fPVGikASFIygoQaEIioyg6JVHQrumK%2B8J7XIWTGtzWlvl0GTdA3pksq5MyEF6QV6s7uK9IH%2FHjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d9fSNXZ8hoYPYHTJ%2BDqMmgegBbDxaYPuj1sL%2FnYS37Mt4XLrKSxa3CdMwhTIs1qyHa9A31BXpkY9OqfbUh%2BevW3uXfT4aM5cFsitSU%2BVb8SdPXd4Q1TkMMbpnDkwUaaqVjt0cq8mxnN5DPffSR3C2PF6jU3%2BPY9XgFVe%2F%2BWdNkaTYRKuo58v6yEkHbFWC7Jz6tuS7LN3G0v5zbJ07XN91dW49RK55RJRqDqbONfcDUmtdcvT57l82dvQdkRbF4izk%2FJNKDMCXi6D5fO2DtDYPVsh6Ueirwc2iab%2FdSKQMvZTFkJ97%2BZzfoDdxddWwPN7iCJS%2FRsiZ4uQfUALp8bZqk9vfrw6yq%2BAdO1IdO2dsi01V9OTjsmr9WuV%2Bl2lT6BU%2Bd12Yn8SPpNyaKQRYvUF2HUDhkNA7nIOjRA5sb8i1b2HwAAAP%2F%2FAQAA%2F%2F8Iq76KfQQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NbabCKKOGzfSCIKKdKr6kaQcZDCOkWBMMi%2BCy%2FuqzjW36hb3VnV1sgoOyGyEXrhQV5XTyQR1UOcHCNIRZIiI6c0QwfwJYXAp1dPQzgf1Pep8i3O%2Bcz8%2FyC%2BIj5yeb35s9pTWdL7T8OtvbKlEmMLV12%2FVA7%2FhX6lvqWShfaXer5LtvRP4nYb%2FZv1DyXfMfNMPfD%2Fwg%2FqKsjIy%2FfkJCpXeD4NG6DfazUbQaaNvn55d7sFRD6J3QV6CEuNntx8%2BgOIjJPFP16TbyUz69gdxrmlmLHri%2BHayk5giQTxrI%2BshSo6n2zBuTMhXl2CS46kCmN5hpQBMjYn3KABLjqc0wXpHT5gyDZmAiedQ9EaQegRFR%2BDmDpQ4IwAXWN9AEt9bN7agu09QWqFjUnv8D1QxJrW%2FX0YS%2F7CsVb9%2B0%2Bg8UyZx6EclVH8E1R0hzU%2BQ7XlQxQl49hmU%2BIPMP15DEh9uOG2gRDlRr9QIKhpBywGo85BXn%2FKQRx7y1EMszuu0E0a%2BvxixqNVaanPOWy3OO0sLoiNa7aXIR84regNk6QBcD8DtPlK7jx01gM1%2Fgdsu4YQHl42Jd30fPVGikASFIygoQaEIioyg6JVHQrumK%2B8J7XIWTGtzWlvl0GTdA3pksq5MyEF6QV6s7uK9IH%2FHjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d9fSNXZ8hoYPYHTJ%2BDqMmgegBbDxaYPuj1sL%2FnYS37Mt4XLrKSxa3CdMwhTIs1qyHa9A31BXpkY9OqfbUh%2BevW3uXfT4aM5cFsitSU%2BVb8SdPXd4Q1TkMMbpnDkwUaaqVjt0cq8mxnN5DPffSR3C2PF6jU3%2BPY9XgFVe%2F%2BWdNkaTYRKuo58v6yEkHbFWC7Jz6tuS7LN3G0v5zbJ07XN91dW49RK55RJRqDqbONfcDUmtdcvT57l82dvQdkRbF4izk%2FJNKDMCXi6D5fO2DtDYPVsh6Ueirwc2iab%2FdSKQMvZTFkJ97%2BZzfoDdxddWwPN7iCJS%2FRsiZ4uQfUALp8bZqk9vfrw6yq%2BAdO1IdO2dsi01V9OTjsmr9WuV%2Bl2lT6BU%2Bd12Yn8SPpNyaKQRYvUF2HUDhkNA7nIOjRA5sb8i1b2HwAAAP%2F%2FAQAA%2F%2F8Iq76KfQQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NbabCKKOGzfSCIKKdKr6kaQcZDCOkWBMMi%2BCy%2FuqzjW36hb3VnV1sgoOyGyEXrhQV5XTyQR1UOcHCNIRZIiI6c0QwfwJYXAp1dPQzgf1Pep8i3O%2Bcz8%2FyC%2BIj5yeb35s9pTWdL7T8OtvbKlEmMLV12%2FVA7%2FhX6lvqWShfaXer5LtvRP4nYb%2FZv1DyXfMfNMPfD%2Fwg%2FqKsjIy%2FfkJCpXeD4NG6DfazUbQaaNvn55d7sFRD6J3QV6CEuNntx8%2BgOIjJPFP16TbyUz69gdxrmlmLHri%2BHayk5giQTxrI%2BshSo6n2zBuTMhXl2CS46kCmN5hpQBMjYn3KABLjqc0wXpHT5gyDZmAiedQ9EaQegRFR%2BDmDpQ4IwAXWN9AEt9bN7agu09QWqFjUnv8D1QxJrW%2FX0YS%2F7CsVb9%2B0%2Bg8UyZx6EclVH8E1R0hzU%2BQ7XlQxQl49hmU%2BIPMP15DEh9uOG2gRDlRr9QIKhpBywGo85BXn%2FKQRx7y1EMszuu0E0a%2BvxixqNVaanPOWy3OO0sLoiNa7aXIR84regNk6QBcD8DtPlK7jx01gM1%2Fgdsu4YQHl42Jd30fPVGikASFIygoQaEIioyg6JVHQrumK%2B8J7XIWTGtzWlvl0GTdA3pksq5MyEF6QV6s7uK9IH%2FHjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d9fSNXZ8hoYPYHTJ%2BDqMmgegBbDxaYPuj1sL%2FnYS37Mt4XLrKSxa3CdMwhTIs1qyHa9A31BXpkY9OqfbUh%2BevW3uXfT4aM5cFsitSU%2BVb8SdPXd4Q1TkMMbpnDkwUaaqVjt0cq8mxnN5DPffSR3C2PF6jU3%2BPY9XgFVe%2F%2BWdNkaTYRKuo58v6yEkHbFWC7Jz6tuS7LN3G0v5zbJ07XN91dW49RK55RJRqDqbONfcDUmtdcvT57l82dvQdkRbF4izk%2FJNKDMCXi6D5fO2DtDYPVsh6Ueirwc2iab%2FdSKQMvZTFkJ97%2BZzfoDdxddWwPN7iCJS%2FRsiZ4uQfUALp8bZqk9vfrw6yq%2BAdO1IdO2dsi01V9OTjsmr9WuV%2Bl2lT6BU%2Bd12Yn8SPpNyaKQRYvUF2HUDhkNA7nIOjRA5sb8i1b2HwAAAP%2F%2FAQAA%2F%2F8Iq76KfQQAAA%3D%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06c69f2682c76862186ab68ddf8845eb
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/jpeg
Content-Length: 27832
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:58 GMT
ETag: "5eaa8542-6cb8"
Expires: Tue, 06 Dec 2022 23:55:32 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdlivegames.xyz/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/jpeg
Content-Length: 32471
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:05 GMT
ETag: "5eaa850d-7ed7"
Expires: Tue, 06 Dec 2022 23:55:32 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://hdlivegames.xyz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487937d941b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://hdlivegames.xyz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9NdO%2FTX6b0XHjRhpBUJBOVT%2BSlIMMxjESjEnmRXB5X9W55lbd4t6qrk5WwQGZjdALF%2BqqcjqZoA7q%2FAGCdAQZomJ6M0Qwf4IbYXAp1dPQ%2BkF9jzrf4pzv3I8P8gviI6fnm%2B%2BbPaU1ne80%2FPqrWyoRpnD19Tv1wG%2F41%2BpbKlloX6v3q2R7bwR%2Bp%2BG%2FVn9X8h0z3%2FQD3w%2F8oL6irIxMf36CQqUPw6AR%2Bo12sxF02ujb%2F84u9%2BCoB9G7IM9DifH%2Fth8%2FguIjJPF3N6TbyUz6%2BjtxrmlmLHri%2BG6yk5giQTxrI%2BshSo6n2zBuTMhnl2CS46kCmN5hpQBMjYn3JABLjqc0wXpHz5gyDZmAif%2Bj6I0g9QiKjsDNPShxRgAusL6BJH6wbmxBd5%2BhtELHpPb0L6hiTGp%2FvIAk%2FmZZq379ttF5pkzi0I9KqP4IqjtCmp8g2%2FOgihPw7CMo8SuZf7qGJD7ccNpAiXKiXqkRVDSClgNQ5yGvPuUhjzzkqYdYnNdpJ4x8fzFiUau11Oact1qcd5YWREe02kuRj5xX9AbI0gG4HoDbfaR2HztqAJv%2FALddwgkPLhsT7%2BY%2BeqJEIQkKR1BQgkIRFBlB0SuPhHZNVz4Q2uUsmNbmtLbKocm6B%2FTIZF2ZkIP0gjxX3cW7In%2FGjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d%2FvSNXZ8hoYPYHTJ%2BDqKmgegBbDxaYPuj1sL%2FnYS77Nt4XLrKSxa3CdMwhTIs1qyHa9A31BXpwY9HLtLiQ%2Fvf7T3Jvp8MkcuC2R2hIfqh8Juvr%2B8JYpyOEtUzjyaCPNVKz2aGXe7Yxm8vJX78ndwlixesMNvnyLV0DVPrwjXbZGE6GSriNfLyshpF0xlkvy%2Farbkmwzd9vLuU3ydG3z7ZXVOLXSOWWSEag62%2FgbXI1J7ZWrk2d55Zc%2FoewINi8R56dkGlDmBDzdh0tn7J0hsHq2w9LLKPJyaJts9lMrAi1nM2Ul3L9mNusP3H10bQ00u4ckLtGzJXq6BNUDuHxumKX29Prjz6v4AkzXhkzb2iHTVn86Ji%2F91q7ue3Ny5Cp9AKfO67IT%2BZH0m5JFIYsWqS%2FCqB0yGgZykXVogMyN%2BSet7B8AAAD%2F%2FwEAAP%2F%2FjZVHh30EAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9NdO%2FTX6b0XHjRhpBUJBOVT%2BSlIMMxjESjEnmRXB5X9W55lbd4t6qrk5WwQGZjdALF%2BqqcjqZoA7q%2FAGCdAQZomJ6M0Qwf4IbYXAp1dPQ%2BkF9jzrf4pzv3I8P8gviI6fnm%2B%2BbPaU1ne80%2FPqrWyoRpnD19Tv1wG%2F41%2BpbKlloX6v3q2R7bwR%2Bp%2BG%2FVn9X8h0z3%2FQD3w%2F8oL6irIxMf36CQqUPw6AR%2Bo12sxF02ujb%2F84u9%2BCoB9G7IM9DifH%2Fth8%2FguIjJPF3N6TbyUz6%2BjtxrmlmLHri%2BG6yk5giQTxrI%2BshSo6n2zBuTMhnl2CS46kCmN5hpQBMjYn3JABLjqc0wXpHz5gyDZmAif%2Bj6I0g9QiKjsDNPShxRgAusL6BJH6wbmxBd5%2BhtELHpPb0L6hiTGp%2FvIAk%2FmZZq379ttF5pkzi0I9KqP4IqjtCmp8g2%2FOgihPw7CMo8SuZf7qGJD7ccNpAiXKiXqkRVDSClgNQ5yGvPuUhjzzkqYdYnNdpJ4x8fzFiUau11Oact1qcd5YWREe02kuRj5xX9AbI0gG4HoDbfaR2HztqAJv%2FALddwgkPLhsT7%2BY%2BeqJEIQkKR1BQgkIRFBlB0SuPhHZNVz4Q2uUsmNbmtLbKocm6B%2FTIZF2ZkIP0gjxX3cW7In%2FGjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d%2FvSNXZ8hoYPYHTJ%2BDqKmgegBbDxaYPuj1sL%2FnYS77Nt4XLrKSxa3CdMwhTIs1qyHa9A31BXpwY9HLtLiQ%2Fvf7T3Jvp8MkcuC2R2hIfqh8Juvr%2B8JYpyOEtUzjyaCPNVKz2aGXe7Yxm8vJX78ndwlixesMNvnyLV0DVPrwjXbZGE6GSriNfLyshpF0xlkvy%2Farbkmwzd9vLuU3ydG3z7ZXVOLXSOWWSEag62%2FgbXI1J7ZWrk2d55Zc%2FoewINi8R56dkGlDmBDzdh0tn7J0hsHq2w9LLKPJyaJts9lMrAi1nM2Ul3L9mNusP3H10bQ00u4ckLtGzJXq6BNUDuHxumKX29Prjz6v4AkzXhkzb2iHTVn86Ji%2F91q7ue3Ny5Cp9AKfO67IT%2BZH0m5JFIYsWqS%2FCqB0yGgZykXVogMyN%2BSet7B8AAAD%2F%2FwEAAP%2F%2FjZVHh30EAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9NdO%2FTX6b0XHjRhpBUJBOVT%2BSlIMMxjESjEnmRXB5X9W55lbd4t6qrk5WwQGZjdALF%2BqqcjqZoA7q%2FAGCdAQZomJ6M0Qwf4IbYXAp1dPQ%2BkF9jzrf4pzv3I8P8gviI6fnm%2B%2BbPaU1ne80%2FPqrWyoRpnD19Tv1wG%2F41%2BpbKlloX6v3q2R7bwR%2Bp%2BG%2FVn9X8h0z3%2FQD3w%2F8oL6irIxMf36CQqUPw6AR%2Bo12sxF02ujb%2F84u9%2BCoB9G7IM9DifH%2Fth8%2FguIjJPF3N6TbyUz6%2BjtxrmlmLHri%2BG6yk5giQTxrI%2BshSo6n2zBuTMhnl2CS46kCmN5hpQBMjYn3JABLjqc0wXpHz5gyDZmAif%2Bj6I0g9QiKjsDNPShxRgAusL6BJH6wbmxBd5%2BhtELHpPb0L6hiTGp%2FvIAk%2FmZZq379ttF5pkzi0I9KqP4IqjtCmp8g2%2FOgihPw7CMo8SuZf7qGJD7ccNpAiXKiXqkRVDSClgNQ5yGvPuUhjzzkqYdYnNdpJ4x8fzFiUau11Oact1qcd5YWREe02kuRj5xX9AbI0gG4HoDbfaR2HztqAJv%2FALddwgkPLhsT7%2BY%2BeqJEIQkKR1BQgkIRFBlB0SuPhHZNVz4Q2uUsmNbmtLbKocm6B%2FTIZF2ZkIP0gjxX3cW7In%2FGjjyvh35HhJHPW5KyhY7fkq2QCskW6QILO5yHcKqEcpcmUvdU5d%2FvSNXZ8hoYPYHTJ%2BDqKmgegBbDxaYPuj1sL%2FnYS77Nt4XLrKSxa3CdMwhTIs1qyHa9A31BXpwY9HLtLiQ%2Fvf7T3Jvp8MkcuC2R2hIfqh8Juvr%2B8JYpyOEtUzjyaCPNVKz2aGXe7Yxm8vJX78ndwlixesMNvnyLV0DVPrwjXbZGE6GSriNfLyshpF0xlkvy%2Farbkmwzd9vLuU3ydG3z7ZXVOLXSOWWSEag62%2FgbXI1J7ZWrk2d55Zc%2FoewINi8R56dkGlDmBDzdh0tn7J0hsHq2w9LLKPJyaJts9lMrAi1nM2Ul3L9mNusP3H10bQ00u4ckLtGzJXq6BNUDuHxumKX29Prjz6v4AkzXhkzb2iHTVn86Ji%2F91q7ue3Ny5Cp9AKfO67IT%2BZH0m5JFIYsWqS%2FCqB0yGgZykXVogMyN%2BSet7B8AAAD%2F%2FwEAAP%2F%2FjZVHh30EAAA%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de94e3498f383347ab1ea828b84ea9dd
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=561540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774879372948b511-OSL
eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9Nb%2F%2BgYyb0XEjiDSCoiCdqn4kKQcZjGMkGJPMi%2BDyvqpzza26xb1VXZ2sggMyG6EXLtRV5XQywTGo8wcI0hFkiIrpzRDB7F24EgaXUj0N0Q%2Fqe9T5Fud85368m58RHzk9XXvfbCut6Uyn4ddfXVeJMIWrr9yqB37Dv1JfV8ls%2B0q9XyXbeyPwOw3%2Ftfq7km%2BamaYf%2BH7gB%2FVFZWVk%2BjMTFCo9DING6DfazUbQaaNv%2Fzu73IOjHkTvjDwLJcb%2F33j4AIqPkMTfXpNuMzPp6%2B%2FEuaaZseiJg9vJZmKKBPF5G1kPUXIw3YZxY0I%2BuwCTHEwVwPT2KgVgaky8RwFYcjClCdbbf8KUacgETDyNojeC1CMoOgI3d6DECQG4wMoqkvjeirEF3XqC0godk9rjv6CKMan9%2FhyS%2BOsFrfr1m0bnmTKJQz8qofojqO4IaX6EbNuDKo7As4%2BgxC9k5vEyknhv1WkDJcqJeqVGUNEIWg5AnYe8%2BpSHPPKQpx5icVqnnTDy%2FbmIRa3WfJtz3mpx3pmfFR3Ras9HPnJe0RsgSwfgegBud5DaHWyqAWz%2BPdxGCSc8uGxMvOs76IkShSQoHEFBCQpFUGQERa%2FcF9o1XXlPaJezYFqb09oqhybr7tJ9k3VlQnbTM%2FJMdRfvkvwJm%2FK0HvodEUY%2Bb0nKZjt%2BS7ZCKiSbo7Ms7HAewqkSyl2YSN1WlX%2B%2FIVUnC8tg9AhOH4Gry6B5AFoM55o%2B6MawPe9jO%2Fkm3xAus5LGrsF1ziBMiTSrIdvydvUZeX5i0Eu165D8%2BOqPF99Mh48ugtsSqS3xofqBoKvvDm%2BYguzdMIUjD1bTTMVqm1bm3cxoJv93%2Fz25VRgrlq65wZdv8Qqo2sNb0mXLNBEq6Try1YISQtpFY7kk3y25dcnWcrexkNskT5fX3l5cilMrnVMmGYGqk9W%2FwdWY1F6%2BPHmWl37%2BE8qOYPMScX5MpgFljsDTHbj0%2BOr9Fw6fCl75A84QWH2%2Bw9ILKPJyaJvs%2FKdWBFqez5SVcP%2Ba2Xm%2F6%2B6ia2ug2R0kcYmeLdHTJagewOUXh1lqj68%2B%2FLyKL8B0bci0re0xbfWnY%2FLir%2B3Jfat0u0ofwKnTuuxEfiT9pmRRyKI56oswaoeMhoGcYx0aIHNj%2Fkkr%2BwcAAP%2F%2FAQAA%2F%2F%2F7W6hnfQQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9Nb%2F%2BgYyb0XEjiDSCoiCdqn4kKQcZjGMkGJPMi%2BDyvqpzza26xb1VXZ2sggMyG6EXLtRV5XQywTGo8wcI0hFkiIrpzRDB7F24EgaXUj0N0Q%2Fqe9T5Fud85368m58RHzk9XXvfbCut6Uyn4ddfXVeJMIWrr9yqB37Dv1JfV8ls%2B0q9XyXbeyPwOw3%2Ftfq7km%2BamaYf%2BH7gB%2FVFZWVk%2BjMTFCo9DING6DfazUbQaaNv%2Fzu73IOjHkTvjDwLJcb%2F33j4AIqPkMTfXpNuMzPp6%2B%2FEuaaZseiJg9vJZmKKBPF5G1kPUXIw3YZxY0I%2BuwCTHEwVwPT2KgVgaky8RwFYcjClCdbbf8KUacgETDyNojeC1CMoOgI3d6DECQG4wMoqkvjeirEF3XqC0godk9rjv6CKMan9%2FhyS%2BOsFrfr1m0bnmTKJQz8qofojqO4IaX6EbNuDKo7As4%2BgxC9k5vEyknhv1WkDJcqJeqVGUNEIWg5AnYe8%2BpSHPPKQpx5icVqnnTDy%2FbmIRa3WfJtz3mpx3pmfFR3Ras9HPnJe0RsgSwfgegBud5DaHWyqAWz%2BPdxGCSc8uGxMvOs76IkShSQoHEFBCQpFUGQERa%2FcF9o1XXlPaJezYFqb09oqhybr7tJ9k3VlQnbTM%2FJMdRfvkvwJm%2FK0HvodEUY%2Bb0nKZjt%2BS7ZCKiSbo7Ms7HAewqkSyl2YSN1WlX%2B%2FIVUnC8tg9AhOH4Gry6B5AFoM55o%2B6MawPe9jO%2Fkm3xAus5LGrsF1ziBMiTSrIdvydvUZeX5i0Eu165D8%2BOqPF99Mh48ugtsSqS3xofqBoKvvDm%2BYguzdMIUjD1bTTMVqm1bm3cxoJv93%2Fz25VRgrlq65wZdv8Qqo2sNb0mXLNBEq6Try1YISQtpFY7kk3y25dcnWcrexkNskT5fX3l5cilMrnVMmGYGqk9W%2FwdWY1F6%2BPHmWl37%2BE8qOYPMScX5MpgFljsDTHbj0%2BOr9Fw6fCl75A84QWH2%2Bw9ILKPJyaJvs%2FKdWBFqez5SVcP%2Ba2Xm%2F6%2B6ia2ug2R0kcYmeLdHTJagewOUXh1lqj68%2B%2FLyKL8B0bci0re0xbfWnY%2FLir%2B3Jfat0u0ofwKnTuuxEfiT9pmRRyKI56oswaoeMhoGcYx0aIHNj%2Fkkr%2BwcAAP%2F%2FAQAA%2F%2F%2F7W6hnfQQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSy2sk1Ru9Nb%2F%2BgYyb0XEjiDSCoiCdqn4kKQcZjGMkGJPMi%2BDyvqpzza26xb1VXZ2sggMyG6EXLtRV5XQywTGo8wcI0hFkiIrpzRDB7F24EgaXUj0N0Q%2Fqe9T5Fud85368m58RHzk9XXvfbCut6Uyn4ddfXVeJMIWrr9yqB37Dv1JfV8ls%2B0q9XyXbeyPwOw3%2Ftfq7km%2BamaYf%2BH7gB%2FVFZWVk%2BjMTFCo9DING6DfazUbQaaNv%2Fzu73IOjHkTvjDwLJcb%2F33j4AIqPkMTfXpNuMzPp6%2B%2FEuaaZseiJg9vJZmKKBPF5G1kPUXIw3YZxY0I%2BuwCTHEwVwPT2KgVgaky8RwFYcjClCdbbf8KUacgETDyNojeC1CMoOgI3d6DECQG4wMoqkvjeirEF3XqC0godk9rjv6CKMan9%2FhyS%2BOsFrfr1m0bnmTKJQz8qofojqO4IaX6EbNuDKo7As4%2BgxC9k5vEyknhv1WkDJcqJeqVGUNEIWg5AnYe8%2BpSHPPKQpx5icVqnnTDy%2FbmIRa3WfJtz3mpx3pmfFR3Ras9HPnJe0RsgSwfgegBud5DaHWyqAWz%2BPdxGCSc8uGxMvOs76IkShSQoHEFBCQpFUGQERa%2FcF9o1XXlPaJezYFqb09oqhybr7tJ9k3VlQnbTM%2FJMdRfvkvwJm%2FK0HvodEUY%2Bb0nKZjt%2BS7ZCKiSbo7Ms7HAewqkSyl2YSN1WlX%2B%2FIVUnC8tg9AhOH4Gry6B5AFoM55o%2B6MawPe9jO%2Fkm3xAus5LGrsF1ziBMiTSrIdvydvUZeX5i0Eu165D8%2BOqPF99Mh48ugtsSqS3xofqBoKvvDm%2BYguzdMIUjD1bTTMVqm1bm3cxoJv93%2Fz25VRgrlq65wZdv8Qqo2sNb0mXLNBEq6Try1YISQtpFY7kk3y25dcnWcrexkNskT5fX3l5cilMrnVMmGYGqk9W%2FwdWY1F6%2BPHmWl37%2BE8qOYPMScX5MpgFljsDTHbj0%2BOr9Fw6fCl75A84QWH2%2Bw9ILKPJyaJvs%2FKdWBFqez5SVcP%2Ba2Xm%2F6%2B6ia2ug2R0kcYmeLdHTJagewOUXh1lqj68%2B%2FLyKL8B0bci0re0xbfWnY%2FLir%2B3Jfat0u0ofwKnTuuxEfiT9pmRRyKI56oswaoeMhoGcYx0aIHNj%2Fkkr%2BwcAAP%2F%2FAQAA%2F%2F%2F7W6hnfQQAAA%3D%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 040129a07028fef4ddfc1cc5aca0bcd7
Strict-Transport-Security: max-age=0; includeSubdomains
eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsdLBFHXixcZBEFFJt3TM5kZF1mMayQYk%2BwvgsfqqppJmequpqprepJTcEH2IszBg3rqvEk2qIu6f4AgE0GWiJi5LBHMPyEsHqVnB8b9oL8f%2Fb7De9%2Brzw%2FcBfHh6Pnmx3pPKkUXmzW%2F%2BsaWTLjObXX9VjXwa%2F6V6pZMlhpXqoMymf47gd%2Bs%2BW9WPxRsRy%2FW%2FcD3Az%2BorkgjunqwOEUh0%2FudoNbxa416LWg2MDBPz9Z5sNQD71%2BQlyD55Nnthw8g2RhJ%2FNM1YXcynb79QewUzbRBnx%2FfTnYSnSeI523XeOgmx7NtaDsh5KtL0MnxTAF0%2F7BUgEhOiPcoQJQcz2gi6h89YRopiAQRfw55fwyhxpB0DKbvQPIzAjCO9Q0k8b11bXK6%2BwSlJTohlcf%2FQOYTUvn7ZSTxD8tKDqo3tXKZ1InFoFtADsaQvTFSd4Jsz4PMT8CyzyD5H2Tx8RqS%2BHDDKg3Ji6l6KceQ3TGUGIJaD678pAfX9eBSDzE%2Fr9Jmp%2Bv7rW7UDcN2gzEWhow120u8ycNGu%2BvDsZLeEFk6BFNDMLOP1OxjRw5h3C%2Bw2wUs92CzCfGu76PPC%2BSCILcEOSXIJUGeEeT94ogrW7fFPa6si4JZrc9qWIx01jugRzrriYQcpBfkxfIu3gvid%2ByI82rHb%2FJO12ehoNFS0w9F2KFcRC26FHWajHVgZQFpL02l7snSv7%2BQyrPlNUT0BFadgMnLoC4AzUetug%2B6PWq0fewlP7ptbjMjaGxrTLkIXBdIswqyXe9AXZBXpga9%2BmcDgp1e%2FW3h3XT0aAHMFEhNgU%2FlrwQ9dXd0Q%2Bfk8IbOLXmwkWYylnu0NO9mRjPxzHcfid1cG756zQ6%2FfY%2BVQNnevyVstkYTLpOeJd8vS86FWdGGCfLzqt0S0aaz28vOJC5d23x%2FZTVOjbBW6mQMKs82%2FgWTE1J5%2FfL0WT5%2F9hakGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850o9ZC7YmTq0fynkgRKzGcaFbD%2Fm6N5f2DvomcqoNkdJHGBvinQVwWoGsK6hVGWmtOrD78u4xtEqjKKlKkcRsqoL6ennZDXKtfLdLtMn8DK82ozaIh21G4xziPBeNCqh%2B3Q9%2BucN1odEXSQ2Qn7Isz%2BAwAA%2F%2F8BAAD%2F%2FxyjMGx9BAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsdLBFHXixcZBEFFJt3TM5kZF1mMayQYk%2BwvgsfqqppJmequpqprepJTcEH2IszBg3rqvEk2qIu6f4AgE0GWiJi5LBHMPyEsHqVnB8b9oL8f%2Fb7De9%2Brzw%2FcBfHh6Pnmx3pPKkUXmzW%2F%2BsaWTLjObXX9VjXwa%2F6V6pZMlhpXqoMymf47gd%2Bs%2BW9WPxRsRy%2FW%2FcD3Az%2BorkgjunqwOEUh0%2FudoNbxa416LWg2MDBPz9Z5sNQD71%2BQlyD55Nnthw8g2RhJ%2FNM1YXcynb79QewUzbRBnx%2FfTnYSnSeI523XeOgmx7NtaDsh5KtL0MnxTAF0%2F7BUgEhOiPcoQJQcz2gi6h89YRopiAQRfw55fwyhxpB0DKbvQPIzAjCO9Q0k8b11bXK6%2BwSlJTohlcf%2FQOYTUvn7ZSTxD8tKDqo3tXKZ1InFoFtADsaQvTFSd4Jsz4PMT8CyzyD5H2Tx8RqS%2BHDDKg3Ji6l6KceQ3TGUGIJaD678pAfX9eBSDzE%2Fr9Jmp%2Bv7rW7UDcN2gzEWhow120u8ycNGu%2BvDsZLeEFk6BFNDMLOP1OxjRw5h3C%2Bw2wUs92CzCfGu76PPC%2BSCILcEOSXIJUGeEeT94ogrW7fFPa6si4JZrc9qWIx01jugRzrriYQcpBfkxfIu3gvid%2ByI82rHb%2FJO12ehoNFS0w9F2KFcRC26FHWajHVgZQFpL02l7snSv7%2BQyrPlNUT0BFadgMnLoC4AzUetug%2B6PWq0fewlP7ptbjMjaGxrTLkIXBdIswqyXe9AXZBXpga9%2BmcDgp1e%2FW3h3XT0aAHMFEhNgU%2FlrwQ9dXd0Q%2Bfk8IbOLXmwkWYylnu0NO9mRjPxzHcfid1cG756zQ6%2FfY%2BVQNnevyVstkYTLpOeJd8vS86FWdGGCfLzqt0S0aaz28vOJC5d23x%2FZTVOjbBW6mQMKs82%2FgWTE1J5%2FfL0WT5%2F9hakGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850o9ZC7YmTq0fynkgRKzGcaFbD%2Fm6N5f2DvomcqoNkdJHGBvinQVwWoGsK6hVGWmtOrD78u4xtEqjKKlKkcRsqoL6ennZDXKtfLdLtMn8DK82ozaIh21G4xziPBeNCqh%2B3Q9%2BucN1odEXSQ2Qn7Isz%2BAwAA%2F%2F8BAAD%2F%2FxyjMGx9BAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsdLBFHXixcZBEFFJt3TM5kZF1mMayQYk%2BwvgsfqqppJmequpqprepJTcEH2IszBg3rqvEk2qIu6f4AgE0GWiJi5LBHMPyEsHqVnB8b9oL8f%2Fb7De9%2Brzw%2FcBfHh6Pnmx3pPKkUXmzW%2F%2BsaWTLjObXX9VjXwa%2F6V6pZMlhpXqoMymf47gd%2Bs%2BW9WPxRsRy%2FW%2FcD3Az%2BorkgjunqwOEUh0%2FudoNbxa416LWg2MDBPz9Z5sNQD71%2BQlyD55Nnthw8g2RhJ%2FNM1YXcynb79QewUzbRBnx%2FfTnYSnSeI523XeOgmx7NtaDsh5KtL0MnxTAF0%2F7BUgEhOiPcoQJQcz2gi6h89YRopiAQRfw55fwyhxpB0DKbvQPIzAjCO9Q0k8b11bXK6%2BwSlJTohlcf%2FQOYTUvn7ZSTxD8tKDqo3tXKZ1InFoFtADsaQvTFSd4Jsz4PMT8CyzyD5H2Tx8RqS%2BHDDKg3Ji6l6KceQ3TGUGIJaD678pAfX9eBSDzE%2Fr9Jmp%2Bv7rW7UDcN2gzEWhow120u8ycNGu%2BvDsZLeEFk6BFNDMLOP1OxjRw5h3C%2Bw2wUs92CzCfGu76PPC%2BSCILcEOSXIJUGeEeT94ogrW7fFPa6si4JZrc9qWIx01jugRzrriYQcpBfkxfIu3gvid%2ByI82rHb%2FJO12ehoNFS0w9F2KFcRC26FHWajHVgZQFpL02l7snSv7%2BQyrPlNUT0BFadgMnLoC4AzUetug%2B6PWq0fewlP7ptbjMjaGxrTLkIXBdIswqyXe9AXZBXpga9%2BmcDgp1e%2FW3h3XT0aAHMFEhNgU%2FlrwQ9dXd0Q%2Bfk8IbOLXmwkWYylnu0NO9mRjPxzHcfid1cG756zQ6%2FfY%2BVQNnevyVstkYTLpOeJd8vS86FWdGGCfLzqt0S0aaz28vOJC5d23x%2FZTVOjbBW6mQMKs82%2FgWTE1J5%2FfL0WT5%2F9hakGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850o9ZC7YmTq0fynkgRKzGcaFbD%2Fm6N5f2DvomcqoNkdJHGBvinQVwWoGsK6hVGWmtOrD78u4xtEqjKKlKkcRsqoL6ennZDXKtfLdLtMn8DK82ozaIh21G4xziPBeNCqh%2B3Q9%2BucN1odEXSQ2Qn7Isz%2BAwAA%2F%2F8BAAD%2F%2FxyjMGx9BAAA HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bcd73b22866e968673ed6554fe5d50b1
Strict-Transport-Security: max-age=0; includeSubdomains
c.adsco.re/
104.17.166.186200 OK 27 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 8e177f7f7ed445152da295fd4d431f5a
1f58658fe6b7da2f29f0d9121f37b6ead72e8cd7
09b8bfebd33240f10691d9d08fe3f222b05e9e635f44212015e3a034f84e562a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 04 Jan 2023 23:55:32 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 21646
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487936fc2bb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3p3fJb%2FL6nrxIoMgKMike3omM%2BMii3GNBGOS%2FUfwWF1VMylT3dVUdU1PcgouyF6EOXhQT51nkg3qou4HEGQiyBIVM5clgvkIXoTFo%2FTswOgL%2Ff7p5z08z%2FvUxwfugvhw9Hzzfb0nlaKLzZpffXVLJlzntrp%2Bpxr4Nf9adUsmS41r1UGZTP%2BNwG%2FW%2FNeq7wq2oxfrfuD7gR9UV6QRXT1YnKKQ6cNOUOv4tUa9FjQbGJj%2FztZ5sNQD71%2BQ5yH55H%2Fbjx9BsjGS%2BLsbwu5kOn39ndgpmmmDPj%2B%2Bm%2BwkOk8Qz9uu8dBNjmfb0HZCyGeXoJPjmQLo%2FmGpAJGcEO9JgCg5ntFE1D96xjRSEAki%2Fn%2Fk%2FTGEGkPSMZi%2BB8nPCMA41jeQxA%2FWtcnp7jOUluiEVJ7%2BBZlPSOWPF5DE3ywrOaje1splUicWg24BORhD9sZI3QmyPQ8yPwHLPoLkv5LFp2tI4sMNqzQkL6bqpRxDdsdQYghqPbjykx5c14NLPcT8vEqbna7vt7pRNwzbDcZYGDLWbC%2FxJg8b7a4Px0p6Q2TpEEwNwcw%2BUrOPHTmEcT%2FAbhew3IPNJsS7uY8%2BL5ALgtwS5JQglwR5RpD3iyOubN0WD7iyLgpmtT6rYTHSWe%2BAHumsJxJykF6Q58q7eFfEz9gR59WO3%2BSdrs9CQaOlph%2BKsEO5iFp0Keo0GevAygLSXppK3ZOlf78jlWfLa4joCaw6AZNXQV0Amo9adR90e9Ro%2B9hLvnXb3GZG0NjWmHIRuC6QZhVku96BuiAvTg16uXIXgp1e%2F2nhzXT0ZAHMFEhNgQ%2FljwQ9dX90S%2Bfk8JbOLXm0kWYylnu0NO92RjNx%2Bav3xG6uDV%2B9YYdfvsVKoGwf3hE2W6MJl0nPkq%2BXJefCrGjDBPl%2B1W6JaNPZ7WVnEpeubb69shqnRlgrdTIGlWcbf4PJCam8cnX6LK%2F88iekGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850ovYzcFSNTj%2BY%2FlSRQYj7TqID91xzN%2BwN7Hz1TAc3uIYkL9E2BvipA1RDWLYyy1Jxef%2Fx5GV8gUpVRpEzlMFJGfTohL%2F3WKO97c3rkMn0AK8%2BrzaAh2lG7xTiPBONBqx62Q9%2Bvc95odUTQQWYn7JMw%2BwcAAP%2F%2FAQAA%2F%2F%2BZnclhfQQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3p3fJb%2FL6nrxIoMgKMike3omM%2BMii3GNBGOS%2FUfwWF1VMylT3dVUdU1PcgouyF6EOXhQT51nkg3qou4HEGQiyBIVM5clgvkIXoTFo%2FTswOgL%2Ff7p5z08z%2FvUxwfugvhw9Hzzfb0nlaKLzZpffXVLJlzntrp%2Bpxr4Nf9adUsmS41r1UGZTP%2BNwG%2FW%2FNeq7wq2oxfrfuD7gR9UV6QRXT1YnKKQ6cNOUOv4tUa9FjQbGJj%2FztZ5sNQD71%2BQ5yH55H%2Fbjx9BsjGS%2BLsbwu5kOn39ndgpmmmDPj%2B%2Bm%2BwkOk8Qz9uu8dBNjmfb0HZCyGeXoJPjmQLo%2FmGpAJGcEO9JgCg5ntFE1D96xjRSEAki%2Fn%2Fk%2FTGEGkPSMZi%2BB8nPCMA41jeQxA%2FWtcnp7jOUluiEVJ7%2BBZlPSOWPF5DE3ywrOaje1splUicWg24BORhD9sZI3QmyPQ8yPwHLPoLkv5LFp2tI4sMNqzQkL6bqpRxDdsdQYghqPbjykx5c14NLPcT8vEqbna7vt7pRNwzbDcZYGDLWbC%2FxJg8b7a4Px0p6Q2TpEEwNwcw%2BUrOPHTmEcT%2FAbhew3IPNJsS7uY8%2BL5ALgtwS5JQglwR5RpD3iyOubN0WD7iyLgpmtT6rYTHSWe%2BAHumsJxJykF6Q58q7eFfEz9gR59WO3%2BSdrs9CQaOlph%2BKsEO5iFp0Keo0GevAygLSXppK3ZOlf78jlWfLa4joCaw6AZNXQV0Amo9adR90e9Ro%2B9hLvnXb3GZG0NjWmHIRuC6QZhVku96BuiAvTg16uXIXgp1e%2F2nhzXT0ZAHMFEhNgQ%2FljwQ9dX90S%2Bfk8JbOLXm0kWYylnu0NO92RjNx%2Bav3xG6uDV%2B9YYdfvsVKoGwf3hE2W6MJl0nPkq%2BXJefCrGjDBPl%2B1W6JaNPZ7WVnEpeubb69shqnRlgrdTIGlWcbf4PJCam8cnX6LK%2F88iekGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850ovYzcFSNTj%2BY%2FlSRQYj7TqID91xzN%2BwN7Hz1TAc3uIYkL9E2BvipA1RDWLYyy1Jxef%2Fx5GV8gUpVRpEzlMFJGfTohL%2F3WKO97c3rkMn0AK8%2BrzaAh2lG7xTiPBONBqx62Q9%2Bvc95odUTQQWYn7JMw%2BwcAAP%2F%2FAQAA%2F%2F%2BZnclhfQQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3p3fJb%2FL6nrxIoMgKMike3omM%2BMii3GNBGOS%2FUfwWF1VMylT3dVUdU1PcgouyF6EOXhQT51nkg3qou4HEGQiyBIVM5clgvkIXoTFo%2FTswOgL%2Ff7p5z08z%2FvUxwfugvhw9Hzzfb0nlaKLzZpffXVLJlzntrp%2Bpxr4Nf9adUsmS41r1UGZTP%2BNwG%2FW%2FNeq7wq2oxfrfuD7gR9UV6QRXT1YnKKQ6cNOUOv4tUa9FjQbGJj%2FztZ5sNQD71%2BQ5yH55H%2Fbjx9BsjGS%2BLsbwu5kOn39ndgpmmmDPj%2B%2Bm%2BwkOk8Qz9uu8dBNjmfb0HZCyGeXoJPjmQLo%2FmGpAJGcEO9JgCg5ntFE1D96xjRSEAki%2Fn%2Fk%2FTGEGkPSMZi%2BB8nPCMA41jeQxA%2FWtcnp7jOUluiEVJ7%2BBZlPSOWPF5DE3ywrOaje1splUicWg24BORhD9sZI3QmyPQ8yPwHLPoLkv5LFp2tI4sMNqzQkL6bqpRxDdsdQYghqPbjykx5c14NLPcT8vEqbna7vt7pRNwzbDcZYGDLWbC%2FxJg8b7a4Px0p6Q2TpEEwNwcw%2BUrOPHTmEcT%2FAbhew3IPNJsS7uY8%2BL5ALgtwS5JQglwR5RpD3iyOubN0WD7iyLgpmtT6rYTHSWe%2BAHumsJxJykF6Q58q7eFfEz9gR59WO3%2BSdrs9CQaOlph%2BKsEO5iFp0Keo0GevAygLSXppK3ZOlf78jlWfLa4joCaw6AZNXQV0Amo9adR90e9Ro%2B9hLvnXb3GZG0NjWmHIRuC6QZhVku96BuiAvTg16uXIXgp1e%2F2nhzXT0ZAHMFEhNgQ%2FljwQ9dX90S%2Bfk8JbOLXm0kWYylnu0NO92RjNx%2Bav3xG6uDV%2B9YYdfvsVKoGwf3hE2W6MJl0nPkq%2BXJefCrGjDBPl%2B1W6JaNPZ7WVnEpeubb69shqnRlgrdTIGlWcbf4PJCam8cnX6LK%2F88iekGcO4ArE7JbOA1Cdg6T5sOmdvNYFR850ovYzcFSNTj%2BY%2FlSRQYj7TqID91xzN%2BwN7Hz1TAc3uIYkL9E2BvipA1RDWLYyy1Jxef%2Fx5GV8gUpVRpEzlMFJGfTohL%2F3WKO97c3rkMn0AK8%2BrzaAh2lG7xTiPBONBqx62Q9%2Bvc95odUTQQWYn7JMw%2BwcAAP%2F%2FAQAA%2F%2F%2BZnclhfQQAAA%3D%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af9ddf70d6e1de1aef04f07ea9161e8f
Strict-Transport-Security: max-age=0; includeSubdomains
eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsfLelldL15kEAQFmXRPz2RmXGQxriuLMcn%2BInisrqqelKnuaqq6pic5BRdkL8IcPKinzptkg7qo%2BwcIMhFkiYqZyxLB%2FAsehMWjdDIw%2BkF%2FP%2Fp9h%2Fe%2BV5%2FsulPiw9GTtQ%2F0tlSKLrQbfv21dZlyXdj6yp164Df8K%2FV1mS62rtSHVTKDNwO%2F3fBfr78n2KZeaPqB7wd%2BUL8ujYj1cOEMhcwe9oJGz2%2B0mo2g3cLQ%2FH%2B2zoOlHvjglLwAyafPbjx%2BBMkmSJPvrwm7mevsjXcTp2iuDQb84G66meoiRTJvY%2BMhTg9m29B2SsjnF6DTg5kC6MFepQCRnBLvSYAoPZjRRDTYP2caKYgUEX8OxWACoSaQdAKm70HyYwIwjpVVpMmDFW0KunWO0gqdktrTvyGLKan9%2BSLS5NslJYf121q5XOrUYhiXkMMJZH%2BCzB0i3%2FYgi0Ow%2FGNI%2FhtZeLqMNNlbtUpD8vJMvZQTyHgCJUag1oOrPunBxR5c5iHhJ3Xa7sW%2B34mjOAy7LcZYGDLW7i7yNg9b3diHYxW9EfJsBKZGYGYHmdnBphzBuB9hN0pY7sHmU%2BLd3MGAlygEQWEJCkpQSIIiJygG5T5XtmnLB1xZFwWz2pzVsBzrvL9L93XeFynZzU7J89VdvEviF2yKk3rPb%2FNe7LNQ0Gix7Yci7FEuog5djHptxnqwsoS0F86kbsvKvz%2BQyeOlZUT0EFYdgsnLoC4ALcadpg%2B6MW51fWyn37kNbnMjaGIbTLkIXJfI8hryLW9XnZKXzgx6pfYhBDu6%2BvPFt7Lxk4tgpkRmSnwkfyLoq%2FvjW7oge7d0Ycmj1SyXidymlXm3c5qLZ75%2BX2wV2vAb1%2Bzoq7dZBVTtwzvC5ss05TLtW%2FLNkuRcmOvaMEF%2BuGHXRbTm7MaSM6nLltfeuX4jyYywVup0AiqPV%2F8Bk1NSe%2FXy2bO89OtfkGYC40ok7ojMAlIfgmU7sNmcvdUERs13oqyGwpVj04zmP5UkUGI%2B06iE%2Fc8czftdex99UwPN7yFNSgxMiYEqQdUI1l0c55k5uvr4iyq%2BRKRq40iZ2l6kjPpsSl7%2BvVXd92aV7p5f2sqTejtoiW7U7TDOI8F40GmG3dD3m5y3Oj0R9JDbKfs0zP8FAAD%2F%2FwEAAP%2F%2FrAY6rX0EAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsfLelldL15kEAQFmXRPz2RmXGQxriuLMcn%2BInisrqqelKnuaqq6pic5BRdkL8IcPKinzptkg7qo%2BwcIMhFkiYqZyxLB%2FAsehMWjdDIw%2BkF%2FP%2Fp9h%2Fe%2BV5%2FsulPiw9GTtQ%2F0tlSKLrQbfv21dZlyXdj6yp164Df8K%2FV1mS62rtSHVTKDNwO%2F3fBfr78n2KZeaPqB7wd%2BUL8ujYj1cOEMhcwe9oJGz2%2B0mo2g3cLQ%2FH%2B2zoOlHvjglLwAyafPbjx%2BBMkmSJPvrwm7mevsjXcTp2iuDQb84G66meoiRTJvY%2BMhTg9m29B2SsjnF6DTg5kC6MFepQCRnBLvSYAoPZjRRDTYP2caKYgUEX8OxWACoSaQdAKm70HyYwIwjpVVpMmDFW0KunWO0gqdktrTvyGLKan9%2BSLS5NslJYf121q5XOrUYhiXkMMJZH%2BCzB0i3%2FYgi0Ow%2FGNI%2FhtZeLqMNNlbtUpD8vJMvZQTyHgCJUag1oOrPunBxR5c5iHhJ3Xa7sW%2B34mjOAy7LcZYGDLW7i7yNg9b3diHYxW9EfJsBKZGYGYHmdnBphzBuB9hN0pY7sHmU%2BLd3MGAlygEQWEJCkpQSIIiJygG5T5XtmnLB1xZFwWz2pzVsBzrvL9L93XeFynZzU7J89VdvEviF2yKk3rPb%2FNe7LNQ0Gix7Yci7FEuog5djHptxnqwsoS0F86kbsvKvz%2BQyeOlZUT0EFYdgsnLoC4ALcadpg%2B6MW51fWyn37kNbnMjaGIbTLkIXJfI8hryLW9XnZKXzgx6pfYhBDu6%2BvPFt7Lxk4tgpkRmSnwkfyLoq%2FvjW7oge7d0Ycmj1SyXidymlXm3c5qLZ75%2BX2wV2vAb1%2Bzoq7dZBVTtwzvC5ss05TLtW%2FLNkuRcmOvaMEF%2BuGHXRbTm7MaSM6nLltfeuX4jyYywVup0AiqPV%2F8Bk1NSe%2FXy2bO89OtfkGYC40ok7ojMAlIfgmU7sNmcvdUERs13oqyGwpVj04zmP5UkUGI%2B06iE%2Fc8czftdex99UwPN7yFNSgxMiYEqQdUI1l0c55k5uvr4iyq%2BRKRq40iZ2l6kjPpsSl7%2BvVXd92aV7p5f2sqTejtoiW7U7TDOI8F40GmG3dD3m5y3Oj0R9JDbKfs0zP8FAAD%2F%2FwEAAP%2F%2FrAY6rX0EAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXsfLelldL15kEAQFmXRPz2RmXGQxriuLMcn%2BInisrqqelKnuaqq6pic5BRdkL8IcPKinzptkg7qo%2BwcIMhFkiYqZyxLB%2FAsehMWjdDIw%2BkF%2FP%2Fp9h%2Fe%2BV5%2FsulPiw9GTtQ%2F0tlSKLrQbfv21dZlyXdj6yp164Df8K%2FV1mS62rtSHVTKDNwO%2F3fBfr78n2KZeaPqB7wd%2BUL8ujYj1cOEMhcwe9oJGz2%2B0mo2g3cLQ%2FH%2B2zoOlHvjglLwAyafPbjx%2BBMkmSJPvrwm7mevsjXcTp2iuDQb84G66meoiRTJvY%2BMhTg9m29B2SsjnF6DTg5kC6MFepQCRnBLvSYAoPZjRRDTYP2caKYgUEX8OxWACoSaQdAKm70HyYwIwjpVVpMmDFW0KunWO0gqdktrTvyGLKan9%2BSLS5NslJYf121q5XOrUYhiXkMMJZH%2BCzB0i3%2FYgi0Ow%2FGNI%2FhtZeLqMNNlbtUpD8vJMvZQTyHgCJUag1oOrPunBxR5c5iHhJ3Xa7sW%2B34mjOAy7LcZYGDLW7i7yNg9b3diHYxW9EfJsBKZGYGYHmdnBphzBuB9hN0pY7sHmU%2BLd3MGAlygEQWEJCkpQSIIiJygG5T5XtmnLB1xZFwWz2pzVsBzrvL9L93XeFynZzU7J89VdvEviF2yKk3rPb%2FNe7LNQ0Gix7Yci7FEuog5djHptxnqwsoS0F86kbsvKvz%2BQyeOlZUT0EFYdgsnLoC4ALcadpg%2B6MW51fWyn37kNbnMjaGIbTLkIXJfI8hryLW9XnZKXzgx6pfYhBDu6%2BvPFt7Lxk4tgpkRmSnwkfyLoq%2FvjW7oge7d0Ycmj1SyXidymlXm3c5qLZ75%2BX2wV2vAb1%2Bzoq7dZBVTtwzvC5ss05TLtW%2FLNkuRcmOvaMEF%2BuGHXRbTm7MaSM6nLltfeuX4jyYywVup0AiqPV%2F8Bk1NSe%2FXy2bO89OtfkGYC40ok7ojMAlIfgmU7sNmcvdUERs13oqyGwpVj04zmP5UkUGI%2B06iE%2Fc8czftdex99UwPN7yFNSgxMiYEqQdUI1l0c55k5uvr4iyq%2BRKRq40iZ2l6kjPpsSl7%2BvVXd92aV7p5f2sqTejtoiW7U7TDOI8F40GmG3dD3m5y3Oj0R9JDbKfs0zP8FAAD%2F%2FwEAAP%2F%2FrAY6rX0EAAA%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 445c58a644415bfa7d908ad50cbdd227
Strict-Transport-Security: max-age=0; includeSubdomains
eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjiNIvKyuF0FkEBQFmXRPz2RmXCQY10gwJtlfBI%2FVVdWTMtVdTVX39CSn4ILsRZiDB%2FXUeZNscA3q%2FgGCTARZomLmskQwdw%2BehMWj9OxA3A%2F6%2B9HvO7z3vfp0LzsnLjJ6tv6h3pFK0blmza2%2BviFjrnNbXb1Z9dyae6W6IeP5xpVqv0ym95bnNmvuG9X3BdvSc3XXc13P9apL0ohQ9%2BcmKGRy1PFqHbfWqNe8ZgN98%2BRsMweWOuC9c%2FI8JB8%2FvfngPiQbIY6%2BvyrsVqqTN9%2BLMkVTbdDjh7firVjnMaKLNjQOwvhwug1tx4R8MQMdH04VQPf2SwUI5Jg4Dz0E8eGUJoLewWOmgYKIEfBnkfdGEGoESUdg%2BjYkPyUA41hdQxzdXdUmp9uPUVqiY1J59A9kPiaVP19AHH27qGS%2FekOrLJU6tuiHBWR%2FBNkdIcmOke44kPkxWPoJJP%2BNzD1aQRztr1mlIXkxUS%2FlCDIcQYkBqHWQlZ90kIUOssRBxM%2BqtNkJXbcVBqHvtxuMMd9nrNme503uN9qhi4yV9AZIkwGYGoCZXSRmF1tyAJP9CLtZwHIHNh0T59ouerxALghyS5BTglwS5ClB3isOuLJ1W9zlymaBN631afWLoU67e%2FRAp10Rk73knDxX3sW5JH7Bljirdtwm74Qu8wUN5puuL%2FwO5SJo0fmg02SsAysLSDszkbojS%2F%2F%2BQCJPF1cQ0GNYdQwmL4NmHmg%2BbNVd0M1ho%2B1iJ%2F4u2%2BQ2NYJGtsZUFoDrAklaQbrt7Klz8uLEoFcq1yDYycLPs28nw4ezYKZAYgp8LH8i6Ko7w%2Bs6J%2FvXdW7J%2FbUklZHcoaV5N1KaiqfufSC2c2348lU7%2BPodVgJle3RT2HSFxlzGXUu%2BWZScC7OkDRPkh2W7IYL1zG4uZibOkpX1d5eWo8QIa6WOR6DydO1fMDkmlVcvT57lpV%2F%2FhjQjmKxAlJ2QaUDqY7BkFzY5Wbj30tEz3mt%2FwWoCoy52gmQGeVYMTT24%2BKkkgRIXMw0K2P%2FNwUW%2FZ%2B%2Bgayqg6W3EUYGeKdBTBagawGazwzQxJwsPvizjKwSqMgyUqewHyqjPx%2BTl3xuT%2B5bpVpk%2BgpVn1abXEO2g3WKcB4Jxr1X3277r1jlvtDrC6yC1Y%2FaZn%2F4HAAD%2F%2FwEAAP%2F%2F71MmgX0EAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 eveningproclamationarched.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjiNIvKyuF0FkEBQFmXRPz2RmXCQY10gwJtlfBI%2FVVdWTMtVdTVX39CSn4ILsRZiDB%2FXUeZNscA3q%2FgGCTARZomLmskQwdw%2BehMWj9OxA3A%2F6%2B9HvO7z3vfp0LzsnLjJ6tv6h3pFK0blmza2%2BviFjrnNbXb1Z9dyae6W6IeP5xpVqv0ym95bnNmvuG9X3BdvSc3XXc13P9apL0ohQ9%2BcmKGRy1PFqHbfWqNe8ZgN98%2BRsMweWOuC9c%2FI8JB8%2FvfngPiQbIY6%2BvyrsVqqTN9%2BLMkVTbdDjh7firVjnMaKLNjQOwvhwug1tx4R8MQMdH04VQPf2SwUI5Jg4Dz0E8eGUJoLewWOmgYKIEfBnkfdGEGoESUdg%2BjYkPyUA41hdQxzdXdUmp9uPUVqiY1J59A9kPiaVP19AHH27qGS%2FekOrLJU6tuiHBWR%2FBNkdIcmOke44kPkxWPoJJP%2BNzD1aQRztr1mlIXkxUS%2FlCDIcQYkBqHWQlZ90kIUOssRBxM%2BqtNkJXbcVBqHvtxuMMd9nrNme503uN9qhi4yV9AZIkwGYGoCZXSRmF1tyAJP9CLtZwHIHNh0T59ouerxALghyS5BTglwS5ClB3isOuLJ1W9zlymaBN631afWLoU67e%2FRAp10Rk73knDxX3sW5JH7Bljirdtwm74Qu8wUN5puuL%2FwO5SJo0fmg02SsAysLSDszkbojS%2F%2F%2BQCJPF1cQ0GNYdQwmL4NmHmg%2BbNVd0M1ho%2B1iJ%2F4u2%2BQ2NYJGtsZUFoDrAklaQbrt7Klz8uLEoFcq1yDYycLPs28nw4ezYKZAYgp8LH8i6Ko7w%2Bs6J%2FvXdW7J%2FbUklZHcoaV5N1KaiqfufSC2c2348lU7%2BPodVgJle3RT2HSFxlzGXUu%2BWZScC7OkDRPkh2W7IYL1zG4uZibOkpX1d5eWo8QIa6WOR6DydO1fMDkmlVcvT57lpV%2F%2FhjQjmKxAlJ2QaUDqY7BkFzY5Wbj30tEz3mt%2FwWoCoy52gmQGeVYMTT24%2BKkkgRIXMw0K2P%2FNwUW%2FZ%2B%2Bgayqg6W3EUYGeKdBTBagawGazwzQxJwsPvizjKwSqMgyUqewHyqjPx%2BTl3xuT%2B5bpVpk%2BgpVn1abXEO2g3WKcB4Jxr1X3277r1jlvtDrC6yC1Y%2FaZn%2F4HAAD%2F%2FwEAAP%2F%2F71MmgX0EAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitjiNIvKyuF0FkEBQFmXRPz2RmXCQY10gwJtlfBI%2FVVdWTMtVdTVX39CSn4ILsRZiDB%2FXUeZNscA3q%2FgGCTARZomLmskQwdw%2BehMWj9OxA3A%2F6%2B9HvO7z3vfp0LzsnLjJ6tv6h3pFK0blmza2%2BviFjrnNbXb1Z9dyae6W6IeP5xpVqv0ym95bnNmvuG9X3BdvSc3XXc13P9apL0ohQ9%2BcmKGRy1PFqHbfWqNe8ZgN98%2BRsMweWOuC9c%2FI8JB8%2FvfngPiQbIY6%2BvyrsVqqTN9%2BLMkVTbdDjh7firVjnMaKLNjQOwvhwug1tx4R8MQMdH04VQPf2SwUI5Jg4Dz0E8eGUJoLewWOmgYKIEfBnkfdGEGoESUdg%2BjYkPyUA41hdQxzdXdUmp9uPUVqiY1J59A9kPiaVP19AHH27qGS%2FekOrLJU6tuiHBWR%2FBNkdIcmOke44kPkxWPoJJP%2BNzD1aQRztr1mlIXkxUS%2FlCDIcQYkBqHWQlZ90kIUOssRBxM%2BqtNkJXbcVBqHvtxuMMd9nrNme503uN9qhi4yV9AZIkwGYGoCZXSRmF1tyAJP9CLtZwHIHNh0T59ouerxALghyS5BTglwS5ClB3isOuLJ1W9zlymaBN631afWLoU67e%2FRAp10Rk73knDxX3sW5JH7Bljirdtwm74Qu8wUN5puuL%2FwO5SJo0fmg02SsAysLSDszkbojS%2F%2F%2BQCJPF1cQ0GNYdQwmL4NmHmg%2BbNVd0M1ho%2B1iJ%2F4u2%2BQ2NYJGtsZUFoDrAklaQbrt7Klz8uLEoFcq1yDYycLPs28nw4ezYKZAYgp8LH8i6Ko7w%2Bs6J%2FvXdW7J%2FbUklZHcoaV5N1KaiqfufSC2c2348lU7%2BPodVgJle3RT2HSFxlzGXUu%2BWZScC7OkDRPkh2W7IYL1zG4uZibOkpX1d5eWo8QIa6WOR6DydO1fMDkmlVcvT57lpV%2F%2FhjQjmKxAlJ2QaUDqY7BkFzY5Wbj30tEz3mt%2FwWoCoy52gmQGeVYMTT24%2BKkkgRIXMw0K2P%2FNwUW%2FZ%2B%2Bgayqg6W3EUYGeKdBTBagawGazwzQxJwsPvizjKwSqMgyUqewHyqjPx%2BTl3xuT%2B5bpVpk%2BgpVn1abXEO2g3WKcB4Jxr1X3277r1jlvtDrC6yC1Y%2FaZn%2F4HAAD%2F%2FwEAAP%2F%2F71MmgX0EAAA%3D HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Cookie: u_pl=17851852; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec905d9f0c3eab6503e39adeb7a6b95cc9=[2019380,2229329,2229333,2229337]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d2d06b8f06da74f0eb904cf98ef5676
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=561540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77487937fd64b518-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0242539154ad5577482c101495485973
c003cb834ab389a553c9b859b6cf8786d7bb0496
532ad07db92ef70173355bd7c7ca4fefd644821793196a7dbb58801351504248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "532AD07DB92EF70173355BD7C7CA4FEFD644821793196A7DBB58801351504248"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8508
Expires: Mon, 05 Dec 2022 02:17:20 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7675
Expires: Mon, 05 Dec 2022 02:03:27 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 54e9dde1154370864c9481c52f1eb224
f4b2a065300f5ac9a27ba41a034b7e2d6fd98f5a
1ecefe4ad72f4afd1741ad6e2ac98ef0e5e2c15e8e03d25afffff09439818ddb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 17:22:25 GMT
Expires: Sat, 10 Dec 2022 17:22:24 GMT
Etag: "f4b2a065300f5ac9a27ba41a034b7e2d6fd98f5a"
Cache-Control: max-age=494211,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774879393b29b511-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
89tikrpgczh5.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 89tikrpgczh5.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 89tikrpgczh5.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4487
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XGO_QToLjgti1g7xU6jnUNtcyzzQZtc5pGmHqrtt6zD2dlVAN2BfQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 7637
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3d863be9bd5d072e85b8976251ce342
b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140
f188fb7575c4b8662acfe2a6682559d50a12430c116605391dd77257bc11a60b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6133
x-amzn-requestid: d2c60baf-1d2e-4b1f-9c08-2adf0aa458a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXHcPIAMFl5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-3ddc6f0428790a9d5f253825;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LXL1HKGAwrWzHWEKPjwmwmFqQjexkCUwMsbr8huuSXrdaalyNbxnfA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:05:30 GMT
age: 67802
etag: "b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 02:03:49 GMT
age: 78703
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8QEt6AHIT6gkW2X3RUuu1-K3lPlgjio-cckhiwppWK7vujPlBHrG7Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 18:59:33 GMT
age: 17759
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:27:17 GMT
age: 73695
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 7779
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
45.133.44.9200 OK 106 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: image/png
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Tue, 06 Dec 2022 23:55:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b8164e9ec8114baa223074b63d1e73c
d5cfd187409b203d1b6f015c8b4b619d2eb4a02c
bae1b392756a67f3d4d1e2baa87fbcadf2deb533d076719c9adef224d19aabdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAE1B392756A67F3D4D1E2BAA87FBCADF2DEB533D076719C9ADEF224D19AABDD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10604
Expires: Mon, 05 Dec 2022 02:52:16 GMT
Date: Sun, 04 Dec 2022 23:55:32 GMT
Connection: keep-alive
st.chatango.com/h5/gz/r1201220704/id.html
208.93.230.28200 OK 224 kB URL HTTP/1.1 st.chatango.com/h5/gz/r1201220704/id.html
IP 208.93.230.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 224 kB (224208 bytes)
Hash 2ff04e3060ebf6d04a895f2af779e79c
4583ade36a3969fe2fc7ddfc754038ed4c35b424
98bfe8760d1b37a21984eae3adfb3dc9fbf7a1375e7f6c2db45bb14a72974c61
GET /h5/gz/r1201220704/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdlivegames.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 23:55:32 GMT
Content-Type: text/html
Content-Length: 224208
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Mon, 04 Dec 2023 23:55:32 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:45:32 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 309660372
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-grace: full
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash cee3700e3a14eb52db902a9ebccef35e
fe940b89d0e2fe7d2f459803413b6d748762b6d4
07b5805b7b366ac7f33de2da6144ded33d1d17cf86dbf4f5a4e89140e8cdb98f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1876
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://hdlivegames.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/chatango-network/loader.js
151.101.193.44200 OK 21 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (65509)
Hash 1e24e9437d7452170429f77409ffebc3
2e96b6931bb1f4fdd668a8e0bbad84e0c105c3bc
3ef6d8730d9a43cf28b71567137a7bcad84fb1ed7f636dc1c89f5037a679da0e
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hre7iuEz0We5e87+6q/pEOyiuiBfn7gLi+iNCSsj1mLplUI3miUinfhx/4xOSJognYrmVjj2RgY=
x-amz-request-id: W3BMM33TG9WESRSN
last-modified: Sun, 04 Dec 2022 11:29:33 GMT
etag: "c665e611e31d7a41f2823782da85a5b7"
x-amz-version-id: nu4IuvMEl2iI2SeuJeL4QAVllxmD40Vh
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 23:55:33 GMT
via: 1.1 varnish
age: 96
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670198133.131205,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 21448
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 22:41:08 GMT
expires: Mon, 05 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 4465
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da3595b72514a34e5b6d9f999dfeb221
c0167c06ad060bca61226016d23cffe3a2e0efb6
0ca29e112e0da0d14f9df89cf39fbac08fec73fcca8c2df6dfa1d8ea437949be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0CA29E112E0DA0D14F9DF89CF39FBAC08FEC73FCCA8C2DF6DFA1D8EA437949BE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6705
Expires: Mon, 05 Dec 2022 01:47:18 GMT
Date: Sun, 04 Dec 2022 23:55:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reproductiontape.com/sbar.json?key=145bf03c9c141030a6f69624a0359b29&uuid=e80992c6-935e-4319-91bc-0580bfce71eb%3A3%3A1
173.233.137.44200 OK 14 kB URL HTTP/1.1 reproductiontape.com/sbar.json?key=145bf03c9c141030a6f69624a0359b29&uuid=e80992c6-935e-4319-91bc-0580bfce71eb%3A3%3A1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (23603), with no line terminators
Hash 9547cfae3fd9a0bd6fe404756ea607c3
1e727d8451bdf28357c3ef03013097aeaece69ff
2f8efef3b909af3068df52399b68a7304ac8aa1744eddd379356f7e54b7e64e5
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=145bf03c9c141030a6f69624a0359b29&uuid=e80992c6-935e-4319-91bc-0580bfce71eb%3A3%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://hdlivegames.xyz
Access-Control-Allow-Origin: https://hdlivegames.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16928042; expires=Mon, 05 Dec 2022 23:55:33 GMT; secure; SameSite=None
uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; expires=Sun, 11 Dec 2022 23:55:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 23:55:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 23:55:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 05 Dec 2022 23:55:33 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 05 Dec 2022 23:55:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97395e74d9d70bcd62e70d06b4e1819c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.taboola.com/libtrc/impl.20221204-5-RELEASE.js
151.101.193.44200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221204-5-RELEASE.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (65509)
Size 147 kB (146692 bytes)
Hash 44011b5dd14e2f62cd293736e61bfd5d
de3c2fe115b850c1e3e98fe3f7535b25cb1d3c60
b3afb4ddb950f8d47f69dc4d767ab42575b6ac181266b74bf47f62db718d1b78
GET /libtrc/impl.20221204-5-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CjI7dNb7Sm2ieogl+FR+2lgv4og9KWqPbaVSss7gfMGqV7gCClnQ5mltb5VDFGjCpsQ2jYBvHZE=
x-amz-request-id: 4J772X8ZNY05ZTSH
last-modified: Sun, 04 Dec 2022 10:58:02 GMT
etag: "44011b5dd14e2f62cd293736e61bfd5d"
content-encoding: br
x-amz-version-id: FCB4xk7W.ZTqnSlYrGqFWfqH44s.QC5m
content-type: application/javascript
accept-ranges: bytes
date: Sun, 04 Dec 2022 23:55:33 GMT
via: 1.1 varnish
age: 17841
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 12826
x-timer: S1670198133.410257,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 55
server: AmazonS3-br
content-length: 146692
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670198130952&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=http%3A%2F%2Fhdlivegames.xyz%2F
143.204.55.96204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670198130952&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=http%3A%2F%2Fhdlivegames.xyz%2F
IP 143.204.55.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670198130952&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=http%3A%2F%2Fhdlivegames.xyz%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 23:55:33 GMT
set-cookie: UID=1634a9ccaa8a91b415b0f151670198133; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wmPocQAOa9tRgthRsr1xFbdRmplkdmWO8LeihX5JMRMpvXX15noukA==
X-Firefox-Spdy: h2
89tikrpgczh5.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 89tikrpgczh5.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 89tikrpgczh5.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:33 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8b839bec32f7b79c6fea79eef3c39eaf
e78ff3339301c487eb72d61eeafa61fc02ce5012
f4630ec53ba02868a55d568264fa0c2715ce825558bb74d070dcac5ee49bb31c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 151
Cache-Control: max-age=126827
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:33 GMT
Etag: "638c7f49-139"
Expires: Tue, 06 Dec 2022 11:09:20 GMT
Last-Modified: Sun, 04 Dec 2022 11:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
s4.histats.com/stats/0.php?4711731&@f16&@g1&@h1&@i1&@j1670198130593&@k0&@l1&@m&@n0&@ohttp%3A%2F%2Fhdlivegames.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-3945201&@b3:1670198131&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhdlivegames.xyz%2Ffooty%2Fch10.php&@w
54.39.128.117200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4711731&@f16&@g1&@h1&@i1&@j1670198130593&@k0&@l1&@m&@n0&@ohttp%3A%2F%2Fhdlivegames.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-3945201&@b3:1670198131&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhdlivegames.xyz%2Ffooty%2Fch10.php&@w
IP 54.39.128.117:0
File type ASCII text, with no line terminators
Hash 104eda21e581a192214e502eec21548d
55fd3580bf5b243f003ba170095d0e53f04c4eeb
cd9da2dc6f429365592bb6ce10b718c68490d79e7f5f0ab72b4953f78f186df3
GET /stats/0.php?4711731&@f16&@g1&@h1&@i1&@j1670198130593&@k0&@l1&@m&@n0&@ohttp%3A%2F%2Fhdlivegames.xyz%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-3945201&@b3:1670198131&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhdlivegames.xyz%2Ffooty%2Fch10.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=23%3A55%3A31.095&type=usage&msg=rtus&llvl=2&id=6764&cv=20221204-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=23%3A55%3A31.095&type=usage&msg=rtus&llvl=2&id=6764&cv=20221204-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chatango-chatango1/log/2/debug?tim=23%3A55%3A31.095&type=usage&msg=rtus&llvl=2&id=6764&cv=20221204-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 23:55:33 GMT
x-fastly-to-nlb-rtt: 21992
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a9f82178f4a7dccd4bf4fb84170e3fa7
54ad9cb2fd1e5c31a13ac377b445de55ec7df58a
3b826b406a9db81555b54fad48ebecaf45414ef3119e0be8635c54a02615ec88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 20
Cache-Control: max-age=150488
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:33 GMT
Etag: "638cdc39-139"
Expires: Tue, 06 Dec 2022 17:43:41 GMT
Last-Modified: Sun, 04 Dec 2022 17:43:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HCm0Il80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3djT0NsMGpVSDlXRndxWTJDZlo5cWYybFY2dFlGRVFvc2VGQTZsS1l2T0M; expires=Fri, 29 Dec 2023 23:55:33 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 346529
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91cf1caf5d662df9de8d658cac5b6513
5fc2a66b8681bb1e2ae29aa106a4f101ad31d4ca
5f51b547c0c938514c9ff19953f33c5d88091906b603564f632431d375bfd20e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F51B547C0C938514C9FF19953F33C5D88091906B603564F632431D375BFD20E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4126
Expires: Mon, 05 Dec 2022 01:04:19 GMT
Date: Sun, 04 Dec 2022 23:55:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6096
Cache-Control: max-age=128838
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 11:42:52 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F4xXS4wk2VXNmjEgC7Hgs4AFUklFlzCQVfF7LzI9KrXi%2F4%2F34v%2FZlOKXVVGVmZEdEZlZVWwsjJCFZKnNBnbUvJ7xYLAYRrBggQX0sEEtkNwsUI%2FEsMJrS5a8RtXT47FZ8RR6717d%2BNxz7z06ij96d%2FvphCLb4hV2urt2uSxOwQl1%2BNtJu667%2FXDohoc0dUK9c5i0a8i9c3jzsPW7r9IUOKG%2Bcqg11XV3ylA0RdEUfai2fbPobk5fR0m7%2Be6cPplTJxxzQgOO3PQ%2F6w%2FbAzIUB6TefTr5FdLWL3%2Fu8l8%2FIm31nKxXfyM3w%2FXYbX5PWW2Xxdj1ZFd%2FEK2v191%2BTVZfmIv%2BgCzWH7y5m3TDy8nkz94i3fqDNwhIt3vvAQEp25eTg%2F%2BkSbn%2B4E2apNy9%2F1mm5ZI0a1LWv0j2u%2BekWT4nbfGcVN3XSVt%2Ff0JIVRMXkfXq227X74vbz6LFQ%2FTl5Es%2F%2FhFp9y8nX%2FqvXyPr1V%2BLy%2FbmMOiW27Ht1gO5WdyT9uY5aS%2Bek832YzLeHZB2%2FzGpxj8gbf3vk9Mf22S9eg8Ny4609avfambUfM5UcDpnQTPlWHo%2BndNlNaXAjCoXVcPTTfm6RG37nLSL52TZPCXF8DbZDgdk2x6Q7eKAbDcHZFW%2FOizAfEFR%2FKJcsOyMq6qKZasKzGANapabLSiyrR4wPCXj5implk9J1X%2BNbPqvkev2Kem3%2F0SGy3sy1AdkGCdkV9%2BTfTMh%2B2FC9sWE7NsJ2Y8Tst%2Fdv18vB2a4%2F3a9HLYl%2FeZk3pzs%2FbNuvHi3eL8bL5r15N3Np5NffijcwVvO75Dr5tUhzYFyQbHVvKI5mmKpAi7gHDJcQbFgXjJzMrT3pB3eIsVwQO7ahwZ%2FQjbt90WblMXHZFh%2BTKr2V0mx%2FU1S7J%2FxDEWKy2fcjCJ36w%2B3l%2FUw9k2xGk6q5bYkdXdPNuOXyHh78O7y08lvvO7gKfkl0lQvHr%2F43kf%2F9pU%2FBqTq78mmvydX7b9MyMXyG8%2F8bj95z%2B%2F2w%2BQjtBnbVXtXPHQ3GIuxmfyl1dzuu7425OHpd4TqIfBgfjdshtEu1nW7vhgmfyW2dd30atdXzeR7xpA0Jd4Ol%2BK2X283NpZUY7Xpm2Fou%2FVzUjxg%2FJ9bUrUvJ7%2Fwo39%2BPbm%2F%2Fs4PSdt%2FTPrtJ2%2F94HIcN8NXT0%2FZJ8XmpOpWp%2B26bm5ONpebx9fN7Rm83TCLtqXodg%2FpGQAl%2B2R%2FvGiauq3PmtkcHA%2Fbsq3PaDhnZhTHHG%2B3bX3GwcWCLUAxrQu2mnJUDadzfganEEJuUS%2FoRbOgjpvNmapGZswBzXQtJdUzPvMMyfaSNGJ9U0N%2BABOghdgNdVb37cRnggBKBvYMK9R0E%2FN%2BJLFsnElSnvtiyAKYm1qSq4oTCx60BDMEap5krGqlDK%2FycYr0GOY6iqCj8QmwTS%2BLU1cTMqgj4DootnKIlDxwNDsxVN91JGzGjGLoEpZzJgkCBedaKEAhErGrqn7MJ6klR7oj5djnfJEVtFSLZdGFQpKLfppbiiGJLitYUDNTJMiOjlUVc7Go2YoLEicOo4zPAghcMU5sRkSMatm2xuWm6BuOlyUhULmQsWTkqwwfir5heXaQJbbNypzERxipBjQyKGqAzQMxFRgdJH6EnCi1o5hPNcEUxNhjMitWTVu3VS02PNUTHTk3Ac9zYoa9CIDIVF2MRJi6cpo5tskzrimbqpZg1UlDh5GixJMF3xZ4I0g8g8v1yJCcWBYSSUr0TFIsw2ecFPBMFvKWiPQUaGYOlMQEXMaLhp0jO8CBCwCKcagJUeKIAcpEKZZEibV0ICBf8ljNSWIc57LgKbYUqHKgihbyZAwZycYRdGEccjrLuGEuiIJshIkClUzUDcMHfGj7YpawKDEy12JSNw8cgxNQKgY27xuPWJmsti8e%2F%2F7ffWv53vrLpO2ek2rzhx8eHclKIPkGDg3kHh29OgzGoh8Ph027XDbj4aqpD2mKog5dZB2W3Xo7fHh0ZAu%2BppwbjqApR0efvG1%2FTp9me1J31dj1m24YT9bNeLpqxr6thtOh2DUn7ericbNr1uPZ2BfVdVOftz8h6XBctvW0rc92zJSGPEXPZzTL0sxsyk8hw8MpTfMzhplN5%2FMFXc%2FKaspXBT2ta6aY8pCeTWmO4%2BfcvF6UPHe86duqOaOO29XF2evkHrHCI0Z9xKivv3zyem%2FXF2NfLBbdA%2BMfMepmO1w%2BYtR29YhVi%2B14%2BYiVN3dwy88eMbB6xMpirNxokC8N%2BZqvzp2R6eZboEXlvjp%2FArybva1ZjPMkvJ7nM26sgyYdh%2BHutrLNCiXBPN0pswtPC5Ft0dQiap%2B4lR6DvmJCNSuo3fL2bsWO%2B3LPOkE6u57frnolvRpvkyBsPSYQ2VRte5thY78zeOaquPUWVOiaNxYt0NcB4EJmmN2Us6XrTOdCSG%2FFrL%2F2F3ZlzRq1Rtm5sDafpBLjRGqgo9RNFzYdTde6tQa8iHz3fF2M61TobzN3WTsX8l1EX1%2Bsws14qVZwMT%2BPcpXK1kF3eR5ybCR5%2B3bXLZudyA9RLs%2BncXx1G57vULLVbb3OLssyuNIdTV4nHXu3dGfrXSP362l%2FZy9KX3LD2KfzZE6fc4Z2pe%2Fo6mqP2P2m6aQnPPCVIRrxtcf7MKx3ksNRnYUW7TrlWTsDm5tkvnPbvtlpK5ThLpk9YZ90ymUoxvXFbsnL61akzjcs3MtzCqwz2EwHqscRdVH3UzlPJXy%2Bp2PpJr8AdLcwMxRfhXeure5vsyJAkkEpquhvjJurykJ5m81NbnoV94tVJ%2B6uqFRYFjsJiuvr8hJ0Gy1IrK5oKQMV8rkxFfQ71huyqQ2Qtg%2BfSK3qj6jB29i2NikzShzeydNQX1CM3Bo3584AeSdt51fc9W7ENFi0LV%2BHF39xdGRID0z85Od%2F93NefT6uJ832pOzKsutfz%2BxpP5anr2XoJzR6%2FP%2BXnuGMpujj%2BozmmJ%2FRsn48%2B2kC0sdDeUadUCxDcTTNQ3Bcv%2FYBx%2FH%2FV%2FfG7rqtz9bb5fJ42y%2FPAoy5EHGAFQTdlrHAY4ENRBVGZmpZmYdZKzLUQGdyHsiep1muzeWR5CoRNmAYGCiPoRCZvA3UUJFkBGwutERL0m2s2bFrYC3SGYvRHccRFc8Bku8yiRg4SagkaZj5ho6VIIs1FcnATRJb9TlkJSzL%2B47gC7buqWmmZIzsSpmCMQ%2FtUEky6Cd%2BlORJ7uRKnmeSJEQo5tIcJRmDgOTGURwkJgMCEyRaxIpCpLmO4MW5L%2FFKJtoGm8mxm9gecFiXi6TQSmNOT0UnCIDk40xkREnDlq1rJmIzxdcVS1GgpOEsS5XA1RJNccTEEhw7Q4yt%2BrmaW0rg4xBBDToBn6eaoTkew%2BtSbvFGLnJYdHAQp9jJLKSoqctiOwgVA1piIMa6hnzTiETJ09UIe0pgRAoHzcjAMsK5qSSyi0OQ5dBwUt4zIyw4ti4gmY98DHURBHLEq5osWbzOxF4u4cSJI8N1sMxyCZ9AzbYdNzYtzZI5yPAYMREDMILI0k0%2FSHjIQ9PRc08NgSdB15F5hoWZahkChq7sKAnjMFwiZ1kcWqHkhEB0nDAJ4gSG2DIsLjKTzOJ4wBmuYbm6G4kK1jlTzmWRE3NHEPIAQsxIXCZIAoMTw5ahhAQhipDA8xmwoG3GWWQyMFZENoCSaqe84kZeLpm6btgcQEjhWQtwgatnDuZcxTGzSNV5IMu2n%2BaKlKdqkjO8m8d2YIkgSj2G0ySVse1EVG2saVkgAF%2FKFMR5eWqFHHaREvsqgzE0YsQZrprFPoc0X3HiFCeINaEsMRJ2FdUxlMTJU8XVkKwbusVnvAZN6LiaLmOo8YorcIhN3NC1ZV7xPN31tFDUQSQHXmD7ps0GPhtJkhRjlCaJpIsGygIrF31O8XKci14gh0JmRJrEaJmUQKgJQW74UYoiZKmhoGs4CaPI4mwjcBwPeYDh9ABiS4rlNEBaIMu6beupgXw3Bj6MVD73AyHULSflUjYSTCh4lsrbKMC%2BB9MAM4KVxTAzRdtBFgRupkls%2BFBgSUwUjdO5JMeWykp%2BgjDCCSs9vECAEadAHzoS54A41XweiDYHDNbjsCg5vG4YIElYqMhOnIauHTBSGtm5nCqqmFowSpGd2SIKBZi6KZCU2FBcKQvUUPBDy1cjMcIRo9mSJnGsl5qGyalOYKR8CnyPcSxZFnIUWq4ZhSLiHUW1TcW1lFw2ONvXVFFUNCGW1ZhLMlaLIj7SPSHjzNQJRT5HhqUEuoXEWDTSNDVBqoSKHIi5JOiYAZFlWIrASk4kRKELkIRVBFlVUHkogwiJkY51D2amrfh2qCembjhxwnCm5SSsKcOIt3TWYnDyiJU%2Fu47bs9mspsr6eHvGQ7qgZsdFffado6PQCG3l6OgfjMO6uDhs%2BsPl7fV1UxcXzfqwbteHP%2FzzP%2Fl7MmxeTN4sMnQT0i%2B%2F8MvNAdlv75%2F1TPni8f3F396V%2F%2FhlsmxfTuY%2FeJssmxeP%2F%2FSb6L%2FfqXNSlPdkaH7qwS%2Fsd4dvkIv%2BgBTj18l6dU92%2FT3ZLe9JsXxKhu3bz8ZN%2F%2BLxf7CvFymXB8%2FKZX%2FwXrnsl9%2F67L9xaF8dNmBBLRqKacrFvFzwBVXPF9y8LOZ0w5egoMk4vKy%2ByW7%2FFwAA%2F%2F8BAAD%2F%2FzMt2fpsEQAA
173.233.137.44200 OK 7 B URL HTTP/1.1 reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F4xXS4wk2VXNmjEgC7Hgs4AFUklFlzCQVfF7LzI9KrXi%2F4%2F34v%2FZlOKXVVGVmZEdEZlZVWwsjJCFZKnNBnbUvJ7xYLAYRrBggQX0sEEtkNwsUI%2FEsMJrS5a8RtXT47FZ8RR6717d%2BNxz7z06ij96d%2FvphCLb4hV2urt2uSxOwQl1%2BNtJu667%2FXDohoc0dUK9c5i0a8i9c3jzsPW7r9IUOKG%2Bcqg11XV3ylA0RdEUfai2fbPobk5fR0m7%2Be6cPplTJxxzQgOO3PQ%2F6w%2FbAzIUB6TefTr5FdLWL3%2Fu8l8%2FIm31nKxXfyM3w%2FXYbX5PWW2Xxdj1ZFd%2FEK2v191%2BTVZfmIv%2BgCzWH7y5m3TDy8nkz94i3fqDNwhIt3vvAQEp25eTg%2F%2BkSbn%2B4E2apNy9%2F1mm5ZI0a1LWv0j2u%2BekWT4nbfGcVN3XSVt%2Ff0JIVRMXkfXq227X74vbz6LFQ%2FTl5Es%2F%2FhFp9y8nX%2FqvXyPr1V%2BLy%2FbmMOiW27Ht1gO5WdyT9uY5aS%2Bek832YzLeHZB2%2FzGpxj8gbf3vk9Mf22S9eg8Ny4609avfambUfM5UcDpnQTPlWHo%2BndNlNaXAjCoXVcPTTfm6RG37nLSL52TZPCXF8DbZDgdk2x6Q7eKAbDcHZFW%2FOizAfEFR%2FKJcsOyMq6qKZasKzGANapabLSiyrR4wPCXj5implk9J1X%2BNbPqvkev2Kem3%2F0SGy3sy1AdkGCdkV9%2BTfTMh%2B2FC9sWE7NsJ2Y8Tst%2Fdv18vB2a4%2F3a9HLYl%2FeZk3pzs%2FbNuvHi3eL8bL5r15N3Np5NffijcwVvO75Dr5tUhzYFyQbHVvKI5mmKpAi7gHDJcQbFgXjJzMrT3pB3eIsVwQO7ahwZ%2FQjbt90WblMXHZFh%2BTKr2V0mx%2FU1S7J%2FxDEWKy2fcjCJ36w%2B3l%2FUw9k2xGk6q5bYkdXdPNuOXyHh78O7y08lvvO7gKfkl0lQvHr%2F43kf%2F9pU%2FBqTq78mmvydX7b9MyMXyG8%2F8bj95z%2B%2F2w%2BQjtBnbVXtXPHQ3GIuxmfyl1dzuu7425OHpd4TqIfBgfjdshtEu1nW7vhgmfyW2dd30atdXzeR7xpA0Jd4Ol%2BK2X283NpZUY7Xpm2Fou%2FVzUjxg%2FJ9bUrUvJ7%2Fwo39%2BPbm%2F%2Fs4PSdt%2FTPrtJ2%2F94HIcN8NXT0%2FZJ8XmpOpWp%2B26bm5ONpebx9fN7Rm83TCLtqXodg%2FpGQAl%2B2R%2FvGiauq3PmtkcHA%2Fbsq3PaDhnZhTHHG%2B3bX3GwcWCLUAxrQu2mnJUDadzfganEEJuUS%2FoRbOgjpvNmapGZswBzXQtJdUzPvMMyfaSNGJ9U0N%2BABOghdgNdVb37cRnggBKBvYMK9R0E%2FN%2BJLFsnElSnvtiyAKYm1qSq4oTCx60BDMEap5krGqlDK%2FycYr0GOY6iqCj8QmwTS%2BLU1cTMqgj4DootnKIlDxwNDsxVN91JGzGjGLoEpZzJgkCBedaKEAhErGrqn7MJ6klR7oj5djnfJEVtFSLZdGFQpKLfppbiiGJLitYUDNTJMiOjlUVc7Go2YoLEicOo4zPAghcMU5sRkSMatm2xuWm6BuOlyUhULmQsWTkqwwfir5heXaQJbbNypzERxipBjQyKGqAzQMxFRgdJH6EnCi1o5hPNcEUxNhjMitWTVu3VS02PNUTHTk3Ac9zYoa9CIDIVF2MRJi6cpo5tskzrimbqpZg1UlDh5GixJMF3xZ4I0g8g8v1yJCcWBYSSUr0TFIsw2ecFPBMFvKWiPQUaGYOlMQEXMaLhp0jO8CBCwCKcagJUeKIAcpEKZZEibV0ICBf8ljNSWIc57LgKbYUqHKgihbyZAwZycYRdGEccjrLuGEuiIJshIkClUzUDcMHfGj7YpawKDEy12JSNw8cgxNQKgY27xuPWJmsti8e%2F%2F7ffWv53vrLpO2ek2rzhx8eHclKIPkGDg3kHh29OgzGoh8Ph027XDbj4aqpD2mKog5dZB2W3Xo7fHh0ZAu%2BppwbjqApR0efvG1%2FTp9me1J31dj1m24YT9bNeLpqxr6thtOh2DUn7ericbNr1uPZ2BfVdVOftz8h6XBctvW0rc92zJSGPEXPZzTL0sxsyk8hw8MpTfMzhplN5%2FMFXc%2FKaspXBT2ta6aY8pCeTWmO4%2BfcvF6UPHe86duqOaOO29XF2evkHrHCI0Z9xKivv3zyem%2FXF2NfLBbdA%2BMfMepmO1w%2BYtR29YhVi%2B14%2BYiVN3dwy88eMbB6xMpirNxokC8N%2BZqvzp2R6eZboEXlvjp%2FArybva1ZjPMkvJ7nM26sgyYdh%2BHutrLNCiXBPN0pswtPC5Ft0dQiap%2B4lR6DvmJCNSuo3fL2bsWO%2B3LPOkE6u57frnolvRpvkyBsPSYQ2VRte5thY78zeOaquPUWVOiaNxYt0NcB4EJmmN2Us6XrTOdCSG%2FFrL%2F2F3ZlzRq1Rtm5sDafpBLjRGqgo9RNFzYdTde6tQa8iHz3fF2M61TobzN3WTsX8l1EX1%2Bsws14qVZwMT%2BPcpXK1kF3eR5ybCR5%2B3bXLZudyA9RLs%2BncXx1G57vULLVbb3OLssyuNIdTV4nHXu3dGfrXSP362l%2FZy9KX3LD2KfzZE6fc4Z2pe%2Fo6mqP2P2m6aQnPPCVIRrxtcf7MKx3ksNRnYUW7TrlWTsDm5tkvnPbvtlpK5ThLpk9YZ90ymUoxvXFbsnL61akzjcs3MtzCqwz2EwHqscRdVH3UzlPJXy%2Bp2PpJr8AdLcwMxRfhXeure5vsyJAkkEpquhvjJurykJ5m81NbnoV94tVJ%2B6uqFRYFjsJiuvr8hJ0Gy1IrK5oKQMV8rkxFfQ71huyqQ2Qtg%2BfSK3qj6jB29i2NikzShzeydNQX1CM3Bo3584AeSdt51fc9W7ENFi0LV%2BHF39xdGRID0z85Od%2F93NefT6uJ832pOzKsutfz%2BxpP5anr2XoJzR6%2FP%2BXnuGMpujj%2BozmmJ%2FRsn48%2B2kC0sdDeUadUCxDcTTNQ3Bcv%2FYBx%2FH%2FV%2FfG7rqtz9bb5fJ42y%2FPAoy5EHGAFQTdlrHAY4ENRBVGZmpZmYdZKzLUQGdyHsiep1muzeWR5CoRNmAYGCiPoRCZvA3UUJFkBGwutERL0m2s2bFrYC3SGYvRHccRFc8Bku8yiRg4SagkaZj5ho6VIIs1FcnATRJb9TlkJSzL%2B47gC7buqWmmZIzsSpmCMQ%2FtUEky6Cd%2BlORJ7uRKnmeSJEQo5tIcJRmDgOTGURwkJgMCEyRaxIpCpLmO4MW5L%2FFKJtoGm8mxm9gecFiXi6TQSmNOT0UnCIDk40xkREnDlq1rJmIzxdcVS1GgpOEsS5XA1RJNccTEEhw7Q4yt%2BrmaW0rg4xBBDToBn6eaoTkew%2BtSbvFGLnJYdHAQp9jJLKSoqctiOwgVA1piIMa6hnzTiETJ09UIe0pgRAoHzcjAMsK5qSSyi0OQ5dBwUt4zIyw4ti4gmY98DHURBHLEq5osWbzOxF4u4cSJI8N1sMxyCZ9AzbYdNzYtzZI5yPAYMREDMILI0k0%2FSHjIQ9PRc08NgSdB15F5hoWZahkChq7sKAnjMFwiZ1kcWqHkhEB0nDAJ4gSG2DIsLjKTzOJ4wBmuYbm6G4kK1jlTzmWRE3NHEPIAQsxIXCZIAoMTw5ahhAQhipDA8xmwoG3GWWQyMFZENoCSaqe84kZeLpm6btgcQEjhWQtwgatnDuZcxTGzSNV5IMu2n%2BaKlKdqkjO8m8d2YIkgSj2G0ySVse1EVG2saVkgAF%2FKFMR5eWqFHHaREvsqgzE0YsQZrprFPoc0X3HiFCeINaEsMRJ2FdUxlMTJU8XVkKwbusVnvAZN6LiaLmOo8YorcIhN3NC1ZV7xPN31tFDUQSQHXmD7ps0GPhtJkhRjlCaJpIsGygIrF31O8XKci14gh0JmRJrEaJmUQKgJQW74UYoiZKmhoGs4CaPI4mwjcBwPeYDh9ABiS4rlNEBaIMu6beupgXw3Bj6MVD73AyHULSflUjYSTCh4lsrbKMC%2BB9MAM4KVxTAzRdtBFgRupkls%2BFBgSUwUjdO5JMeWykp%2BgjDCCSs9vECAEadAHzoS54A41XweiDYHDNbjsCg5vG4YIElYqMhOnIauHTBSGtm5nCqqmFowSpGd2SIKBZi6KZCU2FBcKQvUUPBDy1cjMcIRo9mSJnGsl5qGyalOYKR8CnyPcSxZFnIUWq4ZhSLiHUW1TcW1lFw2ONvXVFFUNCGW1ZhLMlaLIj7SPSHjzNQJRT5HhqUEuoXEWDTSNDVBqoSKHIi5JOiYAZFlWIrASk4kRKELkIRVBFlVUHkogwiJkY51D2amrfh2qCembjhxwnCm5SSsKcOIt3TWYnDyiJU%2Fu47bs9mspsr6eHvGQ7qgZsdFffado6PQCG3l6OgfjMO6uDhs%2BsPl7fV1UxcXzfqwbteHP%2FzzP%2Fl7MmxeTN4sMnQT0i%2B%2F8MvNAdlv75%2F1TPni8f3F396V%2F%2FhlsmxfTuY%2FeJssmxeP%2F%2FSb6L%2FfqXNSlPdkaH7qwS%2Fsd4dvkIv%2BgBTj18l6dU92%2FT3ZLe9JsXxKhu3bz8ZN%2F%2BLxf7CvFymXB8%2FKZX%2FwXrnsl9%2F67L9xaF8dNmBBLRqKacrFvFzwBVXPF9y8LOZ0w5egoMk4vKy%2ByW7%2FFwAA%2F%2F8BAAD%2F%2FzMt2fpsEQAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F4xXS4wk2VXNmjEgC7Hgs4AFUklFlzCQVfF7LzI9KrXi%2F4%2F34v%2FZlOKXVVGVmZEdEZlZVWwsjJCFZKnNBnbUvJ7xYLAYRrBggQX0sEEtkNwsUI%2FEsMJrS5a8RtXT47FZ8RR6717d%2BNxz7z06ij96d%2FvphCLb4hV2urt2uSxOwQl1%2BNtJu667%2FXDohoc0dUK9c5i0a8i9c3jzsPW7r9IUOKG%2Bcqg11XV3ylA0RdEUfai2fbPobk5fR0m7%2Be6cPplTJxxzQgOO3PQ%2F6w%2FbAzIUB6TefTr5FdLWL3%2Fu8l8%2FIm31nKxXfyM3w%2FXYbX5PWW2Xxdj1ZFd%2FEK2v191%2BTVZfmIv%2BgCzWH7y5m3TDy8nkz94i3fqDNwhIt3vvAQEp25eTg%2F%2BkSbn%2B4E2apNy9%2F1mm5ZI0a1LWv0j2u%2BekWT4nbfGcVN3XSVt%2Ff0JIVRMXkfXq227X74vbz6LFQ%2FTl5Es%2F%2FhFp9y8nX%2FqvXyPr1V%2BLy%2FbmMOiW27Ht1gO5WdyT9uY5aS%2Bek832YzLeHZB2%2FzGpxj8gbf3vk9Mf22S9eg8Ny4609avfambUfM5UcDpnQTPlWHo%2BndNlNaXAjCoXVcPTTfm6RG37nLSL52TZPCXF8DbZDgdk2x6Q7eKAbDcHZFW%2FOizAfEFR%2FKJcsOyMq6qKZasKzGANapabLSiyrR4wPCXj5implk9J1X%2BNbPqvkev2Kem3%2F0SGy3sy1AdkGCdkV9%2BTfTMh%2B2FC9sWE7NsJ2Y8Tst%2Fdv18vB2a4%2F3a9HLYl%2FeZk3pzs%2FbNuvHi3eL8bL5r15N3Np5NffijcwVvO75Dr5tUhzYFyQbHVvKI5mmKpAi7gHDJcQbFgXjJzMrT3pB3eIsVwQO7ahwZ%2FQjbt90WblMXHZFh%2BTKr2V0mx%2FU1S7J%2FxDEWKy2fcjCJ36w%2B3l%2FUw9k2xGk6q5bYkdXdPNuOXyHh78O7y08lvvO7gKfkl0lQvHr%2F43kf%2F9pU%2FBqTq78mmvydX7b9MyMXyG8%2F8bj95z%2B%2F2w%2BQjtBnbVXtXPHQ3GIuxmfyl1dzuu7425OHpd4TqIfBgfjdshtEu1nW7vhgmfyW2dd30atdXzeR7xpA0Jd4Ol%2BK2X283NpZUY7Xpm2Fou%2FVzUjxg%2FJ9bUrUvJ7%2Fwo39%2BPbm%2F%2Fs4PSdt%2FTPrtJ2%2F94HIcN8NXT0%2FZJ8XmpOpWp%2B26bm5ONpebx9fN7Rm83TCLtqXodg%2FpGQAl%2B2R%2FvGiauq3PmtkcHA%2Fbsq3PaDhnZhTHHG%2B3bX3GwcWCLUAxrQu2mnJUDadzfganEEJuUS%2FoRbOgjpvNmapGZswBzXQtJdUzPvMMyfaSNGJ9U0N%2BABOghdgNdVb37cRnggBKBvYMK9R0E%2FN%2BJLFsnElSnvtiyAKYm1qSq4oTCx60BDMEap5krGqlDK%2FycYr0GOY6iqCj8QmwTS%2BLU1cTMqgj4DootnKIlDxwNDsxVN91JGzGjGLoEpZzJgkCBedaKEAhErGrqn7MJ6klR7oj5djnfJEVtFSLZdGFQpKLfppbiiGJLitYUDNTJMiOjlUVc7Go2YoLEicOo4zPAghcMU5sRkSMatm2xuWm6BuOlyUhULmQsWTkqwwfir5heXaQJbbNypzERxipBjQyKGqAzQMxFRgdJH6EnCi1o5hPNcEUxNhjMitWTVu3VS02PNUTHTk3Ac9zYoa9CIDIVF2MRJi6cpo5tskzrimbqpZg1UlDh5GixJMF3xZ4I0g8g8v1yJCcWBYSSUr0TFIsw2ecFPBMFvKWiPQUaGYOlMQEXMaLhp0jO8CBCwCKcagJUeKIAcpEKZZEibV0ICBf8ljNSWIc57LgKbYUqHKgihbyZAwZycYRdGEccjrLuGEuiIJshIkClUzUDcMHfGj7YpawKDEy12JSNw8cgxNQKgY27xuPWJmsti8e%2F%2F7ffWv53vrLpO2ek2rzhx8eHclKIPkGDg3kHh29OgzGoh8Ph027XDbj4aqpD2mKog5dZB2W3Xo7fHh0ZAu%2BppwbjqApR0efvG1%2FTp9me1J31dj1m24YT9bNeLpqxr6thtOh2DUn7ericbNr1uPZ2BfVdVOftz8h6XBctvW0rc92zJSGPEXPZzTL0sxsyk8hw8MpTfMzhplN5%2FMFXc%2FKaspXBT2ta6aY8pCeTWmO4%2BfcvF6UPHe86duqOaOO29XF2evkHrHCI0Z9xKivv3zyem%2FXF2NfLBbdA%2BMfMepmO1w%2BYtR29YhVi%2B14%2BYiVN3dwy88eMbB6xMpirNxokC8N%2BZqvzp2R6eZboEXlvjp%2FArybva1ZjPMkvJ7nM26sgyYdh%2BHutrLNCiXBPN0pswtPC5Ft0dQiap%2B4lR6DvmJCNSuo3fL2bsWO%2B3LPOkE6u57frnolvRpvkyBsPSYQ2VRte5thY78zeOaquPUWVOiaNxYt0NcB4EJmmN2Us6XrTOdCSG%2FFrL%2F2F3ZlzRq1Rtm5sDafpBLjRGqgo9RNFzYdTde6tQa8iHz3fF2M61TobzN3WTsX8l1EX1%2Bsws14qVZwMT%2BPcpXK1kF3eR5ybCR5%2B3bXLZudyA9RLs%2BncXx1G57vULLVbb3OLssyuNIdTV4nHXu3dGfrXSP362l%2FZy9KX3LD2KfzZE6fc4Z2pe%2Fo6mqP2P2m6aQnPPCVIRrxtcf7MKx3ksNRnYUW7TrlWTsDm5tkvnPbvtlpK5ThLpk9YZ90ymUoxvXFbsnL61akzjcs3MtzCqwz2EwHqscRdVH3UzlPJXy%2Bp2PpJr8AdLcwMxRfhXeure5vsyJAkkEpquhvjJurykJ5m81NbnoV94tVJ%2B6uqFRYFjsJiuvr8hJ0Gy1IrK5oKQMV8rkxFfQ71huyqQ2Qtg%2BfSK3qj6jB29i2NikzShzeydNQX1CM3Bo3584AeSdt51fc9W7ENFi0LV%2BHF39xdGRID0z85Od%2F93NefT6uJ832pOzKsutfz%2BxpP5anr2XoJzR6%2FP%2BXnuGMpujj%2BozmmJ%2FRsn48%2B2kC0sdDeUadUCxDcTTNQ3Bcv%2FYBx%2FH%2FV%2FfG7rqtz9bb5fJ42y%2FPAoy5EHGAFQTdlrHAY4ENRBVGZmpZmYdZKzLUQGdyHsiep1muzeWR5CoRNmAYGCiPoRCZvA3UUJFkBGwutERL0m2s2bFrYC3SGYvRHccRFc8Bku8yiRg4SagkaZj5ho6VIIs1FcnATRJb9TlkJSzL%2B47gC7buqWmmZIzsSpmCMQ%2FtUEky6Cd%2BlORJ7uRKnmeSJEQo5tIcJRmDgOTGURwkJgMCEyRaxIpCpLmO4MW5L%2FFKJtoGm8mxm9gecFiXi6TQSmNOT0UnCIDk40xkREnDlq1rJmIzxdcVS1GgpOEsS5XA1RJNccTEEhw7Q4yt%2BrmaW0rg4xBBDToBn6eaoTkew%2BtSbvFGLnJYdHAQp9jJLKSoqctiOwgVA1piIMa6hnzTiETJ09UIe0pgRAoHzcjAMsK5qSSyi0OQ5dBwUt4zIyw4ti4gmY98DHURBHLEq5osWbzOxF4u4cSJI8N1sMxyCZ9AzbYdNzYtzZI5yPAYMREDMILI0k0%2FSHjIQ9PRc08NgSdB15F5hoWZahkChq7sKAnjMFwiZ1kcWqHkhEB0nDAJ4gSG2DIsLjKTzOJ4wBmuYbm6G4kK1jlTzmWRE3NHEPIAQsxIXCZIAoMTw5ahhAQhipDA8xmwoG3GWWQyMFZENoCSaqe84kZeLpm6btgcQEjhWQtwgatnDuZcxTGzSNV5IMu2n%2BaKlKdqkjO8m8d2YIkgSj2G0ySVse1EVG2saVkgAF%2FKFMR5eWqFHHaREvsqgzE0YsQZrprFPoc0X3HiFCeINaEsMRJ2FdUxlMTJU8XVkKwbusVnvAZN6LiaLmOo8YorcIhN3NC1ZV7xPN31tFDUQSQHXmD7ps0GPhtJkhRjlCaJpIsGygIrF31O8XKci14gh0JmRJrEaJmUQKgJQW74UYoiZKmhoGs4CaPI4mwjcBwPeYDh9ABiS4rlNEBaIMu6beupgXw3Bj6MVD73AyHULSflUjYSTCh4lsrbKMC%2BB9MAM4KVxTAzRdtBFgRupkls%2BFBgSUwUjdO5JMeWykp%2BgjDCCSs9vECAEadAHzoS54A41XweiDYHDNbjsCg5vG4YIElYqMhOnIauHTBSGtm5nCqqmFowSpGd2SIKBZi6KZCU2FBcKQvUUPBDy1cjMcIRo9mSJnGsl5qGyalOYKR8CnyPcSxZFnIUWq4ZhSLiHUW1TcW1lFw2ONvXVFFUNCGW1ZhLMlaLIj7SPSHjzNQJRT5HhqUEuoXEWDTSNDVBqoSKHIi5JOiYAZFlWIrASk4kRKELkIRVBFlVUHkogwiJkY51D2amrfh2qCembjhxwnCm5SSsKcOIt3TWYnDyiJU%2Fu47bs9mspsr6eHvGQ7qgZsdFffado6PQCG3l6OgfjMO6uDhs%2BsPl7fV1UxcXzfqwbteHP%2FzzP%2Fl7MmxeTN4sMnQT0i%2B%2F8MvNAdlv75%2F1TPni8f3F396V%2F%2FhlsmxfTuY%2FeJssmxeP%2F%2FSb6L%2FfqXNSlPdkaH7qwS%2Fsd4dvkIv%2BgBTj18l6dU92%2FT3ZLe9JsXxKhu3bz8ZN%2F%2BLxf7CvFymXB8%2FKZX%2FwXrnsl9%2F67L9xaF8dNmBBLRqKacrFvFzwBVXPF9y8LOZ0w5egoMk4vKy%2ByW7%2FFwAA%2F%2F8BAAD%2F%2FzMt2fpsEQAA HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 648aec1db3405b51066c6ce420025217
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6096
Cache-Control: max-age=128838
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 11:42:52 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8017f571df5727fe6f3e8c58e931076b
e09e55a3c306f2cb715e4ce1e2f0738ddf202c93
6478758dd37e708534996b23f8189e79637690d22edff70d5183a19ec66854db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6478758DD37E708534996B23F8189E79637690D22EDFF70D5183A19EC66854DB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12339
Expires: Mon, 05 Dec 2022 03:21:13 GMT
Date: Sun, 04 Dec 2022 23:55:34 GMT
Connection: keep-alive
ag.gbc.criteo.com/newidsd
178.250.6.41200 OK 385 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.41:0
Hash 8f8f66f3e5c947cd02f38f5de9f333eb
8511615c4170b09143ce791bcceb7a65ca545c9d
b62143ec8b2087bcc5efbbd9d9e5108da1cfcdfbf95ce6c6b31a0d6296c5c685
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 110454
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=117
173.233.137.44200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=117
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=117 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/img/close.png
172.64.108.13200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/img/close.png
IP 172.64.108.13:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/rtb/mac/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 17 May 2021 12:14:41 GMT
etag: "60a25e31-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1677863
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVU60W0YYDpJwwfE3HyRkmoJ2oguMf%2B4uLDX5kUQUg87m0MUqLmfmx07XLSkY8VgxUk6YWDHmZADfsKi93ZyiWTSZEjN29TtpqBCEhxobO7mwNcaknURmUtbSOgoYK5p7sOxIIilbwt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774879430dee8877-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/magic.css
172.64.108.13200 OK 3.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/magic.css
IP 172.64.108.13:0
Hash 036dc9868734769461b74eb3a228b923
de2bd79cd943090b325481ba0289143a2485dfc8
11bfd3a1ae1bd79eb2f12e1c304f486f1c35441f4a2053a0435b4781c8869834
GET /sb/notifications/rtb/mac/2/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1658444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRlCDR3xekeR2ErX8UP98SqGI4%2B6bDMFNvi7AUudiqf32IJsMHlHZiEghY%2BV6N8lgWhgxycgdnun6Ib90JB43unqLka7oVzGIVrRWDPYy0DWnVp6R47JFD3vxVJCt7m%2FRGO3OL0DpC4R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487942ddb58877-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 597 B IP 178.250.0.157:0
Hash 7c030746bbad1a91b4ffe16719795dd8
4150d885835679cdecde8f6252f679211c1a2b66
f40ae18af8b2ec7ee3d04c2d175034cb7614834d3b93b2f9343e270df42e424b
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=HCm0Il80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3djT0NsMGpVSDlXRndxWTJDZlo5cWYybFY2dFlGRVFvc2VGQTZsS1l2T0M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BwSgRF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3djT0NsMGpVSDlXRndxWTJDZlo5cWNrTkNvZmJrVlBCZ2RJNEdmUW9uWHQ; expires=Fri, 29 Dec 2023 23:55:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 439273
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
45.133.44.4200 OK 1.1 kB URL HTTP/2 cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 2dd16acd48b2001a18cc14fda5a37aad
0ba273e086efcd43dcf16cc46711224a0db18d6d
51ffadec034b33f411bcb9c3df4d5d8411ec564e7e677af52ed27e0536651df1
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/rtb/mac/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4e7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 05 Dec 2022 00:55:34 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b67dea69cee83c96a218abaa3966025b
6950e43d682b176449368e2d09df8bec7074bb90
b5e2ef4712a9923f0de037f0555fdd0d7bc38e60d9c40cc16fb471a3b111004d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5E2EF4712A9923F0DE037F0555FDD0D7BC38E60D9C40CC16FB471A3B111004D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10902
Expires: Mon, 05 Dec 2022 02:57:16 GMT
Date: Sun, 04 Dec 2022 23:55:34 GMT
Connection: keep-alive
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 447276
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/js/script.js
172.64.108.13200 OK 649 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/js/script.js
IP 172.64.108.13:0
Hash 150233f17c120eea7e514e55eb940351
b591898fea0f7b8ff459fd2dda3057b07c773f2b
d3c11dbdb4b7b7df94cbf00bf029f9c2ea9e97cd3ff9d0f139d3110eeaa2884e
GET /sb/notifications/rtb/mac/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 12:14:43 GMT
etag: W/"60a25e33-175"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 426008
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjtfIk2JAZPyR4%2BwVi2NKQN19FiL1kZJfLSaCzhObf3qC7nDYHuiG9GBWtkeRU7Haa01rAZUB7bgc%2F7WBE2%2FWmKGRhogXpFaTKfqRsi6AQsLpcueyqQTyJIh%2FANTuH8X2hO7EV3e9Zh3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487942edbd8877-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracking.eu.bobboro.com/rtb/feedimpression?uuid=46ff3a5a-da3c-40d6-9786-6664fdf1fef0&s=101&d=142&feedid=e895&rt=1670198133121&sb=0.0320411765&db=0.05447&subid=16928042&tokid=null&url=SPP4TO453AAHLDPA7PA3SBF6UJXKKYQP3KUIFSH2Z75DQQGKNL4ZUCNEUPI6TSIOZV6AUJ7L5FTECDO5L4TKBKCHLPGLVNIPGUH2K2HMMMBEQM5CRN2WBSMWTEWXTYRIHPESYVGFOD5NWWLFR4OKW337RMARALHQFXYEY2DNCYEPP76LTEWY6RWRUWZWZMZEZZYCCAUOV4XZOWY2O5CNVUVSWJ25SJ5WGU3BAUGNMAQVZRC7EYBLI3YDVNWLQ5M3N4UCTKXV4HXBMSS5CRPYB2BCGPKLHGJO3YERHEKEE6CGPYYXESNGWGEMBWKAMLYO2LFRZFZKESRPTO6G6MS7ZXGIGMQ27HCZK7IZB4PBMPSVXPMYKOEFXN3PLSTEI6KBSBVHGORJIUBCQHFUPQESIUE46JUIPDOPZJEWDNPT5YZ6IMX7QJUPAMLHAOD7URP6HB5SDU7FGDCK7H2VQZCPWMVUINMPD34W7W6GLLMNVJKGKD4627PO2U25PO6OKHJRSW7676JMHZQFT5QC6NMD7236YFKIAP6NDMEW2M24WDYYVTKTCMT5BMMTWSVW6TPKIK4UJWYK4754INIKNHNUBEPH4JDZDB4BZMAAZS66P2C4YACA2PWILD6COAAUUOA77Y5K6LJVYUJ26VEB3S6CFLX7ENUQZCJHHIL45OOE73K54SNHYMP4NEMJYUFH75DDLRXZECZXFWZ27NZVLSKB5UXQ24GCF2LLWBFLPGGYSA5RCYEO4QZXKT4PNOEVRF2PP6IVO4INFYVR4OGREMVXPWO3J6DC2CPNEFMIEWMZXENGODHIHK7Y7G6J6MNGHDP6G7ENA4O3WNTNLD7EQQHNQGTBH5UDSQSLRJL3SR3UCCCVPOXWWCHBIOYSKZBR4EQZPZBQSDTAYIUGC2GYCW66GASZIRUXOUOKFTAHGPWTUUK4LISMMQOQ524HS6PKCVDXSOGSDDHLLHXIORNV5R6UF7ZRSATHKMX4X3UAJ6AQKF7LOSPRQ6XSP2AKYV6YJBLMOK65NYGC3T3K54CBWEG4H4WZPKF3CRWOPOPW3C6AQKA6U4E6R6MC4M5VXGR75BL45I3Q4PBCM7HII5WW36EDMVXTNLS2CXULZDXEFBXK6UXOLYLBOTA6XNX5CEVIENCYSFTARTKRFUBUPU2GLCGC43QXJIJ4FMSIX7X5RQ2MKDDAZOTKNJUTBO7MEFLJENKEZDI4LRGFBBEGAVDFV4WY3GUU7UHQAY4JXMTB7ZOIKESHKOBVBIXXXJ5XETEDSBZCAHP25UKIKEA3CMUAUTN5OCPFO63FAF76D5UOBUHPHQ6YJLERLTHWJHIMVW24JKMW3JD6U7KH3K2PW%3D%3D%3D&i=88d0bd&u=761a08&ad=
138.68.123.32302 Found 0 B URL HTTP/1.1 tracking.eu.bobboro.com/rtb/feedimpression?uuid=46ff3a5a-da3c-40d6-9786-6664fdf1fef0&s=101&d=142&feedid=e895&rt=1670198133121&sb=0.0320411765&db=0.05447&subid=16928042&tokid=null&url=SPP4TO453AAHLDPA7PA3SBF6UJXKKYQP3KUIFSH2Z75DQQGKNL4ZUCNEUPI6TSIOZV6AUJ7L5FTECDO5L4TKBKCHLPGLVNIPGUH2K2HMMMBEQM5CRN2WBSMWTEWXTYRIHPESYVGFOD5NWWLFR4OKW337RMARALHQFXYEY2DNCYEPP76LTEWY6RWRUWZWZMZEZZYCCAUOV4XZOWY2O5CNVUVSWJ25SJ5WGU3BAUGNMAQVZRC7EYBLI3YDVNWLQ5M3N4UCTKXV4HXBMSS5CRPYB2BCGPKLHGJO3YERHEKEE6CGPYYXESNGWGEMBWKAMLYO2LFRZFZKESRPTO6G6MS7ZXGIGMQ27HCZK7IZB4PBMPSVXPMYKOEFXN3PLSTEI6KBSBVHGORJIUBCQHFUPQESIUE46JUIPDOPZJEWDNPT5YZ6IMX7QJUPAMLHAOD7URP6HB5SDU7FGDCK7H2VQZCPWMVUINMPD34W7W6GLLMNVJKGKD4627PO2U25PO6OKHJRSW7676JMHZQFT5QC6NMD7236YFKIAP6NDMEW2M24WDYYVTKTCMT5BMMTWSVW6TPKIK4UJWYK4754INIKNHNUBEPH4JDZDB4BZMAAZS66P2C4YACA2PWILD6COAAUUOA77Y5K6LJVYUJ26VEB3S6CFLX7ENUQZCJHHIL45OOE73K54SNHYMP4NEMJYUFH75DDLRXZECZXFWZ27NZVLSKB5UXQ24GCF2LLWBFLPGGYSA5RCYEO4QZXKT4PNOEVRF2PP6IVO4INFYVR4OGREMVXPWO3J6DC2CPNEFMIEWMZXENGODHIHK7Y7G6J6MNGHDP6G7ENA4O3WNTNLD7EQQHNQGTBH5UDSQSLRJL3SR3UCCCVPOXWWCHBIOYSKZBR4EQZPZBQSDTAYIUGC2GYCW66GASZIRUXOUOKFTAHGPWTUUK4LISMMQOQ524HS6PKCVDXSOGSDDHLLHXIORNV5R6UF7ZRSATHKMX4X3UAJ6AQKF7LOSPRQ6XSP2AKYV6YJBLMOK65NYGC3T3K54CBWEG4H4WZPKF3CRWOPOPW3C6AQKA6U4E6R6MC4M5VXGR75BL45I3Q4PBCM7HII5WW36EDMVXTNLS2CXULZDXEFBXK6UXOLYLBOTA6XNX5CEVIENCYSFTARTKRFUBUPU2GLCGC43QXJIJ4FMSIX7X5RQ2MKDDAZOTKNJUTBO7MEFLJENKEZDI4LRGFBBEGAVDFV4WY3GUU7UHQAY4JXMTB7ZOIKESHKOBVBIXXXJ5XETEDSBZCAHP25UKIKEA3CMUAUTN5OCPFO63FAF76D5UOBUHPHQ6YJLERLTHWJHIMVW24JKMW3JD6U7KH3K2PW%3D%3D%3D&i=88d0bd&u=761a08&ad=
IP 138.68.123.32:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/feedimpression?uuid=46ff3a5a-da3c-40d6-9786-6664fdf1fef0&s=101&d=142&feedid=e895&rt=1670198133121&sb=0.0320411765&db=0.05447&subid=16928042&tokid=null&url=SPP4TO453AAHLDPA7PA3SBF6UJXKKYQP3KUIFSH2Z75DQQGKNL4ZUCNEUPI6TSIOZV6AUJ7L5FTECDO5L4TKBKCHLPGLVNIPGUH2K2HMMMBEQM5CRN2WBSMWTEWXTYRIHPESYVGFOD5NWWLFR4OKW337RMARALHQFXYEY2DNCYEPP76LTEWY6RWRUWZWZMZEZZYCCAUOV4XZOWY2O5CNVUVSWJ25SJ5WGU3BAUGNMAQVZRC7EYBLI3YDVNWLQ5M3N4UCTKXV4HXBMSS5CRPYB2BCGPKLHGJO3YERHEKEE6CGPYYXESNGWGEMBWKAMLYO2LFRZFZKESRPTO6G6MS7ZXGIGMQ27HCZK7IZB4PBMPSVXPMYKOEFXN3PLSTEI6KBSBVHGORJIUBCQHFUPQESIUE46JUIPDOPZJEWDNPT5YZ6IMX7QJUPAMLHAOD7URP6HB5SDU7FGDCK7H2VQZCPWMVUINMPD34W7W6GLLMNVJKGKD4627PO2U25PO6OKHJRSW7676JMHZQFT5QC6NMD7236YFKIAP6NDMEW2M24WDYYVTKTCMT5BMMTWSVW6TPKIK4UJWYK4754INIKNHNUBEPH4JDZDB4BZMAAZS66P2C4YACA2PWILD6COAAUUOA77Y5K6LJVYUJ26VEB3S6CFLX7ENUQZCJHHIL45OOE73K54SNHYMP4NEMJYUFH75DDLRXZECZXFWZ27NZVLSKB5UXQ24GCF2LLWBFLPGGYSA5RCYEO4QZXKT4PNOEVRF2PP6IVO4INFYVR4OGREMVXPWO3J6DC2CPNEFMIEWMZXENGODHIHK7Y7G6J6MNGHDP6G7ENA4O3WNTNLD7EQQHNQGTBH5UDSQSLRJL3SR3UCCCVPOXWWCHBIOYSKZBR4EQZPZBQSDTAYIUGC2GYCW66GASZIRUXOUOKFTAHGPWTUUK4LISMMQOQ524HS6PKCVDXSOGSDDHLLHXIORNV5R6UF7ZRSATHKMX4X3UAJ6AQKF7LOSPRQ6XSP2AKYV6YJBLMOK65NYGC3T3K54CBWEG4H4WZPKF3CRWOPOPW3C6AQKA6U4E6R6MC4M5VXGR75BL45I3Q4PBCM7HII5WW36EDMVXTNLS2CXULZDXEFBXK6UXOLYLBOTA6XNX5CEVIENCYSFTARTKRFUBUPU2GLCGC43QXJIJ4FMSIX7X5RQ2MKDDAZOTKNJUTBO7MEFLJENKEZDI4LRGFBBEGAVDFV4WY3GUU7UHQAY4JXMTB7ZOIKESHKOBVBIXXXJ5XETEDSBZCAHP25UKIKEA3CMUAUTN5OCPFO63FAF76D5UOBUHPHQ6YJLERLTHWJHIMVW24JKMW3JD6U7KH3K2PW%3D%3D%3D&i=88d0bd&u=761a08&ad= HTTP/1.1
Host: tracking.eu.bobboro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
referrer-policy: no-referrer
location: https://eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1670198133128-7-6276-1178228-99f1d8bc-7ca1-dd2a-7618-1447949dfb74&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3D30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
content-length: 0
date: Sun, 04 Dec 2022 23:55:34 GMT
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=117
173.233.137.44200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=117
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fjs%2Fscript.js&l=373&fd=117 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
xadsmart.com/FnN.htm?_=BAYAY40zdQFjjTN1gAGBAsAAIOoej5yQABq8gK1wtoLaOWYaEK3ylx9bD_ePw7FDce9BwQBIMEYCIQCLPbyJxx8YVznGu8FmkuFMXj5cuCXrpsVsmXykm8S2jgIhAIL_JWSGoZmPVTFvp-BZmp8Mhk04N3IDFdYeb-6iUuqO&v=4&FpXBilqN=4894682&minBid=&boGYmJBn=0,0&fIYwDjVm=&rHsXjaPQ=http%3A%2F%2Fhdlivegames.xyz%2F&s=1280,1024,1,1280,1024,1
104.153.197.251200 OK 44 B URL HTTP/2 xadsmart.com/FnN.htm?_=BAYAY40zdQFjjTN1gAGBAsAAIOoej5yQABq8gK1wtoLaOWYaEK3ylx9bD_ePw7FDce9BwQBIMEYCIQCLPbyJxx8YVznGu8FmkuFMXj5cuCXrpsVsmXykm8S2jgIhAIL_JWSGoZmPVTFvp-BZmp8Mhk04N3IDFdYeb-6iUuqO&v=4&FpXBilqN=4894682&minBid=&boGYmJBn=0,0&fIYwDjVm=&rHsXjaPQ=http%3A%2F%2Fhdlivegames.xyz%2F&s=1280,1024,1,1280,1024,1
IP 104.153.197.251:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /FnN.htm?_=BAYAY40zdQFjjTN1gAGBAsAAIOoej5yQABq8gK1wtoLaOWYaEK3ylx9bD_ePw7FDce9BwQBIMEYCIQCLPbyJxx8YVznGu8FmkuFMXj5cuCXrpsVsmXykm8S2jgIhAIL_JWSGoZmPVTFvp-BZmp8Mhk04N3IDFdYeb-6iUuqO&v=4&FpXBilqN=4894682&minBid=&boGYmJBn=0,0&fIYwDjVm=&rHsXjaPQ=http%3A%2F%2Fhdlivegames.xyz%2F&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 04 Dec 2022 23:55:34 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 387f33eb66c3b7f1eee293ab492bf85c
94d087d77680fa68297282369a90e213ff553a71
17d3214da9fea9561fd27a58c0faec65f3eef457ba19b64ec231ba42edef8ccd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17D3214DA9FEA9561FD27A58C0FAEC65F3EEF457BA19B64EC231BA42EDEF8CCD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18907
Expires: Mon, 05 Dec 2022 05:10:41 GMT
Date: Sun, 04 Dec 2022 23:55:34 GMT
Connection: keep-alive
gem.gbc.criteo.com/newidsd
185.235.84.99200 OK 704 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.99:0
File type JSON data\012- , ASCII text
Hash dee7d778da34356529de5e35d5707d2f
8419c93708fabc053470fe3d482cb7f2a1c8d83f
4e4e2b24233d10961e7e07d5c0a94d39b4ff23f1a1c4a3548332142a8e162b15
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 138507
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ust.chatango.com/groupinfo/h/d/hdstreamsclub/gprofile.xml
208.93.230.26200 OK 60 B URL HTTP/1.1 ust.chatango.com/groupinfo/h/d/hdstreamsclub/gprofile.xml
IP 208.93.230.26:0
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash a5a6e716c8fea83291126a97c1375b60
f8868e4b9c0a76d7f937497b5183b03612ec728c
6d40873011b7fad59d1e1c5d0e758ba44a045c87a88491deaa7ebd1696a50f43
GET /groupinfo/h/d/hdstreamsclub/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Type: text/xml
Content-Length: 60
Last-Modified: Wed, 03 Oct 2018 19:28:54 GMT
Connection: keep-alive
Expires: Sun, 04 Dec 2022 23:55:34 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1670198133128-7-6276-1178228-99f1d8bc-7ca1-dd2a-7618-1447949dfb74&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3D30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
38.100.129.67302 Found 0 B URL HTTP/2 eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1670198133128-7-6276-1178228-99f1d8bc-7ca1-dd2a-7618-1447949dfb74&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3D30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
IP 38.100.129.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrics/save.img?event=impressions&bid-id=v2-1670198133128-7-6276-1178228-99f1d8bc-7ca1-dd2a-7618-1447949dfb74&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3D30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6 HTTP/1.1
Host: eu.doctorpost.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Sun, 04 Dec 2022 23:55:34 GMT
content-length: 0
location: https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9cfee58abf1ff4ea56cd0fe02a0eaa3b
bf412b651475a23a2539a80beb8fee45a139ffc3
3bc51e12ef2f154728ddcab5066477fb44ffb2837678942eac323b12fdce2651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: max-age=152162
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Etag: "638cc9cc-13a"
Expires: Tue, 06 Dec 2022 18:11:36 GMT
Last-Modified: Sun, 04 Dec 2022 16:24:44 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=123
173.233.137.44200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=123
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=123 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
reproductiontape.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reproductiontape.com/impr.gif?sid=H4sIAAAAAAAC%2F4xXSYwk2VnOmjEgC3FgOcABqaSiSxjIqtjee5kelVqx7%2FFi3y6l2LIqqjIzsiMiM6uKi4URspAstbnAjZrXMx4MFsMIDhywgB4uqAWSmwPqkRhO%2BGzJks%2Boeno8NieeQu%2F%2Ff%2F2x%2FNsXn94fvbv9dEKRbfHKtbu7drksTsEJdfjbSbuuu%2F1w6ISHNHVCvXOYtGvIvXN487D1u6%2FSFDihvnKoNtV1d8pQNEXRFH2otH2z6G5OX3tJu%2FnunD6ZUyccc0IDjtz0P2sP2wMyFAek3n06%2BRXS1i9%2F7vJfPyJt9ZysV38jNcP12G1%2BT15tl8XY9WRXfxCtr9fdfk1WX6iL%2FoAs1h%2B8uZt0w8vJ5M%2FeIt36gzcZkG733kMGpGxfTg7%2Bkybl%2BoM3YZJy9%2F5nkZZL0qxJWf8i2e%2Bek2b5nLTFc1J1Xydt%2Ff0JIVVNHEzWq287Xb8vbj%2FzFg%2Fel5Mv%2FfhHpN2%2FnHzpv36NrFd%2FLSzbm8OgW27HtlsP5GZxT9qb56S9eE4224%2FJeHdA2v3HpBr%2FgLT1v09Of2yR9eo9PCw70tavfquZUfM5U8HpnAXNlGPp%2BXROl9WUAjOqXFQNopvydYna9jlpF8%2FJsnlKiuFtsh0OyLY9INvFAdluDsiqfnVYgPmCotCiXLDsjKuqimWrCsxgDWqWmy0osq0ecnhKxs1TUi2fkqr%2FGtn0XyPX7VPSb%2F%2BJDJf3ZKgPyDBOyK6%2BJ%2FtmQvbDhOyLCdm3E7IfJ2S%2Fu3%2B%2FXg7McP%2FtejlsS%2FqNZN5I9v5ZN168W7zfjRfNevLu5tPJLz8U7uAt%2B3fIdfPqkOZAuaDYal7RHE2xVAEXcA4ZrqBYMC%2BZORnae9IOb5FiOCB37UODPyGb9vuCRcriYzIsPyZV%2B6uk2P4mKfbPEEOR4vIZN6PI3frD7WU9jH1TrIaTarktSd3dk834JTLeHry7%2FHTyG687eEp%2BiTTVi8cvvvfRv33ljwGp%2Bnuy6e%2FJVfsvE3Kx%2FMYzv9tP3vO7%2FTD5CG%2FGdtXeFQ%2FdDcZibCZ%2FaTa3%2B66vdWl4%2Bh2%2BenA8qN8Nm2G0inXdri%2BGyV8JbV03vdL1VTP5nj4kTeluh0th26%2B3G8sVFX216ZthaLv1c1I85Pg%2Ft6RqX05%2B4Uf%2F%2FHpyf%2F2dH5K2%2F5j020%2Fe%2BsHlOG6Gr56esk%2BKzUnVrU7bdd3cnGwuN4%2Bvm9szeLthFm1L0e0e0jMASvbJ%2FnjRNHVbnzWzOTgetmVbn9Fwzswojjnebtv6jIOLBVuAYloXbDXlqBpO52gGpxBCblEv6EWzoI6bzZmiREbMAdVwTDnVMpR5umh5SRqxvqFiP4AJUEPXCTVW863EZ4IAirrr6WaoaoaL%2FEhk2TgTxTz3hZAFMDfUJFdkO%2BY9aPJGCJQ8yVjFTBmkoDjFWgxzDUfQVlECLMPL4tRR%2BQxqGDg2js0cYjkPbNVKdMV3bNE1YkbWNdGVciYJAtnN1ZCHfCS4jqL4MUpSU4o0W8xdn%2FMFlldTNZYEB%2FJJLvhpbsq6KDgsb0LVSDEv2ZqrKC4XC6olOyCx4zDKUBZA4AhxYjECZhTTslQuNwRft70sCYHChYwpYV9hUCj4uulZQZZYFitxIopcrOhQz6CgAjYPhJRnNJD4Ebaj1IpilKq8wQuxx2RmrBiWZilqrHuKJ9hSbgCEOCFzvQiAyFAcFwswdaQ0sy0DMY4hGYqauIqdhjYjRokn8b7FIz1IPJ3LtUgX7VjiE1FMtEyUTd1n7BQgJguRKWAtBaqRAzkxAJchQbdybAVu4ACAYzdU%2BSixhQBnghiLgsiaGuCxL3qsaiexG%2BcS78mWGChSoAgm9iQXMqLlRtCBcchpLOOEOS%2Fwkh4mMpQzQdN1H6DQ8oUsYXGiZ47JpE4e2DrH41QILOTrj1iJrLYvHv%2F%2B331r%2Bd76y6TtnpNq84ffOToK9dCSj47%2BQT%2Bsi4vDpj9c3l5fN3Vx0awP63Z9%2BMM%2F%2F5O%2F%2F%2FDoSJID0dfdUMfO0dGrw2As%2BvFw2LTLZTMerpr6kKYo6tDB5mHZrbfDh0dHFu%2Br8rlu86p8dPTJ29bnKGu2J3VXjV2%2F6YbxZN2Mp6tm7NtqOB2KXXPSri4eN7tmPZ6NfVFdN%2FV5%2BxMsD8dlW0%2Fb%2BmzHTGmIKHo%2Bo1mWZmZTNIUMglOaRjOGmU3n8wVdz8pqiqqCntY1U0wRpGdTmuPQnJvXixJxx5u%2BrZoz6rhdXZy9Du4Ryz9ilEeM8vrLJ6%2F3dn0x9sVi0T38GB4xymY7XD5ilHb1iFWK7Xj5iJU2d3CLZo8YWD1iJSGWb1SISl26RtW5PTLdfAvUqNxX50%2BAd7O3VJOxn4TX83zGjXXQpOMw3N1WllHhJJinO3l24akhtkyaWkTtE6fSYtBXTKhkBbVb3t6t2HFf7lk7SGfX89tVL6dX420ShK3HBAKbKm1vMWzsdzpiropbb0GFjnFj0jx9HQAuZIbZTTlbOvZ0zof0Vsj6a39hVeasUWqcnfNr40kqMnakBBpOnXRh0dF0rZlrgATsO%2BfrYlynfH%2BbOcvavpDuIvr6YhVuxkulgov5eZQrVLYOusvzkGMj0du3u27Z7AQ0RLk0n8bx1W14vsPJVrO0Orssy%2BBKs1VpnXTs3dKZrXeN1K%2Bn%2FZ21KH3RCWOfzpM5fc7p6pW2o6urPWb3m6YTnyDgy0M0utce8mFY70SbozoTL9p1ilgrA5ubZL5z2r7ZqSucuV0ye8I%2B6eTLUIjri90SSetWoM43LNxLcwqsM9hMB6p3I%2Bqi7qdSnoru%2BZ6OxZv8AtDdwshwfBXeOZayv82KAIs6JSuCv9FvrioT5202N7jpVdwvVp2wu6JSflnsRCisr8tL0G3UIDG7oqV0XEjn%2BpTX7lhvyKYWwOo%2BfCK2ij%2Fixt3GlrlJmVHk3J00DbUFxUitfnNuDxDZaTu%2F4q53o0uDRduiOrz4i6MjXXxA4ic%2F%2F7uf4%2BrzcT1ptidlV5Zd%2F3pmT%2FuxPH3NVj%2BB0eP%2FP0MNZzRFH9dnNMf8DOX149lPA5A%2BHsoz6oRiGYqjaQTBcf3aBhyH%2Fi89jt11W5%2Btt8vl8bZfngWuy4WYAyzPa5bk8sjl2UBQYGSkppl5LmtGuhJoTI6A5Hmq6VhcHomOHLk6DAMd5zHkIwNZQAllUcLA4kJTMEXNclUrdnRXjTTGZDTbtgXZs4HoO0wiBHYSykkaZr6uuXKQxaqCJeAkiaX4HDYTlkW%2Bzfu8pXlKmskZIzliJrsuglYoJxn0Ez9K8iS3cznPM1HkIxxzaY6TjMFAdOIoDhKDAYEBEjViBT5SHZv34twXkZwJls5mUuwklgds1uEiMTTTmNNSwQ4CIPpuJjCCqLqmpakGZjPZ12RTlqGoulmWyoGjJqpsC4nJ21aGGUvxcyU35cB3QwxVaAcoT1VdtT0GaWJuIj0XOFew3SBOXTszsaykDutaQSjr0BQCIdZU7Bt6JIiepkSuJwd6JHPQiHRXwm5uyInkuCHIcqjbKfKMyOVtS%2BOxhCLfhZoAAilCiiqJJtKY2MtFN7HjSHdsV2K5BCVQtSzbiQ1TNSUOMsjFTMQAF0NsaoYfJAgiaNha7ikh8ETo2BJiWJgpps670JFsOWFshkukLItDMxTtEAi2HSZBnMDQNXWTi4wkMzkEON3RTUdzIkF2Nc6QcknghNzm%2BTyA0GVELuNFnnET3ZKgiHk%2BijCPUAZMaBlxFhkMjGWBDaCoWCmSncjLRUPTdIsDGMuINQEXOFpmu5wj20YWKRoCkmT5aS6LeaokOYOcPLYCUwBR6jGcKiqMZSWCYrmqmgU88MVMxpyXp2bIuQ6WY19hXBfqMeZ0R8lin8OqL9tx6iaYNaAkMqLryIqty4mdp7KjYknTNRNlSIUGtB1Vk1yoItnhOcwmTuhYEpI9T3M8NRQ0EEmBF1i%2BYbGBz0aiKMYuTpNE1AQdZ4GZCz4ne7mbC14ghXymR6rIqJmYQKjyQa77UYojbCohr6luEkaRyVl6YNse9gDDaQF0TTGW0gCrgSRplqWlOvadGPgwUlDuB3yomXbKpWzEG5D3TAVZOHB9D6aBy%2FBmFsPMECwbmxA4mSqy4UOBRSGRVU7jktw1FVb0E%2BxiN2HFhxfwMOJk6ENb5GwQp6qPgGBxQGc9zhVEG2m6DpKEhbJkx2noWAEjppGVS6msCKkJoxRbmSXgkIepkwJRjnXZEbNACXk%2FNH0lEiI3YlRLVEWO9VJDNzjFDvQUpcD3GNuUJD7HoekYUShgZMuKZciOKeeSzlm%2BqgiCrPKxpMRckrFqFKFI8%2FiMM1I7FFCOdVMONBMLsaCnaWqAVA5lKRBykddcBkSmbso8K9oRH4UOwKKrYMgqvIKgBCIsRJqreTAzLNm3Qi0xNN2OE4YzTDthDQlGyNRYk3GTR6z02XXcns1mNVXWx9szBOmCmh0X9RkZNi8mbxYZugnpl1%2FY5eaA7Lf3z3qmfPH4%2FuJv78p%2F%2FDJZti8n8x%2B8TZbNi8d%2F%2Bk383%2B%2FUOSnKezI0P%2FXgF%2Fq7wzfIRX9AivHrZL26J7v%2BnuyW96RYPiXD9u1n46Z%2F8fg%2F2NeLlMuDZ%2BWyP3ivXPbLb312bhzaV4eA5ppZOUNVXZdNVdOIYWcsRTF1zaF5Q8%2FJOLysvslu%2FxcAAP%2F%2FAQAA%2F%2F%2FFHMQPbBEAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 reproductiontape.com/impr.gif?sid=H4sIAAAAAAAC%2F4xXSYwk2VnOmjEgC3FgOcABqaSiSxjIqtjee5kelVqx7%2FFi3y6l2LIqqjIzsiMiM6uKi4URspAstbnAjZrXMx4MFsMIDhywgB4uqAWSmwPqkRhO%2BGzJks%2Boeno8NieeQu%2F%2Ff%2F2x%2FNsXn94fvbv9dEKRbfHKtbu7drksTsEJdfjbSbuuu%2F1w6ISHNHVCvXOYtGvIvXN487D1u6%2FSFDihvnKoNtV1d8pQNEXRFH2otH2z6G5OX3tJu%2FnunD6ZUyccc0IDjtz0P2sP2wMyFAek3n06%2BRXS1i9%2F7vJfPyJt9ZysV38jNcP12G1%2BT15tl8XY9WRXfxCtr9fdfk1WX6iL%2FoAs1h%2B8uZt0w8vJ5M%2FeIt36gzcZkG733kMGpGxfTg7%2Bkybl%2BoM3YZJy9%2F5nkZZL0qxJWf8i2e%2Bek2b5nLTFc1J1Xydt%2Ff0JIVVNHEzWq287Xb8vbj%2FzFg%2Fel5Mv%2FfhHpN2%2FnHzpv36NrFd%2FLSzbm8OgW27HtlsP5GZxT9qb56S9eE4224%2FJeHdA2v3HpBr%2FgLT1v09Of2yR9eo9PCw70tavfquZUfM5U8HpnAXNlGPp%2BXROl9WUAjOqXFQNopvydYna9jlpF8%2FJsnlKiuFtsh0OyLY9INvFAdluDsiqfnVYgPmCotCiXLDsjKuqimWrCsxgDWqWmy0osq0ecnhKxs1TUi2fkqr%2FGtn0XyPX7VPSb%2F%2BJDJf3ZKgPyDBOyK6%2BJ%2FtmQvbDhOyLCdm3E7IfJ2S%2Fu3%2B%2FXg7McP%2FtejlsS%2FqNZN5I9v5ZN168W7zfjRfNevLu5tPJLz8U7uAt%2B3fIdfPqkOZAuaDYal7RHE2xVAEXcA4ZrqBYMC%2BZORnae9IOb5FiOCB37UODPyGb9vuCRcriYzIsPyZV%2B6uk2P4mKfbPEEOR4vIZN6PI3frD7WU9jH1TrIaTarktSd3dk834JTLeHry7%2FHTyG687eEp%2BiTTVi8cvvvfRv33ljwGp%2Bnuy6e%2FJVfsvE3Kx%2FMYzv9tP3vO7%2FTD5CG%2FGdtXeFQ%2FdDcZibCZ%2FaTa3%2B66vdWl4%2Bh2%2BenA8qN8Nm2G0inXdri%2BGyV8JbV03vdL1VTP5nj4kTeluh0th26%2B3G8sVFX216ZthaLv1c1I85Pg%2Ft6RqX05%2B4Uf%2F%2FHpyf%2F2dH5K2%2F5j020%2Fe%2BsHlOG6Gr56esk%2BKzUnVrU7bdd3cnGwuN4%2Bvm9szeLthFm1L0e0e0jMASvbJ%2FnjRNHVbnzWzOTgetmVbn9Fwzswojjnebtv6jIOLBVuAYloXbDXlqBpO52gGpxBCblEv6EWzoI6bzZmiREbMAdVwTDnVMpR5umh5SRqxvqFiP4AJUEPXCTVW863EZ4IAirrr6WaoaoaL%2FEhk2TgTxTz3hZAFMDfUJFdkO%2BY9aPJGCJQ8yVjFTBmkoDjFWgxzDUfQVlECLMPL4tRR%2BQxqGDg2js0cYjkPbNVKdMV3bNE1YkbWNdGVciYJAtnN1ZCHfCS4jqL4MUpSU4o0W8xdn%2FMFlldTNZYEB%2FJJLvhpbsq6KDgsb0LVSDEv2ZqrKC4XC6olOyCx4zDKUBZA4AhxYjECZhTTslQuNwRft70sCYHChYwpYV9hUCj4uulZQZZYFitxIopcrOhQz6CgAjYPhJRnNJD4Ebaj1IpilKq8wQuxx2RmrBiWZilqrHuKJ9hSbgCEOCFzvQiAyFAcFwswdaQ0sy0DMY4hGYqauIqdhjYjRokn8b7FIz1IPJ3LtUgX7VjiE1FMtEyUTd1n7BQgJguRKWAtBaqRAzkxAJchQbdybAVu4ACAYzdU%2BSixhQBnghiLgsiaGuCxL3qsaiexG%2BcS78mWGChSoAgm9iQXMqLlRtCBcchpLOOEOS%2Fwkh4mMpQzQdN1H6DQ8oUsYXGiZ47JpE4e2DrH41QILOTrj1iJrLYvHv%2F%2B331r%2Bd76y6TtnpNq84ffOToK9dCSj47%2BQT%2Bsi4vDpj9c3l5fN3Vx0awP63Z9%2BMM%2F%2F5O%2F%2F%2FDoSJID0dfdUMfO0dGrw2As%2BvFw2LTLZTMerpr6kKYo6tDB5mHZrbfDh0dHFu%2Br8rlu86p8dPTJ29bnKGu2J3VXjV2%2F6YbxZN2Mp6tm7NtqOB2KXXPSri4eN7tmPZ6NfVFdN%2FV5%2BxMsD8dlW0%2Fb%2BmzHTGmIKHo%2Bo1mWZmZTNIUMglOaRjOGmU3n8wVdz8pqiqqCntY1U0wRpGdTmuPQnJvXixJxx5u%2BrZoz6rhdXZy9Du4Ryz9ilEeM8vrLJ6%2F3dn0x9sVi0T38GB4xymY7XD5ilHb1iFWK7Xj5iJU2d3CLZo8YWD1iJSGWb1SISl26RtW5PTLdfAvUqNxX50%2BAd7O3VJOxn4TX83zGjXXQpOMw3N1WllHhJJinO3l24akhtkyaWkTtE6fSYtBXTKhkBbVb3t6t2HFf7lk7SGfX89tVL6dX420ShK3HBAKbKm1vMWzsdzpiropbb0GFjnFj0jx9HQAuZIbZTTlbOvZ0zof0Vsj6a39hVeasUWqcnfNr40kqMnakBBpOnXRh0dF0rZlrgATsO%2BfrYlynfH%2BbOcvavpDuIvr6YhVuxkulgov5eZQrVLYOusvzkGMj0du3u27Z7AQ0RLk0n8bx1W14vsPJVrO0Orssy%2BBKs1VpnXTs3dKZrXeN1K%2Bn%2FZ21KH3RCWOfzpM5fc7p6pW2o6urPWb3m6YTnyDgy0M0utce8mFY70SbozoTL9p1ilgrA5ubZL5z2r7ZqSucuV0ye8I%2B6eTLUIjri90SSetWoM43LNxLcwqsM9hMB6p3I%2Bqi7qdSnoru%2BZ6OxZv8AtDdwshwfBXeOZayv82KAIs6JSuCv9FvrioT5202N7jpVdwvVp2wu6JSflnsRCisr8tL0G3UIDG7oqV0XEjn%2BpTX7lhvyKYWwOo%2BfCK2ij%2Fixt3GlrlJmVHk3J00DbUFxUitfnNuDxDZaTu%2F4q53o0uDRduiOrz4i6MjXXxA4ic%2F%2F7uf4%2BrzcT1ptidlV5Zd%2F3pmT%2FuxPH3NVj%2BB0eP%2FP0MNZzRFH9dnNMf8DOX149lPA5A%2BHsoz6oRiGYqjaQTBcf3aBhyH%2Fi89jt11W5%2Btt8vl8bZfngWuy4WYAyzPa5bk8sjl2UBQYGSkppl5LmtGuhJoTI6A5Hmq6VhcHomOHLk6DAMd5zHkIwNZQAllUcLA4kJTMEXNclUrdnRXjTTGZDTbtgXZs4HoO0wiBHYSykkaZr6uuXKQxaqCJeAkiaX4HDYTlkW%2Bzfu8pXlKmskZIzliJrsuglYoJxn0Ez9K8iS3cznPM1HkIxxzaY6TjMFAdOIoDhKDAYEBEjViBT5SHZv34twXkZwJls5mUuwklgds1uEiMTTTmNNSwQ4CIPpuJjCCqLqmpakGZjPZ12RTlqGoulmWyoGjJqpsC4nJ21aGGUvxcyU35cB3QwxVaAcoT1VdtT0GaWJuIj0XOFew3SBOXTszsaykDutaQSjr0BQCIdZU7Bt6JIiepkSuJwd6JHPQiHRXwm5uyInkuCHIcqjbKfKMyOVtS%2BOxhCLfhZoAAilCiiqJJtKY2MtFN7HjSHdsV2K5BCVQtSzbiQ1TNSUOMsjFTMQAF0NsaoYfJAgiaNha7ikh8ETo2BJiWJgpps670JFsOWFshkukLItDMxTtEAi2HSZBnMDQNXWTi4wkMzkEON3RTUdzIkF2Nc6QcknghNzm%2BTyA0GVELuNFnnET3ZKgiHk%2BijCPUAZMaBlxFhkMjGWBDaCoWCmSncjLRUPTdIsDGMuINQEXOFpmu5wj20YWKRoCkmT5aS6LeaokOYOcPLYCUwBR6jGcKiqMZSWCYrmqmgU88MVMxpyXp2bIuQ6WY19hXBfqMeZ0R8lin8OqL9tx6iaYNaAkMqLryIqty4mdp7KjYknTNRNlSIUGtB1Vk1yoItnhOcwmTuhYEpI9T3M8NRQ0EEmBF1i%2BYbGBz0aiKMYuTpNE1AQdZ4GZCz4ne7mbC14ghXymR6rIqJmYQKjyQa77UYojbCohr6luEkaRyVl6YNse9gDDaQF0TTGW0gCrgSRplqWlOvadGPgwUlDuB3yomXbKpWzEG5D3TAVZOHB9D6aBy%2FBmFsPMECwbmxA4mSqy4UOBRSGRVU7jktw1FVb0E%2BxiN2HFhxfwMOJk6ENb5GwQp6qPgGBxQGc9zhVEG2m6DpKEhbJkx2noWAEjppGVS6msCKkJoxRbmSXgkIepkwJRjnXZEbNACXk%2FNH0lEiI3YlRLVEWO9VJDNzjFDvQUpcD3GNuUJD7HoekYUShgZMuKZciOKeeSzlm%2BqgiCrPKxpMRckrFqFKFI8%2FiMM1I7FFCOdVMONBMLsaCnaWqAVA5lKRBykddcBkSmbso8K9oRH4UOwKKrYMgqvIKgBCIsRJqreTAzLNm3Qi0xNN2OE4YzTDthDQlGyNRYk3GTR6z02XXcns1mNVXWx9szBOmCmh0X9RkZNi8mbxYZugnpl1%2FY5eaA7Lf3z3qmfPH4%2FuJv78p%2F%2FDJZti8n8x%2B8TZbNi8d%2F%2Bk383%2B%2FUOSnKezI0P%2FXgF%2Fq7wzfIRX9AivHrZL26J7v%2BnuyW96RYPiXD9u1n46Z%2F8fg%2F2NeLlMuDZ%2BWyP3ivXPbLb312bhzaV4eA5ppZOUNVXZdNVdOIYWcsRTF1zaF5Q8%2FJOLysvslu%2FxcAAP%2F%2FAQAA%2F%2F%2FFHMQPbBEAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F4xXSYwk2VnOmjEgC3FgOcABqaSiSxjIqtjee5kelVqx7%2FFi3y6l2LIqqjIzsiMiM6uKi4URspAstbnAjZrXMx4MFsMIDhywgB4uqAWSmwPqkRhO%2BGzJks%2Boeno8NieeQu%2F%2Ff%2F2x%2FNsXn94fvbv9dEKRbfHKtbu7drksTsEJdfjbSbuuu%2F1w6ISHNHVCvXOYtGvIvXN487D1u6%2FSFDihvnKoNtV1d8pQNEXRFH2otH2z6G5OX3tJu%2FnunD6ZUyccc0IDjtz0P2sP2wMyFAek3n06%2BRXS1i9%2F7vJfPyJt9ZysV38jNcP12G1%2BT15tl8XY9WRXfxCtr9fdfk1WX6iL%2FoAs1h%2B8uZt0w8vJ5M%2FeIt36gzcZkG733kMGpGxfTg7%2Bkybl%2BoM3YZJy9%2F5nkZZL0qxJWf8i2e%2Bek2b5nLTFc1J1Xydt%2Ff0JIVVNHEzWq287Xb8vbj%2FzFg%2Fel5Mv%2FfhHpN2%2FnHzpv36NrFd%2FLSzbm8OgW27HtlsP5GZxT9qb56S9eE4224%2FJeHdA2v3HpBr%2FgLT1v09Of2yR9eo9PCw70tavfquZUfM5U8HpnAXNlGPp%2BXROl9WUAjOqXFQNopvydYna9jlpF8%2FJsnlKiuFtsh0OyLY9INvFAdluDsiqfnVYgPmCotCiXLDsjKuqimWrCsxgDWqWmy0osq0ecnhKxs1TUi2fkqr%2FGtn0XyPX7VPSb%2F%2BJDJf3ZKgPyDBOyK6%2BJ%2FtmQvbDhOyLCdm3E7IfJ2S%2Fu3%2B%2FXg7McP%2FtejlsS%2FqNZN5I9v5ZN168W7zfjRfNevLu5tPJLz8U7uAt%2B3fIdfPqkOZAuaDYal7RHE2xVAEXcA4ZrqBYMC%2BZORnae9IOb5FiOCB37UODPyGb9vuCRcriYzIsPyZV%2B6uk2P4mKfbPEEOR4vIZN6PI3frD7WU9jH1TrIaTarktSd3dk834JTLeHry7%2FHTyG687eEp%2BiTTVi8cvvvfRv33ljwGp%2Bnuy6e%2FJVfsvE3Kx%2FMYzv9tP3vO7%2FTD5CG%2FGdtXeFQ%2FdDcZibCZ%2FaTa3%2B66vdWl4%2Bh2%2BenA8qN8Nm2G0inXdri%2BGyV8JbV03vdL1VTP5nj4kTeluh0th26%2B3G8sVFX216ZthaLv1c1I85Pg%2Ft6RqX05%2B4Uf%2F%2FHpyf%2F2dH5K2%2F5j020%2Fe%2BsHlOG6Gr56esk%2BKzUnVrU7bdd3cnGwuN4%2Bvm9szeLthFm1L0e0e0jMASvbJ%2FnjRNHVbnzWzOTgetmVbn9Fwzswojjnebtv6jIOLBVuAYloXbDXlqBpO52gGpxBCblEv6EWzoI6bzZmiREbMAdVwTDnVMpR5umh5SRqxvqFiP4AJUEPXCTVW863EZ4IAirrr6WaoaoaL%2FEhk2TgTxTz3hZAFMDfUJFdkO%2BY9aPJGCJQ8yVjFTBmkoDjFWgxzDUfQVlECLMPL4tRR%2BQxqGDg2js0cYjkPbNVKdMV3bNE1YkbWNdGVciYJAtnN1ZCHfCS4jqL4MUpSU4o0W8xdn%2FMFlldTNZYEB%2FJJLvhpbsq6KDgsb0LVSDEv2ZqrKC4XC6olOyCx4zDKUBZA4AhxYjECZhTTslQuNwRft70sCYHChYwpYV9hUCj4uulZQZZYFitxIopcrOhQz6CgAjYPhJRnNJD4Ebaj1IpilKq8wQuxx2RmrBiWZilqrHuKJ9hSbgCEOCFzvQiAyFAcFwswdaQ0sy0DMY4hGYqauIqdhjYjRokn8b7FIz1IPJ3LtUgX7VjiE1FMtEyUTd1n7BQgJguRKWAtBaqRAzkxAJchQbdybAVu4ACAYzdU%2BSixhQBnghiLgsiaGuCxL3qsaiexG%2BcS78mWGChSoAgm9iQXMqLlRtCBcchpLOOEOS%2Fwkh4mMpQzQdN1H6DQ8oUsYXGiZ47JpE4e2DrH41QILOTrj1iJrLYvHv%2F%2B331r%2Bd76y6TtnpNq84ffOToK9dCSj47%2BQT%2Bsi4vDpj9c3l5fN3Vx0awP63Z9%2BMM%2F%2F5O%2F%2F%2FDoSJID0dfdUMfO0dGrw2As%2BvFw2LTLZTMerpr6kKYo6tDB5mHZrbfDh0dHFu%2Br8rlu86p8dPTJ29bnKGu2J3VXjV2%2F6YbxZN2Mp6tm7NtqOB2KXXPSri4eN7tmPZ6NfVFdN%2FV5%2BxMsD8dlW0%2Fb%2BmzHTGmIKHo%2Bo1mWZmZTNIUMglOaRjOGmU3n8wVdz8pqiqqCntY1U0wRpGdTmuPQnJvXixJxx5u%2BrZoz6rhdXZy9Du4Ryz9ilEeM8vrLJ6%2F3dn0x9sVi0T38GB4xymY7XD5ilHb1iFWK7Xj5iJU2d3CLZo8YWD1iJSGWb1SISl26RtW5PTLdfAvUqNxX50%2BAd7O3VJOxn4TX83zGjXXQpOMw3N1WllHhJJinO3l24akhtkyaWkTtE6fSYtBXTKhkBbVb3t6t2HFf7lk7SGfX89tVL6dX420ShK3HBAKbKm1vMWzsdzpiropbb0GFjnFj0jx9HQAuZIbZTTlbOvZ0zof0Vsj6a39hVeasUWqcnfNr40kqMnakBBpOnXRh0dF0rZlrgATsO%2BfrYlynfH%2BbOcvavpDuIvr6YhVuxkulgov5eZQrVLYOusvzkGMj0du3u27Z7AQ0RLk0n8bx1W14vsPJVrO0Orssy%2BBKs1VpnXTs3dKZrXeN1K%2Bn%2FZ21KH3RCWOfzpM5fc7p6pW2o6urPWb3m6YTnyDgy0M0utce8mFY70SbozoTL9p1ilgrA5ubZL5z2r7ZqSucuV0ye8I%2B6eTLUIjri90SSetWoM43LNxLcwqsM9hMB6p3I%2Bqi7qdSnoru%2BZ6OxZv8AtDdwshwfBXeOZayv82KAIs6JSuCv9FvrioT5202N7jpVdwvVp2wu6JSflnsRCisr8tL0G3UIDG7oqV0XEjn%2BpTX7lhvyKYWwOo%2BfCK2ij%2Fixt3GlrlJmVHk3J00DbUFxUitfnNuDxDZaTu%2F4q53o0uDRduiOrz4i6MjXXxA4ic%2F%2F7uf4%2BrzcT1ptidlV5Zd%2F3pmT%2FuxPH3NVj%2BB0eP%2FP0MNZzRFH9dnNMf8DOX149lPA5A%2BHsoz6oRiGYqjaQTBcf3aBhyH%2Fi89jt11W5%2Btt8vl8bZfngWuy4WYAyzPa5bk8sjl2UBQYGSkppl5LmtGuhJoTI6A5Hmq6VhcHomOHLk6DAMd5zHkIwNZQAllUcLA4kJTMEXNclUrdnRXjTTGZDTbtgXZs4HoO0wiBHYSykkaZr6uuXKQxaqCJeAkiaX4HDYTlkW%2Bzfu8pXlKmskZIzliJrsuglYoJxn0Ez9K8iS3cznPM1HkIxxzaY6TjMFAdOIoDhKDAYEBEjViBT5SHZv34twXkZwJls5mUuwklgds1uEiMTTTmNNSwQ4CIPpuJjCCqLqmpakGZjPZ12RTlqGoulmWyoGjJqpsC4nJ21aGGUvxcyU35cB3QwxVaAcoT1VdtT0GaWJuIj0XOFew3SBOXTszsaykDutaQSjr0BQCIdZU7Bt6JIiepkSuJwd6JHPQiHRXwm5uyInkuCHIcqjbKfKMyOVtS%2BOxhCLfhZoAAilCiiqJJtKY2MtFN7HjSHdsV2K5BCVQtSzbiQ1TNSUOMsjFTMQAF0NsaoYfJAgiaNha7ikh8ETo2BJiWJgpps670JFsOWFshkukLItDMxTtEAi2HSZBnMDQNXWTi4wkMzkEON3RTUdzIkF2Nc6QcknghNzm%2BTyA0GVELuNFnnET3ZKgiHk%2BijCPUAZMaBlxFhkMjGWBDaCoWCmSncjLRUPTdIsDGMuINQEXOFpmu5wj20YWKRoCkmT5aS6LeaokOYOcPLYCUwBR6jGcKiqMZSWCYrmqmgU88MVMxpyXp2bIuQ6WY19hXBfqMeZ0R8lin8OqL9tx6iaYNaAkMqLryIqty4mdp7KjYknTNRNlSIUGtB1Vk1yoItnhOcwmTuhYEpI9T3M8NRQ0EEmBF1i%2BYbGBz0aiKMYuTpNE1AQdZ4GZCz4ne7mbC14ghXymR6rIqJmYQKjyQa77UYojbCohr6luEkaRyVl6YNse9gDDaQF0TTGW0gCrgSRplqWlOvadGPgwUlDuB3yomXbKpWzEG5D3TAVZOHB9D6aBy%2FBmFsPMECwbmxA4mSqy4UOBRSGRVU7jktw1FVb0E%2BxiN2HFhxfwMOJk6ENb5GwQp6qPgGBxQGc9zhVEG2m6DpKEhbJkx2noWAEjppGVS6msCKkJoxRbmSXgkIepkwJRjnXZEbNACXk%2FNH0lEiI3YlRLVEWO9VJDNzjFDvQUpcD3GNuUJD7HoekYUShgZMuKZciOKeeSzlm%2BqgiCrPKxpMRckrFqFKFI8%2FiMM1I7FFCOdVMONBMLsaCnaWqAVA5lKRBykddcBkSmbso8K9oRH4UOwKKrYMgqvIKgBCIsRJqreTAzLNm3Qi0xNN2OE4YzTDthDQlGyNRYk3GTR6z02XXcns1mNVXWx9szBOmCmh0X9RkZNi8mbxYZugnpl1%2FY5eaA7Lf3z3qmfPH4%2FuJv78p%2F%2FDJZti8n8x%2B8TZbNi8d%2F%2Bk383%2B%2FUOSnKezI0P%2FXgF%2Fq7wzfIRX9AivHrZL26J7v%2BnuyW96RYPiXD9u1n46Z%2F8fg%2F2NeLlMuDZ%2BWyP3ivXPbLb312bhzaV4eA5ppZOUNVXZdNVdOIYWcsRTF1zaF5Q8%2FJOLysvslu%2FxcAAP%2F%2FAQAA%2F%2F%2FFHMQPbBEAAA%3D%3D HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Cookie: u_pl=16928042; uid_id2=e80992c6-935e-4319-91bc-0580bfce71eb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43140ca71044e1554cb3c72632128066
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 361279
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 361300
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:55:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6f893b514649109a95e0a5a296c9d21f
cdcf062ccd27731f447c794459fb283d185dd2da
8ae5c6a97e5ca5051bee79bde5348ed85c2304e3f9cf6c431bea1458f6317d06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:55:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:39 GMT
Expires: Sun, 11 Dec 2022 12:04:38 GMT
Etag: "cdcf062ccd27731f447c794459fb283d185dd2da"
Cache-Control: max-age=561543,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77487946dcaab511-OSL
track.trackingtraffo.com/push/ic?auth=pz6u78&c=30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
88.214.195.156302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/ic?auth=pz6u78&c=30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6
IP 88.214.195.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=pz6u78&c=30IYnDieIUcbYcOGVdzlFv_7GQnxJE7udyQFd0d46MavmHkydIzweoEZCVY20WUa3PneeyEkXja071GCP1Juc1JulFE8hz745_yFkA32vQHlqm6KiYquOH1C2hibi-ZJ8ZRId169sSiZ81EpN39x25sB8GbhuX5xnnqSAI9bs5U6m1iczKX7M4BrU5HXzWiWKUYJM5Dkykyd64vGb52HayTu9-K7D6gMlB1fvPBLqgx0M4nVU-YpETulL-oNlr6ktkAcNLFCcaTVaNKBHXckZw1ttEtk78Z_xpGfcwIvpmkJ2Qvb_ps1_TSsXUrVTfdEEMPkbHpmNa2D-etwzdDY9FhXL4xxJZe8KKa0wh4UTb83XFB2MP4GQhRebg_ZU7ErMExPXh_byuuOD-SyciApmPOXOXufUtcJOu1GM3znVtcVJFHccGttWfqwm5hKXkN_DDgICDZgmsiST-N8qfGIMohCucSWycv_XFzDEBBs79mLZ05VnAA5zMboMsLO-SH_PRbPuj5i7wO5ij3SIQQgCE_bDndEVJ6Mh4ea5UUnV7JK3UMdTBZJe9Aw1WzXKjNbGT625SyqsEnQP2wzOIS5S1UESqaAHrs0-RO-Q8UuzT5eida6 HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 23:55:35 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National Casino black.png
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png
142.132.194.196200 OK 4.5 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png
IP 142.132.194.196:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 58be17b22d6e1178a54c92cf862c817e
b821bc2f016751647df49e49863077e927a70322
9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 04 Dec 2022 23:55:35 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 03 Aug 2022 08:24:07 GMT
Connection: keep-alive
ETag: "62ea30a7-1168"
Accept-Ranges: bytes
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:33 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 640080
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st.chatango.com/
x-crto-bundle: 6VlzaV9EbWp2eGtnRVJyVmczSmNnSzJxNkJSaTBzS1F0eGhsN2NVb0h4MTNJSTY3ZkVaUDJiZHhlMCUyQlk4RTFHWlRnM0ZWZkVFdWdmS0dVSVF4eTNLcXBFdVRjNEpkSk5aWCUyRktxMXdwWjFwc2tSZGlGYnFjcHc0dUZ5UXJuTWU0Z2FwcERUbXU1dXFtTnQlMkJobGJMNE80MURURFElM0QlM0Q
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 2799587
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=5367095&cbur=0.14404092024822712&cbiframe=1&cbWidth=900&cbHeight=600&cbtitle=&cbpage=http%3A%2F%2Fhdlivegames.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=5367095&cbur=0.14404092024822712&cbiframe=1&cbWidth=900&cbHeight=600&cbtitle=&cbpage=http%3A%2F%2Fhdlivegames.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=5367095&cbur=0.14404092024822712&cbiframe=1&cbWidth=900&cbHeight=600&cbtitle=&cbpage=http%3A%2F%2Fhdlivegames.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=befirstcdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hdlivegames.xyz/
Origin: https://hdlivegames.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unaces.com/script/bootstrap.js
188.114.96.1200 OK 0 B URL HTTP/2 unaces.com/script/bootstrap.js
IP 188.114.96.1:0
GET /script/bootstrap.js HTTP/1.1
Host: unaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:31 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsMfrV3hk6xLib6PuHEYM7oOviLb8sUyuI5x1zTODBzuWS41UZS7ByQNoVURwhS79fAfe36_ot9npv9gMqdZI1SVw
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 04 Dec 2022 23:35:30 GMT
cache-control: public, max-age=14400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
age: 2998
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wa35PkidTGGWg6d90IZK8YVz4mI1aN3rDjR0%2FFDPGJyiXilkseBovCWP8BA2a%2F9LAEbb7rhNMmicm0NZnq1dPsL8SB6ShgumDQ7rlCQvGMWmz4cWCVRUzsoQzNU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774879326f58b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
befirstcdn.com/script/ut.js?cb=1670198128837
104.16.164.101200 OK 0 B URL HTTP/2 befirstcdn.com/script/ut.js?cb=1670198128837
IP 104.16.164.101:0
GET /script/ut.js?cb=1670198128837 HTTP/1.1
Host: befirstcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsKNrxSX2kogrG1hplLLMe8pnxGSbRzkHFpG1gjj2yFzb8JbWWeEgnzPh5tEtkoH5kJujdimFF53lOWZjdAjlEr8buWzs1Z
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 05 Dec 2022 03:55:32 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 294
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487935fefd0b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.96200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.96:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 01:57:26 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3Hg4kd6GKsvZvroYeCNFR0Y09ODReTKr0s_7Ts9jErQ5S3I9J2cknQ==
age: 79093
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/mac/2/css/style.css
IP 172.64.108.13:0
GET /sb/notifications/rtb/mac/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:34 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-10d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 204789
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5Ofz4OQFm3GkuOjRvhT3EpIwOIzVZLXvZKWYu5sGWkf6lCbYQxutweHSel55imwMAA2ntlu88zQgVSIvjHKeI1EGt2UJBFECiZYp4uHPX9pqshGHDDH1pMBR8dIXiaGWwKDFi5EJFzL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77487942edc08877-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.xadsmart.com/simple-jekyll-search.min.js
185.76.9.24200 OK 0 B URL HTTP/2 www.xadsmart.com/simple-jekyll-search.min.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /simple-jekyll-search.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdlivegames.xyz
Connection: keep-alive
Referer: https://hdlivegames.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:55:32 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 09 Dec 2022 14:42:30 GMT
access-control-allow-origin: *
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1670596950
server: CDN77-Turbo
x-77-nzt: AblMCRQFFij/niQDAA
x-77-nzt-ray: af585630be94d1e674338d6361f90d00
x-cache: HIT
x-age: 205982
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2