Report - streamsss.net/d/30iqsw26jj0u?caption_1=msubload.com/sub&sub

Report Overview

Submitted URL
streamsss.net/d/30iqsw26jj0u?caption_1=msubload.com/sub&sub_1=English
IP
172.64.171.26
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-21 08:00:21
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	24 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	46 kB	142.250.74.168
widgets.amung.us	12623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	753 B	172.67.8.141
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	33 kB	45.133.44.10
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	946 B	104.18.11.207
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	9.0 kB	93.184.220.29
cdn.uponelectabuzzor.club	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.2 kB	139.45.197.239
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	12 kB	104.22.32.172
mn.debiteslapdab.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	1.4 kB	23.109.170.51
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	406 B	35.156.167.37
dearestimmortality.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	1.1 kB	173.233.137.36
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.227
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	79 kB	77.88.21.119
cdn.itskiddien.club	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.1 kB	139.45.197.236
streamsss.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	914 B	1.5 kB	172.64.170.26
profitablegatetocontent.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	14 kB	192.243.61.225
residenceseeingstanding.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	12 kB	192.243.59.20
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	4.4 kB	35.241.9.150
poshhateful.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	327 B	192.243.61.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.182.211
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.4 kB	104.18.20.226
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	26 kB	172.64.167.9
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	850 B	45.133.44.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	17 kB	142.250.74.35
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	310 B	172.67.8.141
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	2.2 kB	142.250.74.106
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	795 B	14 kB	172.64.133.15
distributionrealmoth.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	934 B	192.243.59.13
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	960 B	172.64.166.29
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	95.101.11.115
fluffynickname.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	7.0 kB	192.243.61.227
inrhyhorntor.com	129234	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	112 kB	139.45.197.237
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	742 B	139.45.195.8
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	704 B	560 B	216.239.32.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	21 kB	142.250.74.110
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	18 kB	23.33.119.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
akamai-images-content.com	509754	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	96 kB	104.21.235.171

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html	Phishing
2023-01-21	medium	friendshipmale.com/sfp.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	inrhyhorntor.com	Sinkholed
2023-01-21	medium	profitablegatetocontent.com	Sinkholed
2023-01-21	medium	inrhyhorntor.com	Sinkholed
2023-01-21	medium	poshhateful.com	Sinkholed
2023-01-21	medium	unseenreport.com	Sinkholed
2023-01-21	medium	inrhyhorntor.com	Sinkholed
2023-01-21	medium	residenceseeingstanding.com	Sinkholed
2023-01-21	medium	fluffynickname.com	Sinkholed
2023-01-21	medium	fluffynickname.com	Sinkholed
2023-01-21	medium	fluffynickname.com	Sinkholed
2023-01-21	medium	distributionrealmoth.com	Sinkholed
2023-01-21	medium	distributionrealmoth.com	Sinkholed
2023-01-21	medium	fluffynickname.com	Sinkholed
2023-01-21	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	cdn.uponelectabuzzor.club/27/8862a520384edb88c0ba1902bb6160b9	408 kB	2023-03-13	2023-03-13
Pretty URL cdn.uponelectabuzzor.club/27/8862a520384edb88c0ba1902bb6160b9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:19:13 Last Seen2023-03-13 06:05:45 Times Seen1 Hash ba0e8f196958991b0d4cd6fbb7dc09b2 05849bdaa6428f653c87b46f85a01665bc4e4182 591b7d1cb897c236464caf4eb004c312b00dc8616ddd87012e767eb9121e583e Loading...

	mc.yandex.ru/metrika/tag.js	216 kB	2023-03-13	2024-02-12
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:21:16 Last Seen2024-02-12 03:39:19 Times Seen26 Hash 11dace43aae35c0df839beaed62a7af2 69bc46afefb0a5a4246be951c20b9ea7196333df e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32 Loading...

	cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js	84 kB	2023-03-07	2024-05-11
Pretty URL cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js IP 172.64.167.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-11 02:14:17 Times Seen16122 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	http:blank	1.1 kB	2023-03-09	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:19:55 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 42836cf924b951e29e6bd5a065641f1e 1531deaac5bae42ec879cc557eb43f2c6ca9811d 5c3d19c861d627a2db4afefe3cec5cbdfa82d645337df3aea361a8b21f54e3dd Loading...

	streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English	431 B	2023-03-07	2023-03-29
Pretty URL streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English IP 172.64.170.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:03 Last Seen2023-03-29 22:43:22 Times Seen10 Hash 1515b5238a0e628205519bc1d0e92d4c ccbc49481fefd894c803b6318eb363365d85be61 fdbbdd1d19a23307387cb48a5376c37dc319aa36b92305b7cc8ae6e8fe4d3dee Loading...

	profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js	37 kB	2023-03-13	2023-03-13
Pretty URL profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 5ce4be5b9651bc861ace94d0ce9b1ffa a7a3e4a45303c34924f9bd88a102a2af30611c15 818f541aaf617ab3395f9a8943c97efdc8cbed8181dadf3038c7ef8306378cdc Loading...

	streamsss.net/xfst_js/home_page.js	295 kB	2023-03-07	2024-01-25
Pretty URL streamsss.net/xfst_js/home_page.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:17 Last Seen2024-01-25 23:28:31 Times Seen9 Hash 84d633d0aeea3ee296024a5dee3c6da0 a01212621665f338e6b2ac561250e46b7dea6f27 cda39e8adaa8d8ba2cae8c1478d425764ce3ebb1da886c0c6eae00e36e71c1a7 Loading...

	streamsss.net/xfst_js/feather.min.js	72 kB	2023-03-07	2024-04-06
Pretty URL streamsss.net/xfst_js/feather.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:03 Last Seen2024-04-06 02:21:34 Times Seen31 Hash 787085f80ff877794c75edb9d8e0b8e3 08b56eb111fbb042999e356d247d5b33d6bccb75 b366fc8adaeeea8ead4c59a7d57d8949f4df2aa79fd8b8686cca679ea28ff713 Loading...

	streamsss.net/js/modernizr.custom.04022.js	6.9 kB	2023-03-07	2024-04-18
Pretty URL streamsss.net/js/modernizr.custom.04022.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:17 Last Seen2024-04-18 11:58:32 Times Seen155 Hash efc8a6825f06a154175a47e2e94a8f39 8fe71148f0b19cf0048696ce803e22eb8bee950e 956a35796f6cdde9e68964fca782f4cbec0da92c81656ef2d13714bdae6adfa6 Loading...

	streamsss.net/js/jquery.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL streamsss.net/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-11 02:14:27 Times Seen143279 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English	155 B	2023-03-07	2023-03-29
Pretty URL streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English IP 172.64.170.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:03 Last Seen2023-03-29 22:43:22 Times Seen10 Hash 3fc5fdb1cf83c35c440fe9cfbddc317e 48af632049e82c28988dd08ff0fe625373826ff8 003786f9f583240f294e4cb7b0898c8de2420d616637afe88ac0f7c831748c47 Loading...

	residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js	32 kB	2023-03-13	2023-03-13
Pretty URL residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 5f9b25e604e635f16024c22a75c87a11 7c64622397691b48b2be70628abde80ec5c6274d dfa60611e9d543a22287bc5d10ecb5559e0d0a5839acc25c05a208284fded014 Loading...

	streamsss.net/js/xupload.js?v=3	9.9 kB	2023-03-07	2024-02-01
Pretty URL streamsss.net/js/xupload.js?v=3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:17 Last Seen2024-02-01 01:07:33 Times Seen34 Hash a3d9267801c4f75e4342a9a4996b56e4 0dd283075526852755fa1fec560b222b6efab217 612b13c71643177e4b33c59175d7da0ff5fe1013d99cfb0a0586632461137e17 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:03:10 Times Seen37534458 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	streamsss.net/xfst_js/main.js	6.7 kB	2023-03-07	2023-03-13
Pretty URL streamsss.net/xfst_js/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:02 Last Seen2023-03-13 04:37:58 Times Seen1 Hash c1bbdf54df464e006f001ada38c91b36 64c222aeb1fb9f0fa85c765cd44aed020392d488 e396dc6d4dd29daf5d86585534cdf3561892f02fe97e998547b54285a497912a Loading...

	www.googletagmanager.com/gtag/js?id=UA-166622646-1	116 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-166622646-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 1f6f9b88a86c2f109fe2a7caabc7c32a 5977afa4dddde3e35f61123256dd6fd05e24d0ac 2cd4b8da84e4fb1aa19db1ae15fa7feb3ec4a9dfbb7f44b892387512b57feb0d Loading...

	inrhyhorntor.com/400/3766241	83 kB	2023-03-13	2023-03-13
Pretty URL inrhyhorntor.com/400/3766241 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 5f14247e145e6b2f595c7438c1813818 2f009646f5d9951d631acb9975678c5803392102 8358c5fa2edc8e2bbab6f1bc7651bbe8229c3948defc167dd2777e9fa7af0b41 Loading...

	www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash d744756986ec7c75f109e6d87010018c 36f836ab9c1162316de1da90d1641e38a466459c ff594c20fe5dd7a31313b731dfc77e60a12e24b99536bff552d842d515f50966 Loading...

	cdn.itskiddien.club/apu.php?zoneid=3785253	78 kB	2023-03-13	2023-03-13
Pretty URL cdn.itskiddien.club/apu.php?zoneid=3785253 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 0dd51dd10b67895fdb26fdf1029d1d17 9ba0521373f68d90cc4674ef4f6f584849bae737 b0ebb486673d9b9a7436290849b463c41b38235caddd9ce920482bf3056d6212 Loading...

	cdn.uponelectabuzzor.club/1?z=4422977	18 kB	2023-03-13	2023-03-13
Pretty URL cdn.uponelectabuzzor.club/1?z=4422977 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:37:58 Last Seen2023-03-13 04:37:58 Times Seen1 Hash 2058e60bea376b1a3b145fbdd7448b7b 7bae05d890c18de1326bfb3d3526723c802842b0 f1a6694f73945852b34abf5c1dc8ee411c534381e786bc87428cce0aefaa991b Loading...

	streamsss.net/xfst_js/theme_panel.js	403 kB	2023-03-07	2024-01-25
Pretty URL streamsss.net/xfst_js/theme_panel.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:17 Last Seen2024-01-25 23:28:30 Times Seen9 Hash 77a33d348c089d2e2f860b219ec5d5fa 55c664cef036dd89d70c3d390c473f3ce161945b 3d02c73c14e8c50410372fdcbac76b89c443086abd9bdfdad6325cca32552702 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-11 02:12:51 Times Seen2373 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

HTTP Transactions (101)

URL IP Response Size

streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English

172.64.170.26

301 Moved Permanently

0 B

URL HTTP/1.1
streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English
IP
172.64.170.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English HTTP/1.1
Host: streamsss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 21 Jan 2023 08:00:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 21 Jan 2023 09:00:10 GMT
Location: https://streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtGQyfQK%2FaaoxS4pWwv%2BxndyypKX9y2uVQF%2FG2R172g0eaREChei%2FOwtDPaxTDM4MYep6MRMIqpiX333hEHvXXRcTi1h%2FVdSn4VEI7ypwrjhmqFRrmG3rAwm3yY6KFo7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce83c15d7306bd-LHR
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4510
Expires: Sat, 21 Jan 2023 09:15:20 GMT
Date: Sat, 21 Jan 2023 08:00:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13188
Expires: Sat, 21 Jan 2023 11:39:58 GMT
Date: Sat, 21 Jan 2023 08:00:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 07:49:36 GMT
content-type: application/json
age: 634
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Sat, 21 Jan 2023 08:36:44 GMT
Date: Sat, 21 Jan 2023 08:00:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jr/gvODYLbu2y4T3kJdiymt6TaXAeJGHsIQm480U8Q46D6ATqhFSTUBb5TNiLfE95X05bkBoypOOHXn36q6bnA==
x-amz-request-id: PDWQQK7QEJY3Z4YT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 07:17:55 GMT
age: 2535
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e7a704bcebd929d7052952a2d8c0b0ae
37a020daa8974278ec2b3d8b6bd46287f91b22ce
bb8af01f46b61022e05806a56fdfb8f526c0e9e06c0b0c3b2dcda1b8f952a250

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BB8AF01F46B61022E05806A56FDFB8F526C0E9E06C0B0C3B2DCDA1B8F952A250"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2879
Expires: Sat, 21 Jan 2023 08:48:09 GMT
Date: Sat, 21 Jan 2023 08:00:10 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
e7a704bcebd929d7052952a2d8c0b0ae
37a020daa8974278ec2b3d8b6bd46287f91b22ce
bb8af01f46b61022e05806a56fdfb8f526c0e9e06c0b0c3b2dcda1b8f952a250

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BB8AF01F46B61022E05806A56FDFB8F526C0E9E06C0B0C3B2DCDA1B8F952A250"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2878
Expires: Sat, 21 Jan 2023 08:48:09 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ee5913c7889337d8aad8b5bd16cfa7ef
7eb4207e86645bc4bebf8d05d1886e7bd6ddff79
8906479a2feea0c798a01cac496ea1b45703f3ae063fa142ec40bc292e9a913c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Last-Modified: Sat, 21 Jan 2023 06:47:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

6.2 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
6.2 kB (6216 bytes)
Hash
a5f02e50cd424180aef5254102aa2b9c
fa637d25e237583f0519979fc4097e212a9b11ee
1fe67fa11383542106ac3fef7a4fd9a0de886041ecb478e78cb96b15db939ede

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2227
Cache-Control: max-age=103425
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Etag: "63ca83d9-117"
Expires: Sun, 22 Jan 2023 12:43:56 GMT
Last-Modified: Fri, 20 Jan 2023 12:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

16 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
16 kB (15459 bytes)
Hash
b9060643e804db54e31042e510b2f2eb
e739d7ea7924600174e5648ed2bc9218cf9054ee
a49799269b3e2adaa68aefd4925665b420c091fb32e445bf39b21bfaa9a33256

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

4.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
4.1 kB (4081 bytes)
Hash
c9161301b3fe35639293d55813da7114
ce9ab69a5750234ee73ce600fad767de3f3d890a
e89e4b7b8c40431b7795b7b14354a4a534dba1182884bcfe407acbc5c8cb717d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ee5913c7889337d8aad8b5bd16cfa7ef
7eb4207e86645bc4bebf8d05d1886e7bd6ddff79
8906479a2feea0c798a01cac496ea1b45703f3ae063fa142ec40bc292e9a913c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Last-Modified: Sat, 21 Jan 2023 06:47:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtag/js?id=UA-166622646-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-166622646-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (45018 bytes)
Hash
5720a7df66074bbcda6324a0e45ba454
b58e22d0b92c824d7d002fb2c1598f6c8b419d31
a3f931e8112fdb3c0331ec557261a79d49a60aa182e7c71ea47accafce462b90

HTTP Headers

GET /gtag/js?id=UA-166622646-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 08:00:11 GMT
expires: Sat, 21 Jan 2023 08:00:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
514f346a7af0070736d92010d541f239
78a4572852b5503a5ed2bb23fc0e4ae9376d9fcf
fb3a650465ebfe7483bb1f83da440188779e2e2cdb181bd082874609a66547ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2227
Cache-Control: max-age=103425
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Etag: "63ca83d9-117"
Expires: Sun, 22 Jan 2023 12:43:56 GMT
Last-Modified: Fri, 20 Jan 2023 12:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

fonts.googleapis.com/css2?family=Allerta&display=swap

142.250.74.106

200 OK

752 B

URL HTTP/2
fonts.googleapis.com/css2?family=Allerta&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
752 B (752 bytes)
Hash
f9e1313ae434707327758f4c6d15040f
bfa05e220e3bb94c2ca482db9cf06a5b906d43ac
ff687e50652c28725b6b29fb9bc7c76ed92f4e7576b3f97b2212b2757a5342f9

HTTP Headers

GET /css2?family=Allerta&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 08:00:11 GMT
date: Sat, 21 Jan 2023 08:00:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79d18eda50c88dbeb8a2604399da416f
856979ba60c7c649d92f801270e08d65576df3c5
ba8d72c5cecfe93ddf8c16fdd8f3bd1d25f732449d2f366a2a915557ba2467f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA8D72C5CECFE93DDF8C16FDD8F3BD1D25F732449D2F366A2A915557BA2467F0"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 21 Jan 2023 14:00:11 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

2.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
data
Size
2.3 kB (2346 bytes)
Hash
551a89bba7ab8dd8cc5187e1d8eb2a29
bba7a155027469d166738d3202e8522c5a256552
2a443f162b27593062711e22475fa82008f6d074e87dcd0e724aad005c9e7f9e

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 07:17:29 GMT
age: 2562
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
87601792c0eeb9426c48bf2461c723e7
098f49c49f0c7ee306be3aa784013f93377c1934
f608d6ecb4a9661bed4c515fa44d84b4c3ebf34795589a0f9287d1d0a3da49c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F608D6ECB4A9661BED4C515FA44D84B4C3EBF34795589A0F9287D1D0A3DA49C2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=55
Expires: Sat, 21 Jan 2023 08:01:06 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.10.2/css/v4-shims.css

172.64.133.15

200 OK

12 kB

URL HTTP/2
use.fontawesome.com/releases/v5.10.2/css/v4-shims.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26440)
Size
12 kB (12012 bytes)
Hash
855aa7516df697897987362ee30cdb9d
4a7ff4b2afadddbe3551a555af5e92a0c24d596f
59a73536adfedae29d2a837a530d559902a05006ba2b924b8a278dc6d3bb628c

HTTP Headers

GET /releases/v5.10.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: text/css
x-amz-id-2: 9oHacZp0W4NdVOhcZ02ibD75z9pE4Un49UGdeLzWR6/PWfmoIstb6XRsAr6qMKurxrspsHjQNDI=
x-amz-request-id: YZA92TJQ2VVP396Q
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
etag: W/"e0fe4a6191bf975ee1a105ea1cb4c41e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 600877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo0S%2FQyXXK8Zmn7UKh1GxzfYHE92D4cB%2BmE0raQLYlLZwNzHFbe52ujIu3C9yiz9qdGBEBNfXtXburLB9ouojNyEWL1zIju1frG94GMFFcM0gAIofEMYi6zGKr5kKMn5ci233PiL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83c60e688895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mn.debiteslapdab.com/tdNnaJHABCVJ/55699

23.109.170.51

200 OK

25 B

URL HTTP/1.1
mn.debiteslapdab.com/tdNnaJHABCVJ/55699
IP
23.109.170.51:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /tdNnaJHABCVJ/55699 HTTP/1.1
Host: mn.debiteslapdab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 08:00:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://streamsss.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 22-Jan-2023 08:00:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sun, 22-Jan-2023 08:00:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

akamai-images-content.com/30iqsw26jj0u_xt.jpg

104.21.235.171

200 OK

96 kB

URL HTTP/2
akamai-images-content.com/30iqsw26jj0u_xt.jpg
IP
104.21.235.171:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 875x495, components 3\012- data
Size
96 kB (95589 bytes)
Hash
9aa85097fcba7c17f3de59f1031bb2e1
e254df854017f7ed31532516888d599cac235e5a
7565948ac7fd6d998f3d78618cbe5cd5cb12b794a7f32b50c54cc377d971cfb8

HTTP Headers

GET /30iqsw26jj0u_xt.jpg HTTP/1.1
Host: akamai-images-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: image/jpeg
content-length: 95589
last-modified: Fri, 20 Jan 2023 09:29:57 GMT
etag: "63ca5f15-17565"
expires: Sat, 04 Feb 2023 07:59:41 GMT
cache-control: max-age=1209600
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5CwjyWolMMfkOo8t06WJ2nSLnXW54A6c0l7caOhdujcyHippnJZU%2FEUT582mu5lC3ApUdCzAOzsT45rVJ8g%2F0WQmKQZBJAqw2ulIu7TLR77%2BwGGpuZGkATP8c6MoGWWKdGZzr2qU0FTqnCs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83c6be0cdd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

inrhyhorntor.com/400/3766241

139.45.197.237

200 OK

109 kB

URL HTTP/2
inrhyhorntor.com/400/3766241
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
109 kB (108576 bytes)
Hash
7845f868bf6c3f432b46ef15d16577c0
cfe15c1f944ab0ca438372a03f3c144dbbe5c266
e265a9d4d75bd22fca07ee85117d8690b297f7a87ddf26a5fd80593aafed423b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/3766241 HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: application/javascript
x-trace-id: a752eb27bd425130e7ffbf01d6132983
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=1d2ba387c107449faf5976235126786d; expires=Sun, 21 Jan 2024 08:00:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4527
Cache-Control: max-age=94931
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 10:22:22 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1p5/Ir9MpLjG8WE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ir9MpLjG8WE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63d024466fe08d7f897106c14338462
dc4f109225a894c910c4798e05bce840cc506d5d
1f28b4df9686e248680e58730c6179d20a7683de67f06e72a025f0069547ee84

HTTP Headers

POST /s/gts1p5/Ir9MpLjG8WE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 08:00:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
335833e93cbff5a86f298f63cd62d00f
3bc68a57a55c8e2936171c9de9cacea265c985da
5679519ab1fdb576d558cf72a0d9b4737886dfab9bac72e756de3724b263a5a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111371
Date: Sat, 21 Jan 2023 08:00:11 GMT
Etag: "63ca9795-1d7"
Expires: Sun, 22 Jan 2023 14:56:22 GMT
Last-Modified: Fri, 20 Jan 2023 13:31:01 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lXR9bVwnfzlX2xyxLf6VmMvmyZFhcU3B95rXbfxA8FEbvSfMlkvRxQ==
Age: 5121

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5f82e8cd90c972e1e9ce7179b3cc5685
54571edcb203afd58057c34859f2e2f5f3e58a23
2cdaf434a43c0c493ca44807e87aad7446c558b78b76e679f2b4b7e56339e80c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CDAF434A43C0C493CA44807E87AAD7446C558B78B76E679F2B4B7E56339E80C"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7124
Expires: Sat, 21 Jan 2023 09:58:55 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b32d1a1eda69154c349fd56c1f3e0150
4d412a6ad2422deaf6b226fdeaa7f81802ad2f94
9b0b4d0b3844c7b33822ce9023fd50fa92d051e9ab35b11a2570e3f959fe639d

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://streamsss.net
access-control-allow-credentials: true
set-cookie: uid_id2=2d58e92e-416a-4481-85b6-3e1c1f0b470a:1:1; expires=Tue, 18 Jan 2033 08:00:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a6c5d95de64729d67468c743b2231817
80248e1e2101fecc7416685db7b6a97acf80d0d9
9141613294c13bec550547c341dc0af73c9142963713a62ffd115325f4add502

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9141613294C13BEC550547C341DC0AF73C9142963713A62FFD115325F4ADD502"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12397
Expires: Sat, 21 Jan 2023 11:26:48 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b396ed0b9c4072f0f1762fcc0051d447
bf08e663f4e60f4afc5a8e482132d8e5a9f9af83
b80011f8855f095fc9239fa69feb44e7a81e4bd694c1ef1dbf827a5cee89f227

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B80011F8855F095FC9239FA69FEB44E7A81E4BD694C1EF1DBF827A5CEE89F227"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19960
Expires: Sat, 21 Jan 2023 13:32:51 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e257c8f2392f159921a40b7d3ffe56
f89f2ea262bd86780848257fb73bcb45019d2dbf
939e3a190c0d0cdc796a73a852b368415660f6bb8f00653af4f8c960ed797fba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "939E3A190C0D0CDC796A73A852B368415660F6BB8F00653AF4F8C960ED797FBA"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6518
Expires: Sat, 21 Jan 2023 09:48:49 GMT
Date: Sat, 21 Jan 2023 08:00:11 GMT
Connection: keep-alive

profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js

192.243.61.225

200 OK

13 kB

URL HTTP/1.1
profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37125), with no line terminators
Size
13 kB (13410 bytes)
Hash
1974d90e2cdee527cb318bed25f8da5d
10f044a9291b71a69e9c956510b9977888d37004
9215026c06a1fcfba3bcc133f5241f03321e07637737f880851eadb19b7c5eee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /54/42/5b/54425b8e8ac39b56c91d1586d719761f.js HTTP/1.1
Host: profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4673a1da8201dfbb91dc90ce61420ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

52.42.182.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.182.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Gc8mWrq6pYamqD7znrXO2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tOwmj4lAk/dyMpTvGReHaFPUPSg=

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
9f906a51ec11fc48a96eeaf22fdbcbb0
87c8252046a6d70d024e717ca610431bf305dccb
a29940b83a119dcd9453218b767849976bd8f068ccc2ad14570fa21df96de2ff

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://streamsss.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d7b27d096c5e4fd0b72b48fff30f5ae6; expires=Sun, 21 Jan 2024 08:00:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
08d5f6e247476bf494fa9802cc2e8ce9
7c6f9537b0f2f116907c3f135598e44b8cb1541b
5a0fbac520b7dc9c73d124658b20feabadf68096184a4139e45405ebae5d7619

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5A0FBAC520B7DC9C73D124658B20FEABADF68096184A4139E45405EBAE5D7619"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10465
Expires: Sat, 21 Jan 2023 10:54:37 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09e1fce250330e3900ee9cb3e1ce2b45
df3ce40f9bf81e4e7e3b3b7c5ee1ee6d803a184e
c3396c0bce71ab83d49d1a5bb576bf179b8d71cfbacb0b384980caf14ed80ac3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3396C0BCE71AB83D49D1A5BB576BF179B8D71CFBACB0B384980CAF14ED80AC3"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Sat, 21 Jan 2023 13:59:57 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6

139.45.197.239

204 No Content

0 B

URL HTTP/2
cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://streamsss.net/
Origin: https://streamsss.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 21 Jan 2023 08:00:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://streamsss.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

inrhyhorntor.com/500/3766241?excludes=&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
inrhyhorntor.com/500/3766241?excludes=&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/3766241?excludes=&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://streamsss.net/
Origin: https://streamsss.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:12 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://streamsss.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json

173.233.137.36

200 OK

406 B

URL HTTP/1.1
dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (406), with no line terminators
Size
406 B (406 bytes)
Hash
3f4fece170868d63760aabf0f531581b
1991d7c102046fd9c18ee6517e07d7769b2c06dc
d6cafb302812b208c4b91ff95f02bad348a00cb36c79b8f2dff9f14671ad1e2d

HTTP Headers

GET /ac/96/89/ac9689ea4c0b75250967275b2219e87e.json HTTP/1.1
Host: dearestimmortality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:12 GMT
Content-Type: application/json
Content-Length: 406
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d7e3fc9f250905c8586b5d081182c18
Strict-Transport-Security: max-age=0; includeSubdomains

139.45.197.239

200 OK

7 B

URL HTTP/2
cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

POST /9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 249
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Cookie: scm=1; OAID=2816c38342f04726b0712e12d7f8c9a9; oaidts=1674288011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:12 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://streamsss.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 902198dbee73ed1ca4a927f6637da16f
access-control-expose-headers: X-Sc
set-cookie: OAID=d7b27d096c5e4fd0b72b48fff30f5ae6; expires=Sun, 21 Jan 2024 08:00:12 GMT; secure; SameSite=None
oaidts=1674288011; expires=Sun, 21 Jan 2024 08:00:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
08d5f6e247476bf494fa9802cc2e8ce9
7c6f9537b0f2f116907c3f135598e44b8cb1541b
5a0fbac520b7dc9c73d124658b20feabadf68096184a4139e45405ebae5d7619

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5A0FBAC520B7DC9C73D124658B20FEABADF68096184A4139E45405EBAE5D7619"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10465
Expires: Sat, 21 Jan 2023 10:54:37 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K&gtm=2oe1i0&_p=231940034&cid=480354574.1674288011&ul=en-us&sr=1280x1024&_s=1&sid=1674288010&sct=1&seg=0&dl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K&gtm=2oe1i0&_p=231940034&cid=480354574.1674288011&ul=en-us&sr=1280x1024&_s=1&sid=1674288010&sct=1&seg=0&dl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LKBMYHCW0K&gtm=2oe1i0&_p=231940034&cid=480354574.1674288011&ul=en-us&sr=1280x1024&_s=1&sid=1674288010&sct=1&seg=0&dl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://streamsss.net
date: Sat, 21 Jan 2023 08:00:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png

104.22.32.172

200 OK

12 kB

URL HTTP/2
offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
IP
104.22.32.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11899 bytes)
Hash
0fb6066747e1a495065815fb44fb9b41
c62f83dec41d2b508176f11784edc75db8dbb6f8
dca249be9c1aeee895ea79046856c178a1830f46a55cfc7f552b95b04eb3e5a6

HTTP Headers

GET /www/images/0fb6066747e1a495065815fb44fb9b41.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:12 GMT
content-type: image/png
content-length: 11899
last-modified: Thu, 25 Aug 2022 05:53:00 GMT
etag: "63070e3c-2e7b"
expires: Sat, 21 Jan 2023 12:15:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 71103
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83cefa0d0a3d-ARN
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b88464652994ad2172e8e690dd733fae
677337b50ea6d53ffb549fb3f133962471b11d61
5f75906eb392f367f2101cacc3bec49b936e6d38dc92a0404c12940404d856cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F75906EB392F367F2101CACC3BEC49B936E6D38DC92A0404C12940404D856CC"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20147
Expires: Sat, 21 Jan 2023 13:35:59 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b86b4986252fb65c7eb44252594a494d
df2245c1b6f4b18e49191173905a03fee5014756
d33bf1af5177a8ac9758491ded2181caa656a396b4e042e12b80a7c82e4c82a6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D33BF1AF5177A8AC9758491DED2181CAA656A396B4E042E12B80A7C82E4C82A6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12058
Expires: Sat, 21 Jan 2023 11:21:10 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

poshhateful.com/advertisers.js

192.243.61.227

200 OK

0 B

URL HTTP/1.1
poshhateful.com/advertisers.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 889e07a4428152b40fb4ecd80d17cd19
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
669c62ed0cded0415f642a71da5bade6
f7de4047563ce4072316b1b5ced02cb6aa50ad94
64ae58ecab6a9422f354ea5833892f84853943579fd7794840bd5a835c2eb8fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64AE58ECAB6A9422F354EA5833892F84853943579FD7794840BD5A835C2EB8FA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7462
Expires: Sat, 21 Jan 2023 10:04:34 GMT
Date: Sat, 21 Jan 2023 08:00:12 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1ee628b96fabb2d4d3a79387b017bff
Strict-Transport-Security: max-age=0; includeSubdomains

139.45.197.237

200 OK

989 B

URL HTTP/2
inrhyhorntor.com/500/3766241?excludes=&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
989 B (989 bytes)
Hash
283e2b979d2f97c03419c7219be7543c
1c9a4bcedb7808d7e88699df259c485d50b0729e
729136505a67141b9076257142e02c02ee84643be31809e559ec364d37571003

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/3766241?excludes=&oaid=d7b27d096c5e4fd0b72b48fff30f5ae6&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Cookie: OAID=1d2ba387c107449faf5976235126786d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:12 GMT
content-type: application/javascript
x-trace-id: 4eb715ab49ecf4bcbb766152e7cc7418
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://streamsss.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d7b27d096c5e4fd0b72b48fff30f5ae6; expires=Sun, 21 Jan 2024 08:00:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69e036a1f477cc650495207873c09fd3
53a3eb91eb55538d5f632851aefbcf0e836cc09e
e89426d4925937447ccfc8949271d3ea9526a0bbe0a17fc3b3e02c23a1fa3a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E89426D4925937447CCFC8949271D3EA9526A0BBE0A17FC3B3E02C23A1FA3A3F"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10266
Expires: Sat, 21 Jan 2023 10:51:19 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js

192.243.59.20

200 OK

11 kB

URL HTTP/1.1
residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (32119), with no line terminators
Size
11 kB (10747 bytes)
Hash
598ed39ac81e8289b2bd742f0f798b78
6820000bd4b6ad2057326cf9486148159eec1d55
64d71089b1759d49442176e0b61f1dd0fdbdb37c6617aa489ef7d59325edd252

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js HTTP/1.1
Host: residenceseeingstanding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 21 Jan 2023 08:00:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cae0fb5edd3cff3fab4eb42a4445f94
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10684
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10684
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10684
Expires: Sat, 21 Jan 2023 10:58:17 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8698 bytes)
Hash
893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: reROJ7ha0LKGWpSMN0ioNVaIrIEhJUn_cfprHVZlfyY7jBoFyKh0rw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 13:48:55 GMT
age: 65478
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11562 bytes)
Hash
b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 9729
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6068 bytes)
Hash
b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9Elq65CekBIl_QIpAhrwIy_gNmHHhxO_lyhmgA_v7T0LUmCXNMOAQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:39:27 GMT
age: 37246
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10988 bytes)
Hash
5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cxuHpm9vR0_DvHdEtR5p5eRRNAFgCrOTnak0RsH3OeCccehhurKhJA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 01:38:03 GMT
age: 22930
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9657 bytes)
Hash
4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 04:42:20 GMT
age: 11873
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7000 bytes)
Hash
aa786854fde0d99189b458067b9d9418
ddf0fb650816b969d53d6e32ae31074bcb7e944e
a3d08b87658f756aa2f9e3072e87d52db30884aa6b6ab0cd8b278d0c870db2b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7000
x-amzn-requestid: 05354e13-330d-40fc-9a96-ac345cfc80f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BN9HBgoAMF9Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648bf-146e89a423565a04139b19cb;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JPr1Q54hGh5TxVRUTIHXPEviHADCGwqbU5WDd7B4JubG6ZiRG1Yr4Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:28:23 GMT
age: 1910
etag: "ddf0fb650816b969d53d6e32ae31074bcb7e944e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fluffynickname.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a%3A1%3A1

192.243.61.227

200 OK

3.3 kB

URL HTTP/1.1
fluffynickname.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a%3A1%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (6126), with no line terminators
Size
3.3 kB (3338 bytes)
Hash
ab61886f3a722c62dee7f3b6d5355d13
440679c0b5735142b513c41abfc86fc557b20047
7628e9ef10ebea6def50aac32989ef2704ff3e3baeff38817f2bcde6837042bd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a%3A1%3A1 HTTP/1.1
Host: fluffynickname.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://streamsss.net
Access-Control-Allow-Origin: https://streamsss.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16479293; expires=Sun, 22 Jan 2023 08:00:13 GMT; secure; SameSite=None
uid_id2=2d58e92e-416a-4481-85b6-3e1c1f0b470a:1:1; expires=Sat, 28 Jan 2023 08:00:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 22 Jan 2023 08:00:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 22 Jan 2023 08:00:13 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 22 Jan 2023 08:00:13 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 22 Jan 2023 08:00:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf1e3d0f1bdb6004d6333508c128cba2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 06:41:07 GMT
expires: Sat, 21 Jan 2023 08:41:07 GMT
cache-control: public, max-age=7200
age: 4746
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e8555cd54a728c10171ce72414331cdb
5bba7f55e623a10facf0117b3ad4739607385ec8
df970fea629aeffce2f22ff7b780006b10b957b4040aec6b7ddb42c5f546c44c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF970FEA629AEFFCE2F22FF7B780006B10B957B4040AEC6B7DDB42C5F546C44C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Sat, 21 Jan 2023 09:49:41 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
d26d67eab825e381027e414bab05dea3
148c7f94297d5bdca0b2b70b8595d0d558b166e8
5e61b9b75555a745b1f6770ab9f15f65a88b7b850b7c931f6e498776d2cc7b89

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 08:00:13 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 25 Jan 2023 05:26:44 GMT
ETag: "148c7f94297d5bdca0b2b70b8595d0d558b166e8"
Last-Modified: Sat, 21 Jan 2023 05:26:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 851
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce83d3b939b4f4-OSL

fluffynickname.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TPTBskGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDOKjHfj1s1IMoxND%2BP3eFB0c9iMEJeRZKTM9v%2FPwYik%2BQ9r%2B%2FJl0vN9nr7%2FQLTXNjMRD776e91JQp%2BsswsR6SdH9RDeOmhHx5BibdX3QAM9iddQCmpsT7NQBL9xeYYIO9U1KmIVMwcQHlYAKpJ1B0Am7uQ4knBOACt1eR9h%2FdNrakm6cqnalTcu7vv6DKKTn323NI%2B99d1WpYu2t0kSuTOgyTCmo4gepOkBWHyLc8qPIQPP8EShCk%2FQpKHL%2FUEFFHxg25EgYtuhKGnWClE7HWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRnPh%2BO2FJs9kJOefNJudRpyUi0Qw7iY%2BCz9hHyLMRuB6B221kdhs9NYItfoTbqOCEB5cTDESFUhKUjqCkBKUiKHOCclDtCe0arnoktCtYsPCNhW9WY5N3d%2BieybsyJTvZCXlmPrB%2F8jfRk8e1KAwbEevIDuXNmEUtHgcimFG2g7jdChI4VUG5M%2FM2t9SUPP%2Fa08jUlJz79CIYPYTTh%2BDqZdDiRdBy3G74oBvjsONjKz1wuZW071g9lTmEqZDl55Fvejv6hLww54j%2FuADJj6588XD198viQ3BbIbMVPlI%2FEXT1g%2FEdU5LdO6Z05PFqlqu%2B2qKzT72b01ye%2Feam3CyNFTeuudHXb%2FGZMAsP7kmX36KpUGnXkW%2BvKiGkvW4sl%2BSHG25dsrXCbVwtbFpkt9bevn6jn1npnDLpBFQ9%2BeBjcDUlT9nefF0v%2FnkTyk5giwr94ogsDMpMwLNtuGxJ7wyB1csalnkoi2psG2z5qBWBlsucsgruPzlbxjvuAbrWA83vz5d0YCsMdAWqR3DF2XGe2aMrvzTnBqa9MdPW22Xa6s9PR%2BvUcU1GiZ9IvyFZErOkTX0RJ2HMaBzINotogNxN%2BdFXD%2F8FAAD%2F%2FwEAAP%2F%2F0hUOK4YEAAA%3D

192.243.61.227

200 OK

7 B

URL HTTP/1.1
fluffynickname.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TPTBskGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDOKjHfj1s1IMoxND%2BP3eFB0c9iMEJeRZKTM9v%2FPwYik%2BQ9r%2B%2FJl0vN9nr7%2FQLTXNjMRD776e91JQp%2BsswsR6SdH9RDeOmhHx5BibdX3QAM9iddQCmpsT7NQBL9xeYYIO9U1KmIVMwcQHlYAKpJ1B0Am7uQ4knBOACt1eR9h%2FdNrakm6cqnalTcu7vv6DKKTn323NI%2B99d1WpYu2t0kSuTOgyTCmo4gepOkBWHyLc8qPIQPP8EShCk%2FQpKHL%2FUEFFHxg25EgYtuhKGnWClE7HWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRnPh%2BO2FJs9kJOefNJudRpyUi0Qw7iY%2BCz9hHyLMRuB6B221kdhs9NYItfoTbqOCEB5cTDESFUhKUjqCkBKUiKHOCclDtCe0arnoktCtYsPCNhW9WY5N3d%2BieybsyJTvZCXlmPrB%2F8jfRk8e1KAwbEevIDuXNmEUtHgcimFG2g7jdChI4VUG5M%2FM2t9SUPP%2Fa08jUlJz79CIYPYTTh%2BDqZdDiRdBy3G74oBvjsONjKz1wuZW071g9lTmEqZDl55Fvejv6hLww54j%2FuADJj6588XD198viQ3BbIbMVPlI%2FEXT1g%2FEdU5LdO6Z05PFqlqu%2B2qKzT72b01ye%2Feam3CyNFTeuudHXb%2FGZMAsP7kmX36KpUGnXkW%2BvKiGkvW4sl%2BSHG25dsrXCbVwtbFpkt9bevn6jn1npnDLpBFQ9%2BeBjcDUlT9nefF0v%2FnkTyk5giwr94ogsDMpMwLNtuGxJ7wyB1csalnkoi2psG2z5qBWBlsucsgruPzlbxjvuAbrWA83vz5d0YCsMdAWqR3DF2XGe2aMrvzTnBqa9MdPW22Xa6s9PR%2BvUcU1GiZ9IvyFZErOkTX0RJ2HMaBzINotogNxN%2BdFXD%2F8FAAD%2F%2FwEAAP%2F%2F0hUOK4YEAAA%3D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TPTBskGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDOKjHfj1s1IMoxND%2BP3eFB0c9iMEJeRZKTM9v%2FPwYik%2BQ9r%2B%2FJl0vN9nr7%2FQLTXNjMRD776e91JQp%2BsswsR6SdH9RDeOmhHx5BibdX3QAM9iddQCmpsT7NQBL9xeYYIO9U1KmIVMwcQHlYAKpJ1B0Am7uQ4knBOACt1eR9h%2FdNrakm6cqnalTcu7vv6DKKTn323NI%2B99d1WpYu2t0kSuTOgyTCmo4gepOkBWHyLc8qPIQPP8EShCk%2FQpKHL%2FUEFFHxg25EgYtuhKGnWClE7HWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRnPh%2BO2FJs9kJOefNJudRpyUi0Qw7iY%2BCz9hHyLMRuB6B221kdhs9NYItfoTbqOCEB5cTDESFUhKUjqCkBKUiKHOCclDtCe0arnoktCtYsPCNhW9WY5N3d%2BieybsyJTvZCXlmPrB%2F8jfRk8e1KAwbEevIDuXNmEUtHgcimFG2g7jdChI4VUG5M%2FM2t9SUPP%2Fa08jUlJz79CIYPYTTh%2BDqZdDiRdBy3G74oBvjsONjKz1wuZW071g9lTmEqZDl55Fvejv6hLww54j%2FuADJj6588XD198viQ3BbIbMVPlI%2FEXT1g%2FEdU5LdO6Z05PFqlqu%2B2qKzT72b01ye%2Feam3CyNFTeuudHXb%2FGZMAsP7kmX36KpUGnXkW%2BvKiGkvW4sl%2BSHG25dsrXCbVwtbFpkt9bevn6jn1npnDLpBFQ9%2BeBjcDUlT9nefF0v%2FnkTyk5giwr94ogsDMpMwLNtuGxJ7wyB1csalnkoi2psG2z5qBWBlsucsgruPzlbxjvuAbrWA83vz5d0YCsMdAWqR3DF2XGe2aMrvzTnBqa9MdPW22Xa6s9PR%2BvUcU1GiZ9IvyFZErOkTX0RJ2HMaBzINotogNxN%2BdFXD%2F8FAAD%2F%2FwEAAP%2F%2F0hUOK4YEAAA%3D HTTP/1.1
Host: fluffynickname.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Cookie: u_pl=16479293; uid_id2=2d58e92e-416a-4481-85b6-3e1c1f0b470a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea669ef8cba92bda7fff2962409ef9ef
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
f72c8639241c47414385221178b5ff02
b1a4c71dc5405231317bc9a7e4850e9b000bc298
8ca14969c708420da346989dc7184303b0025649aec2642c84c12a0a2b453fd9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8CA14969C708420DA346989DC7184303B0025649AEC2642C84C12A0A2B453FD9"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6607
Expires: Sat, 21 Jan 2023 09:50:20 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

74 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Size
74 kB (73769 bytes)
Hash
a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73769
date: Sat, 21 Jan 2023 08:00:13 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sat, 21 Jan 2023 09:00:13 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/img/close.png

172.64.167.9

200 OK

6.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/img/close.png
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/ssp/sweep/social-box/white-small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 21 Sep 2021 12:02:03 GMT
etag: "6149c9bb-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5767741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnJv%2FYW5xtW3Sy6lIZ6ysa1DAFLG2zyjJN5c1%2BwPBtwb5n2kU%2B37Z0tmkgspOef6JnbKTxTO79cKVHf%2FqbhSoqp3lGxE0%2BY8Znu7%2FKDzM3WE4N8AuXzppPLM20iAR52Y1KyO2ll5SfwL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d4cc9e772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
f72c8639241c47414385221178b5ff02
b1a4c71dc5405231317bc9a7e4850e9b000bc298
8ca14969c708420da346989dc7184303b0025649aec2642c84c12a0a2b453fd9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8CA14969C708420DA346989DC7184303B0025649AEC2642C84C12A0A2B453FD9"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6607
Expires: Sat, 21 Jan 2023 09:50:20 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17b5497dcca96babf4213b1b57650fab
3a526e7aba95d5b5f478981622d8fceb7a30700e
7d035ad50cf4a906b236cbd1eebf42fd3fdfa76145b627eb3de2c02a0a004c3d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D035AD50CF4A906B236CBD1EEBF42FD3FDFA76145B627EB3DE2C02A0A004C3D"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6442
Expires: Sat, 21 Jan 2023 09:47:35 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0363749749776c8a7380e09ccb98917c
2685d9ba9640a1ac0c980d3065dc3070f3e3a077
c95b206abff72c1f690041a5ecbbaea2f671c428785335cb0c39e8c3dc28bf08

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C95B206ABFF72C1F690041A5ECBBAEA2F671C428785335CB0C39E8C3DC28BF08"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11441
Expires: Sat, 21 Jan 2023 11:10:54 GMT
Date: Sat, 21 Jan 2023 08:00:13 GMT
Connection: keep-alive

widgets.amung.us/small/53/5375.png

172.67.8.141

200 OK

333 B

URL HTTP/2
widgets.amung.us/small/53/5375.png
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Size
333 B (333 bytes)
Hash
8d530d2383659980e1494feef30513b4
247143622cac942583e4b7b9be748bbc996c478f
4c0daa625af625bc6849451596c3488d7fcfd26f182eeb4eb6bfbaad6c1ef23c

HTTP Headers

GET /small/53/5375.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamsss.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: image/png
content-length: 333
last-modified: Sun, 13 Jun 2010 09:48:34 GMT
etag: "4c14a972-14d"
expires: Sat, 21 Jan 2023 00:07:40 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 114753
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d57bccb4f7-OSL
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png

45.133.44.10

200 OK

33 kB

URL HTTP/2
cdn.cloudimagesb.com/si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32558 bytes)
Hash
99620d5e4f1ae93546c6dd31a58b5dd2
9dbe4c1e192890c3ddf47e7d1b7ba083b6c81aa6
8bb431af545d60f16b55862430b4876b8443d4d2969eaa49be045d414864b3f2

HTTP Headers

GET /si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: image/png
content-length: 32558
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:41:17 GMT
etag: "63656add-7f2e"
expires: Mon, 23 Jan 2023 08:00:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html

45.133.44.3

200 OK

464 B

URL HTTP/2
cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text
Size
464 B (464 bytes)
Hash
568d23515bc0ac5b5133774bc52efd97
baa19c4a7c2a3311575f2711718095001c8fdde8
0f3e4bc9dddb58ca2f3566476ea0248a38d6574136960963363ecbf6c8b0f214

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:20:22 GMT
etag: W/"614c7106-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 21 Jan 2023 09:00:13 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js

172.64.167.9

200 OK

16 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
16 kB (16056 bytes)
Hash
a1b24b8aec8019b04b5b9efd0d714bc2
1acfb789640d8dda1d70ff5160b22d9683d84765
8188ea6bf4e130338d5c8a33db144acf3ecbe3ad25987c936a2a69a476e458d8

HTTP Headers

GET /sb/ssp/sweep/social-box/white-small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5766953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i11E2EDMxoBoaC9fSPTXtFVSkwPUoGhNJhThtsq3td3LnwuvNcARGeLNjnF%2B5HjcvwOODurOwXRhtYNttn9FT%2B3fLqsCAZgC2kQQDAy6MulsdCBeETMKxbcb0XdHTQdUZg1z5OMj12d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d64e20772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:06 GMT
expires: Wed, 17 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 327067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

77.88.21.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/64815175?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 21 Jan 2023 08:00:13 GMT
access-control-allow-origin: https://streamsss.net
set-cookie: yabs-sid=1642475961674288013; Path=/; SameSite=None; Secure
i=psCgd9q8jtpv6RwAFnWTgHjYy96AefZxSbtZI0d1cPGOqeXJLYxQd18AL2gcP5nt3XY7lhu8it8Onbfbbr+EYsWCGuc=; Expires=Tue, 18-Jan-2033 08:00:02 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9870042591674288013; Expires=Sun, 21-Jan-2024 08:00:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9870042591674288013; Expires=Sun, 21-Jan-2024 08:00:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705824013.yc.1674288013#1705824013.yrts.1674288013#1705824013.yrtsi.1674288013; Expires=Sun, 21-Jan-2024 08:00:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 08:00:13 GMT
last-modified: Sat, 21-Jan-2023 08:00:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fluffynickname.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TP9BgkGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDTlDv%2BPWwUQ%2BiEEP7%2F9wVHhz1IAYn5FkoMT2%2F8fNjKD5B2v%2F%2BmnS93GSvv9MvNM2NxUDsv5%2F2UlOm6C%2FDxHpI0v1FNYybEvLlGZh0f9EBzGB31gGYmhLv1wAs3V9ggg32TkmZhkzBxAWUgwmknkDRCbi5DyWeEIAL3F5F2n9029iSbp6qdKZOybm%2F%2F4Iqp%2BTcb88h7X93Vath7a7RRa5M6jBMKqjhBKo7QVYcIt%2FyoMpD8PwTKEGQ9isocfxSQ0Sx7DTkShi06EoYxsFKHLHWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRJ%2FH9dsKSZjMOOefNJudR3BKRaIZx4qPgM%2FYR8mwErkfgdhuZ3UZPjWCLH%2BE2KjjhweUEA1GhlASlIygpQakIypygHFR7QruGqx4J7QoWLHxj4ZvV2OTdHbpn8q5MyU52Qp6ZD%2Byf%2FE305HEtCsNGxGIZU97ssKjFO4EIZpTtoNNuBQmcqqDcmXmbW2pKnn%2FtaWRqSs59ehGMHsLpQ3D1MmjxImg5bjd80I1xGPvYSg9cbiXtO1ZPZQ5hKmT5eeSb3o4%2BIS%2FMOTp%2FXIDkR1e%2BeLj6%2B2XxIbitkNkKH6mfCLr6wfiOKcnuHVM68ng1y1VfbdHZp97NaS7PfnNTbpbGihvX3Ojrt%2FhMmIUH96TLb9FUqLTryLdXlRDSXjeWS%2FLDDbcu2VrhNq4WNi2yW2tvX7%2FRz6x0Tpl0AqqefPAxuJqSp2xvvq4X%2F7wJZSewRYV%2BcUQWBmUm4Nk2XLakd4bA6mUNyzyURTW2DbZ81IpAy2VOWQX3n5wt4x33AF3rgeb350s6sBUGugLVI7ji7DjP7NGVX5pzA9PemGnr7TJt9eeno3XquBYFoYxZ3OZCMMlF0G4046bvN4QI2x0ZdJC7KT%2F66uG%2FAAAA%2F%2F8BAAD%2F%2F8YdgM2GBAAA

192.243.61.227

200 OK

7 B

URL HTTP/1.1
fluffynickname.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TP9BgkGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDTlDv%2BPWwUQ%2BiEEP7%2F9wVHhz1IAYn5FkoMT2%2F8fNjKD5B2v%2F%2BmnS93GSvv9MvNM2NxUDsv5%2F2UlOm6C%2FDxHpI0v1FNYybEvLlGZh0f9EBzGB31gGYmhLv1wAs3V9ggg32TkmZhkzBxAWUgwmknkDRCbi5DyWeEIAL3F5F2n9029iSbp6qdKZOybm%2F%2F4Iqp%2BTcb88h7X93Vath7a7RRa5M6jBMKqjhBKo7QVYcIt%2FyoMpD8PwTKEGQ9isocfxSQ0Sx7DTkShi06EoYxsFKHLHWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRJ%2FH9dsKSZjMOOefNJudR3BKRaIZx4qPgM%2FYR8mwErkfgdhuZ3UZPjWCLH%2BE2KjjhweUEA1GhlASlIygpQakIypygHFR7QruGqx4J7QoWLHxj4ZvV2OTdHbpn8q5MyU52Qp6ZD%2Byf%2FE305HEtCsNGxGIZU97ssKjFO4EIZpTtoNNuBQmcqqDcmXmbW2pKnn%2FtaWRqSs59ehGMHsLpQ3D1MmjxImg5bjd80I1xGPvYSg9cbiXtO1ZPZQ5hKmT5eeSb3o4%2BIS%2FMOTp%2FXIDkR1e%2BeLj6%2B2XxIbitkNkKH6mfCLr6wfiOKcnuHVM68ng1y1VfbdHZp97NaS7PfnNTbpbGihvX3Ojrt%2FhMmIUH96TLb9FUqLTryLdXlRDSXjeWS%2FLDDbcu2VrhNq4WNi2yW2tvX7%2FRz6x0Tpl0AqqefPAxuJqSp2xvvq4X%2F7wJZSewRYV%2BcUQWBmUm4Nk2XLakd4bA6mUNyzyURTW2DbZ81IpAy2VOWQX3n5wt4x33AF3rgeb350s6sBUGugLVI7ji7DjP7NGVX5pzA9PemGnr7TJt9eeno3XquBYFoYxZ3OZCMMlF0G4046bvN4QI2x0ZdJC7KT%2F66uG%2FAAAA%2F%2F8BAAD%2F%2F8YdgM2GBAAA
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq%2FPjYi4qgngwzEFBxZ10z3TP9BgkGGMkJGaXJLrgrX71bDk1XU1V9%2FTs4mExKLkExpOCl97v7GZRFzF%2FgCCzXmRPGQ%2ByB9ebeBe8eJGZHRh9UPXeq%2B87fN6r99lOcUJ8FPR47T2zpbSml6K6X3tlXaXClK52%2B14t8Ov%2B5dq6Slvh5dpwdtnBG4Ef1f1Xa%2B9K3jOXGn7g%2B4Ef1K4rKxMzvDRXobKDTlDv%2BPWwUQ%2BiEEP7%2F9wVHhz1IAYn5FkoMT2%2F8fNjKD5B2v%2F%2BmnS93GSvv9MvNM2NxUDsv5%2F2UlOm6C%2FDxHpI0v1FNYybEvLlGZh0f9EBzGB31gGYmhLv1wAs3V9ggg32TkmZhkzBxAWUgwmknkDRCbi5DyWeEIAL3F5F2n9029iSbp6qdKZOybm%2F%2F4Iqp%2BTcb88h7X93Vath7a7RRa5M6jBMKqjhBKo7QVYcIt%2FyoMpD8PwTKEGQ9isocfxSQ0Sx7DTkShi06EoYxsFKHLHWSlMGPEh8FrZ9Oh%2BNUhOoZAItR6DOQzE7ykOReCgyD31xXKNRJ%2FH9dsKSZjMOOefNJudR3BKRaIZx4qPgM%2FYR8mwErkfgdhuZ3UZPjWCLH%2BE2KjjhweUEA1GhlASlIygpQakIypygHFR7QruGqx4J7QoWLHxj4ZvV2OTdHbpn8q5MyU52Qp6ZD%2Byf%2FE305HEtCsNGxGIZU97ssKjFO4EIZpTtoNNuBQmcqqDcmXmbW2pKnn%2FtaWRqSs59ehGMHsLpQ3D1MmjxImg5bjd80I1xGPvYSg9cbiXtO1ZPZQ5hKmT5eeSb3o4%2BIS%2FMOTp%2FXIDkR1e%2BeLj6%2B2XxIbitkNkKH6mfCLr6wfiOKcnuHVM68ng1y1VfbdHZp97NaS7PfnNTbpbGihvX3Ojrt%2FhMmIUH96TLb9FUqLTryLdXlRDSXjeWS%2FLDDbcu2VrhNq4WNi2yW2tvX7%2FRz6x0Tpl0AqqefPAxuJqSp2xvvq4X%2F7wJZSewRYV%2BcUQWBmUm4Nk2XLakd4bA6mUNyzyURTW2DbZ81IpAy2VOWQX3n5wt4x33AF3rgeb350s6sBUGugLVI7ji7DjP7NGVX5pzA9PemGnr7TJt9eeno3XquBYFoYxZ3OZCMMlF0G4046bvN4QI2x0ZdJC7KT%2F66uG%2FAAAA%2F%2F8BAAD%2F%2F8YdgM2GBAAA HTTP/1.1
Host: fluffynickname.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Cookie: u_pl=16479293; uid_id2=2d58e92e-416a-4481-85b6-3e1c1f0b470a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e16190d23dd3332a89a669ee15638ac
Strict-Transport-Security: max-age=0; includeSubdomains

distributionrealmoth.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fjs%2Fscript.js&l=774&fd=103

192.243.59.13

200 OK

0 B

URL HTTP/1.1
distributionrealmoth.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fjs%2Fscript.js&l=774&fd=103
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fjs%2Fscript.js&l=774&fd=103 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 08:00:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

distributionrealmoth.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fanimate.css&l=79249&fd=96

192.243.59.13

200 OK

0 B

URL HTTP/1.1
distributionrealmoth.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fanimate.css&l=79249&fd=96
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fanimate.css&l=79249&fd=96 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 08:00:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

mc.yandex.ru/metrika/advert.gif

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 21 Jan 2023 08:00:14 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 21 Jan 2023 09:00:14 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

77.88.21.119

200 OK

419 B

URL HTTP/2
mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size
419 B (419 bytes)
Hash
2e896f66e630d05fab38c3e1d8f8538e
bcdc12d058f55cab6019c6028d54915380d192ea
4fc877f8fd352180307e49ab983911fbf9abc1d29fd619d73f5802d0c38057e4

HTTP Headers

GET /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1099%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A425938613412%3Ahid%3A475167520%3Az%3A0%3Ai%3A20230121080012%3Aet%3A1674288013%3Ac%3A1%3Arn%3A786416225%3Arqn%3A1%3Au%3A1674288013582330448%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C116%2C147%2C0%2C327%2C0%2C%2C998%2C5%2C%2C%2C%2C1602%3Aco%3A0%3Ans%3A1674288009524%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674288013%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Referer: https://streamsss.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 419
date: Sat, 21 Jan 2023 08:00:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://streamsss.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 08:00:14 GMT
last-modified: Sat, 21-Jan-2023 08:00:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fluffynickname.com/pixel/sbs?c=1

192.243.61.227

200 OK

660 B

URL HTTP/1.1
fluffynickname.com/pixel/sbs?c=1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
gzip compressed data, max compression\012- data
Size
660 B (660 bytes)
Hash
5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: fluffynickname.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Cookie: u_pl=16479293; uid_id2=2d58e92e-416a-4481-85b6-3e1c1f0b470a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a7a4a3d358e01b43771ddd49cda3539d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a7a4a3d358e01b43771ddd49cda3539d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2d58e92e-416a-4481-85b6-3e1c1f0b470a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a7a4a3d358e01b43771ddd49cda3539d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 21 Jan 2023 08:00:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efdb06ce91bf7a996af3380b635c7784
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css2?family=Quicksand&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Quicksand&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Quicksand&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 21 Jan 2023 08:00:11 GMT
date: Sat, 21 Jan 2023 08:00:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

whos.amung.us/swidget/streamsbdl

172.67.8.141

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/swidget/streamsbdl
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swidget/streamsbdl HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/small/53/5375.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78ce83d34993b4f7-OSL
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/style.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/sweep/social-box/white-small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: text/css
last-modified: Mon, 24 Jan 2022 10:39:40 GMT
etag: W/"61ee81ec-123b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5766775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPvmIfcAdkqSniLVtW9ppd0ea%2BImkUmHVFyQPUzDoQpq8HHh8Fc1P3hb9eriLJ1LNs8OpubLrhaBGPFBwrf8wt42Kr7wYcd1Cohf0NVechXntxpYQ0IHDilwQ9el1CiIOKpBY%2B%2BCcTYw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d49c5a772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
cdn-cache: HIT
cf-cache-status: HIT
age: 739327
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78ce83c5e85eb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.166.29

200 OK

0 B

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.166.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 12bf987814d84b3c7da68a3071c1f9c2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2023 08:00:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1ghY78ylaFtRaZg3z0Un%2FGSZZYi67RmuJy57b5YDKD3kmLKmqHS5wvD1eA6GfFv%2F1U%2BTK1oGVcekWvvp6jDT9%2B1blRzwD8hotYqXLrNZlZElD9WLboVQHCzbKaThbBrWoiTj7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83cb9a3276fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=3785253

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddien.club/apu.php?zoneid=3785253
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /apu.php?zoneid=3785253 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: application/javascript
x-trace-id: 5ace40c969d743e341f45b433ec0a989
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ea426dd7556443df936a1a6b47847fa6; expires=Sun, 21 Jan 2024 08:00:11 GMT; path=/; secure; SameSite=None
oaidts=1674288011; expires=Sun, 21 Jan 2024 08:00:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.uponelectabuzzor.club/1?z=4422977

139.45.197.239

200 OK

0 B

URL HTTP/2
cdn.uponelectabuzzor.club/1?z=4422977
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1?z=4422977 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b90a03f96b6f96dc6073b4a7cea45855
access-control-expose-headers: X-Sc
x-sc: suZZkuzIyhrYWhs0ZtPdqNP89Sv72Unga585oe7QDanWnz3EOzUO4kliQyEkTQvJEfnvR6R52dfnpsTUUBrZvTsZoio=
set-cookie: scm=1; expires=Sun, 21 Jan 2024 08:00:11 GMT; secure; SameSite=None
OAID=2816c38342f04726b0712e12d7f8c9a9; expires=Sun, 21 Jan 2024 08:00:11 GMT; secure; SameSite=None
oaidts=1674288011; expires=Sun, 21 Jan 2024 08:00:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.itskiddien.club/?rb=gM0t99xsbvH79JxwkrRu6K78X68yuulxr3w4oMPg0QS_OFwL6oCPsTNBI3W5arClvjr4zwiuZe2ceuY_nE86uBvXxU2pFFzRC9B0JvXnuhxkpjn1s5vWwZGLLoChgZ0ITg5lQzk2YW9iJoHI85Y0PfSDUGOcmfW11lfecTWuz9VHJ3soByXTd29nLuHAkD3ep2TvmSdwZ4M4YteyUriNhYarW0qwmNDR8hBmvtHa8dw%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=72a1ab8f-c893-4364-ad34-7a561ae42a3f&userId=d7b27d096c5e4fd0b72b48fff30f5ae6&m=link

139.45.197.236

200 OK

0 B

URL HTTP/2
cdn.itskiddien.club/?rb=gM0t99xsbvH79JxwkrRu6K78X68yuulxr3w4oMPg0QS_OFwL6oCPsTNBI3W5arClvjr4zwiuZe2ceuY_nE86uBvXxU2pFFzRC9B0JvXnuhxkpjn1s5vWwZGLLoChgZ0ITg5lQzk2YW9iJoHI85Y0PfSDUGOcmfW11lfecTWuz9VHJ3soByXTd29nLuHAkD3ep2TvmSdwZ4M4YteyUriNhYarW0qwmNDR8hBmvtHa8dw%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=72a1ab8f-c893-4364-ad34-7a561ae42a3f&userId=d7b27d096c5e4fd0b72b48fff30f5ae6&m=link
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=gM0t99xsbvH79JxwkrRu6K78X68yuulxr3w4oMPg0QS_OFwL6oCPsTNBI3W5arClvjr4zwiuZe2ceuY_nE86uBvXxU2pFFzRC9B0JvXnuhxkpjn1s5vWwZGLLoChgZ0ITg5lQzk2YW9iJoHI85Y0PfSDUGOcmfW11lfecTWuz9VHJ3soByXTd29nLuHAkD3ep2TvmSdwZ4M4YteyUriNhYarW0qwmNDR8hBmvtHa8dw%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fstreamsss.net%2Fd%2F30iqsw26jj0u%3Fcaption_1%3Dhttps%3A%2F%2Fmsubload.com%2Fsub%26sub_1%3DEnglish&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=72a1ab8f-c893-4364-ad34-7a561ae42a3f&userId=d7b27d096c5e4fd0b72b48fff30f5ae6&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamsss.net/
Origin: https://streamsss.net
Connection: keep-alive
Cookie: OAID=ea426dd7556443df936a1a6b47847fa6; oaidts=1674288011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 08:00:12 GMT
content-type: application/json
x-trace-id: eea121bed25654d90a876978c1a41870
access-control-allow-origin: https://streamsss.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d7b27d096c5e4fd0b72b48fff30f5ae6; expires=Sun, 21 Jan 2024 08:00:12 GMT; path=/; secure; SameSite=None
oaidts=1674288012; expires=Sun, 21 Jan 2024 08:00:12 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 28 Jan 2023 08:00:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/animate.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/animate.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/sweep/social-box/white-small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamsss.net
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:02:02 GMT
etag: W/"6149c9ba-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5766775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi79MVa3eB9V0NMyjyRIX1MLupaz9WMmjEV5J01kN1ueO8gXnoU%2FyJQRCVi2fa5qlDPvM1iRtt27o%2BQ5U9Qwd18jRbG4hAnEXj4wD3hThTge6VbJcJfz6j5%2FXHQ1efS%2B9BXPTmcSOlOJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d46c24772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/sweep/social-box/white-small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:13 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5767741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQivEU1z5OKSDaIMIZI6qwmrS5ZrQ4VQPwg3%2F6KU9O4kgQ9GtVNPbIa%2BkV3lPFDWIWpE2bP6Fi2Z8B7ygNZwiQXeUvLvl56kqwKMALpqu%2BFfDWs93baLPQrwGKrrDT9iG6qItRGXC3Py"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83d4cca2772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English

172.64.171.26

200 OK

0 B

URL HTTP/2
streamsss.net/d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English
IP
172.64.171.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /d/30iqsw26jj0u?caption_1=https://msubload.com/sub&sub_1=English HTTP/1.1
Host: streamsss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:10 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 20 Jan 2023 08:00:10 GMT
set-cookie: lang=1; domain=.streamsss.net; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPB%2FnNWWdhiyPPsIEpryn0%2Bql9l967kzQAV7tXCooAZc70487b1TKHT0Qzt2M2wXtOMN%2BOmOw6BhKIrHL2CUDKM0WS1SYI%2BD9gV5nfNy6t%2Fi4h4mgXfDPYUPVk3ToXjS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce83c39d4576cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.10.2/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.10.2/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.10.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamsss.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 08:00:11 GMT
content-type: text/css
x-amz-id-2: GhbN+A8ZKduJYtRXDaTwNB12OIuv3GVMDpyGOZzUSS8gKjnz3f6xuBUqJ292IoA7SPKnFJGuGOI=
x-amz-request-id: BJWR2AMPWD0M3Z20
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2112537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI1B51SzvtVVOqpwt2LT1HHOqtFScf8bNwwb3p61yRFKGkIPxelbQrAMocRPGUCJJCyKtx8rGHPhC0wYhJHLizVk3l66U%2F9EHPX%2BPzdLBe0JnVjYkye0rLwcNYlyRSeT40r8Ob5%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ce83c60e6c8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML