r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8187
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 18:46:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6280
Cache-Control: max-age=149349
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:15:51 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4522
Expires: Thu, 24 Nov 2022 20:02:04 GMT
Date: Thu, 24 Nov 2022 18:46:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 18:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1663
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VhPWCsdremQehcIHYjMqRUxOMIFeyzVRA01WX16EDzr6L0Ekm23uELZBFbcQCHOtRAYH+iE+3k8=
x-amz-request-id: M41EX79E6SGEB2NQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 18:43:30 GMT
age: 192
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
streamgo.to/xb_1
104.21.94.10200 OK 4.4 kB IP 104.21.94.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7886), with CRLF, LF line terminators
Hash 64c08d3ae2bdfd64cca414275e1ba961
8d8b81361a7b41b5dd8c8c5f077f972623bc13d1
82f1571e0886a196109a03242f258692322d6adb81b1486df1ebdd95a93c2625
GET /xb_1 HTTP/1.1
Host: streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.4.21
X-FRAME-OPTIONS: deny
Content-Security-Policy: frame-ancestors 'none';
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb9FBUrlLo8aOtgpGpN0uKP7oiE8HW8O4dnZIRO26vFLvNf1m8mBPzcaEhPIZi9cp6rKJPrIn0UmDMGuV0buU7TkmQyI0kZACO%2BBVk3WQh1CMfVt9lfwR%2BtjnQCVtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f44f11ebc8b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4ecdbf33c6cdb5df6d6efcab68c593fd
200a05006b98eab4ffb9ffd65c5b5e72052c804a
105f36147e2910be82f7d7e33f74a4fa4a356cc82de051f84f92c0864f06b478
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4023
Cache-Control: max-age=150678
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Etag: "637f55f1-118"
Expires: Sat, 26 Nov 2022 12:38:00 GMT
Last-Modified: Thu, 24 Nov 2022 11:30:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4ecdbf33c6cdb5df6d6efcab68c593fd
200a05006b98eab4ffb9ffd65c5b5e72052c804a
105f36147e2910be82f7d7e33f74a4fa4a356cc82de051f84f92c0864f06b478
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4023
Cache-Control: max-age=150678
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Etag: "637f55f1-118"
Expires: Sat, 26 Nov 2022 12:38:00 GMT
Last-Modified: Thu, 24 Nov 2022 11:30:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4ecdbf33c6cdb5df6d6efcab68c593fd
200a05006b98eab4ffb9ffd65c5b5e72052c804a
105f36147e2910be82f7d7e33f74a4fa4a356cc82de051f84f92c0864f06b478
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4023
Cache-Control: max-age=150678
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Etag: "637f55f1-118"
Expires: Sat, 26 Nov 2022 12:38:00 GMT
Last-Modified: Thu, 24 Nov 2022 11:30:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
cdn.streamgo.to/images/sportsx/tennis.png
172.67.217.208200 OK 1.4 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/tennis.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ba1857c99f008c2e875bdbd2fb5fc9b
723f6f904314eabea5b06ef66b7728276697793e
ce8cfb844dd18fc39ab3820f0b92ab129702955d68f1ec0bbd0bd299dfcee55e
GET /images/sportsx/tennis.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1352
last-modified: Sat, 05 Feb 2022 17:23:44 GMT
etag: "61feb2a0-548"
expires: Mon, 28 Nov 2022 09:05:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2281243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu7WoufuRiynhCt2mx6QOUWZVE9G6HWjbSrBC6jWIaCVPrbKHbFz2SZ%2FsuZvW20Vtitu4t9US9Gvr17RlZdT4GzsvadBFmmZFEEBU6FRcuGm9gCmxufinQFO5SGDbDE6iMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e67b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/icehockey.png
172.67.217.208200 OK 689 B URL HTTP/2 cdn.streamgo.to/images/sportsx/icehockey.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 79bcb03678176158352005b839b8d5b1
258117a35825c569e2f32c4b9ce28891798dfc9d
5fa819481714ad0de146249bc2002d3211457871d980a33a8a5edaa25693bf0c
GET /images/sportsx/icehockey.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 689
last-modified: Sat, 05 Feb 2022 17:23:10 GMT
etag: "61feb27e-2b1"
expires: Sun, 04 Dec 2022 07:39:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1768042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6a8GR0LJej6U9Ygb1ZPWS5FvkaKyNPwv3%2BvL63TNYEvTOvDwJA98d8vyXECMfGTPhKhvQVO97ElNoIs3UFZY6QNFt1dw5Ho66ESX1H%2FAF%2BGyA%2BTj24kXnYqvFeUQe3okeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e81b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/streamgoto_logo.png
172.67.217.208200 OK 9.7 kB URL HTTP/2 cdn.streamgo.to/images/streamgoto_logo.png
IP 172.67.217.208:0
File type PNG image data, 300 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ed9ca3a8997913f807a3967404a40df
caa34063caed27e15ba3dea9377a2a716d3ae2a3
5fed6bf012b980212752091677e8accfc2b20d0d1515baa0a5e957e8f04873ba
GET /images/streamgoto_logo.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 9734
last-modified: Sat, 05 Feb 2022 17:22:48 GMT
etag: "61feb268-2606"
expires: Thu, 01 Dec 2022 18:15:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1989060
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbr%2FqPX2hO%2FUEMM2zfYy%2B0YizH7slqnsONFV%2FuZ5mMmcNq5pj6CP30Ac7PKXqRQpMiD98bhW7ACqzp%2FlDlRFDWb4rlWL159xxhVQQYZ%2FHwuF0goumaKoOgnSub1UegGTewI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e92b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/other.png
172.67.217.208200 OK 1.0 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/other.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e60451fe8e31cd689e8783dd3d96903
98053a87623eeb1f2bdbb766e7809687a74e31d5
909f61170e95d95a97b785b79500dddfc2e405065eb40d276518af7917393aa6
GET /images/sportsx/other.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1007
last-modified: Sat, 05 Feb 2022 17:24:00 GMT
etag: "61feb2b0-3ef"
expires: Wed, 30 Nov 2022 01:21:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2136322
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl9EBoGm7fMMhFXyIhNOTKSHRjIYX4ak6dOUwRBtwb5RHOEFhgnuWQ7TA7t9wk29Iw4wdD%2BMX7Nres9u82fulTzCS4XMvz7GE2cvI7Hxf6FiCUZ237YQLd7na4b2WlbEgZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e8eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/tvchannel.png
172.67.217.208200 OK 1.1 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/tvchannel.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73b4e5e9fb388b6973c4f1af43a728ab
0c5a6356830fe3e5e022a280ead7871477ee7195
e7334ea45c2b6738e36fced6aef761e5bd387469307349dd5912cd63b4d63dfb
GET /images/sportsx/tvchannel.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1109
last-modified: Sat, 05 Feb 2022 17:24:14 GMT
etag: "61feb2be-455"
expires: Fri, 25 Nov 2022 13:36:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2524189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGuzb91t7JNxmhfxGwSRgAvpWUHpvTxFwn%2FZ429DlCN2yBqPfNph2QtEKZzlW8eRGfzOmfhbl5eSGrKm0U7v5WNolmjdHRqGyC9Rf%2FuhlklcRkb3stOmuCPGkIGYsUcDEY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e97b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/boxing.png
172.67.217.208200 OK 996 B URL HTTP/2 cdn.streamgo.to/images/sportsx/boxing.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a151f7790cfddcab46a5e0fb64e072c
922b30a660eb76adecacf40df81839a41412d619
d1559bb4f9bbc858e9a3d748f16a0219b07f078e8ae38e14e17a8ec2e069d77c
GET /images/sportsx/boxing.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 996
last-modified: Sat, 05 Feb 2022 17:23:02 GMT
etag: "61feb276-3e4"
expires: Sun, 04 Dec 2022 07:39:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1768042
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6E9zWvz%2BAmA6Cpm4o%2BGLsZwKLwGbyhw8vnqqdrxnqlbs%2F%2BVj9qrOsarXHRQPqbrFhAvZaqpdoILLm%2FDSYcD1wWBOdhEpVIX8hinQ9dBHQ7FcEnPD3j0EQpdp8K7yPc%2FT9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e82b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/basketball.png
172.67.217.208200 OK 1.4 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/basketball.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 55d962445791a82ecb58a51fc937e166
5ef58d4018fe1b28f915db2f5936fe6667dad14c
d1224e0192b2b23e8ef2937d5e6e4f2b38a794c5ca5eab776ad23ddf8445c6df
GET /images/sportsx/basketball.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1372
last-modified: Sat, 05 Feb 2022 17:24:06 GMT
etag: "61feb2b6-55c"
expires: Wed, 30 Nov 2022 01:21:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2136322
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5em6zXBzdGXwgkiX1G4h27cFsPsjGcAAFmrc7%2BGkXnt6SAitbEuUoW5zzaPw5tav0zninJd9cUjRiGNLJcFkMwbyTff4jgMTnEd9fNkBDv62sKEVnouIpxcziKz5lzAIJtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15aea2b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/sportsx/football.png
172.67.217.208200 OK 1.4 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/football.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fd53138110264beca7e6c82e39ed0a5f
98982045a2bd3ce78bf8228affbb2cf82f9aa918
30990a35bc3f1c013d6cb605c0c849b3fd127aa93472a9489fbf88f595635b92
GET /images/sportsx/football.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1363
last-modified: Sat, 05 Feb 2022 17:24:42 GMT
etag: "61feb2da-553"
expires: Wed, 30 Nov 2022 01:21:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2136322
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Bnt5fobKuX41PQgOEj8fAFNf1Y3FIjYBysCq4mmyyaYlTvnNCyR%2B8MPSn0T%2BKhi33yAFtIJIubmkUBeKbBHjh%2FiOjf6XhsjK3J0OQFbn%2FifaRTJ7pBSQ%2BJAfHYPYV9FSUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15ae9db524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4ecdbf33c6cdb5df6d6efcab68c593fd
200a05006b98eab4ffb9ffd65c5b5e72052c804a
105f36147e2910be82f7d7e33f74a4fa4a356cc82de051f84f92c0864f06b478
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5240
Cache-Control: max-age=151895
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Etag: "637f55f1-118"
Expires: Sat, 26 Nov 2022 12:58:17 GMT
Last-Modified: Thu, 24 Nov 2022 11:30:57 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 280
cdn.streamgo.to/images/sportsx/racing.png
172.67.217.208200 OK 1.0 kB URL HTTP/2 cdn.streamgo.to/images/sportsx/racing.png
IP 172.67.217.208:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fc26cf4540cf427cea8df6dd872c98a
8c4922b4364f0e05b525c69c67a115f3f26ee768
fd64245863ff66208540175d19ca01a98db63692fbdbc028374dd50194556c4a
GET /images/sportsx/racing.png HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1005
last-modified: Sat, 05 Feb 2022 17:23:26 GMT
etag: "61feb28e-3ed"
expires: Thu, 01 Dec 2022 12:14:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2010748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr%2Bi7eF%2B3Pfb6mx3PUFnH94uqbn1UApHzKsvMZyR7wqZF4AEPNB9rtHvoik%2BtaEK9V4tmuByk9VwfCTp8yDptl5g%2Fcwyf9vWGcaAWGqXqD2uOiTWD%2BpTaMzYdlklzOVqkbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e88b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
IP 142.250.74.3:0
Hash f0346722280c72683f6ea1e73ea3ef0b
2f04be7427a7a33a9b98e4370c18dbe7b1d993d3
4e1a2a2a8a7d5d03fb0766691c501b870d3a3d5eac92662cb4bc467e8e06b367
POST /s/gts1p5/QOLAKm6LU44 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
IP 142.250.74.3:0
Hash f0346722280c72683f6ea1e73ea3ef0b
2f04be7427a7a33a9b98e4370c18dbe7b1d993d3
4e1a2a2a8a7d5d03fb0766691c501b870d3a3d5eac92662cb4bc467e8e06b367
POST /s/gts1p5/QOLAKm6LU44 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
IP 142.250.74.3:0
Hash f0346722280c72683f6ea1e73ea3ef0b
2f04be7427a7a33a9b98e4370c18dbe7b1d993d3
4e1a2a2a8a7d5d03fb0766691c501b870d3a3d5eac92662cb4bc467e8e06b367
POST /s/gts1p5/QOLAKm6LU44 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
IP 142.250.74.3:0
Hash f0346722280c72683f6ea1e73ea3ef0b
2f04be7427a7a33a9b98e4370c18dbe7b1d993d3
4e1a2a2a8a7d5d03fb0766691c501b870d3a3d5eac92662cb4bc467e8e06b367
POST /s/gts1p5/QOLAKm6LU44 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.streamgoto.me/images/sportsx/wintersport.png
172.67.135.155200 OK 1.0 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/wintersport.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f16c3aa0aebd009205f9e5b6133538b1
52b3019d4ad927cb0bc23a6b80015d71c988ac23
e7c937963c740a0736a723774036e108501914d91e20b4dcf88505be6a76ea6d
GET /images/sportsx/wintersport.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1019
last-modified: Sat, 05 Feb 2022 17:23:24 GMT
etag: "61feb28c-3fb"
expires: Sat, 24 Dec 2022 07:46:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 39607
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o42wvlBUNU%2F4DxLAQGao0Mi7RIJ5nO3Gev926C3QUnLKsAha5vexHSRB%2F%2FLQP%2FbK3xnh3D3Oqt%2BpnknP5mNx96Jw2%2F2FKdz36o6byYYFkzibn1y%2BF7TpHiB0mf98ZkNsOq1%2FNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e854b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/asset_res/jquery.min.js
172.67.217.208200 OK 32 kB URL HTTP/2 cdn.streamgo.to/asset_res/jquery.min.js
IP 172.67.217.208:0
File type ASCII text, with very long lines (65447)
Hash 988d308db1a52ade6a34dc8477649204
66d3f941b4c154ff8e524c2339bcd42b5f013c41
26d945a44f10a14bc2f328fe357364615a395af5201e9e1414d19213444a3605
GET /asset_res/jquery.min.js HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: application/javascript
last-modified: Sat, 05 Feb 2022 17:21:48 GMT
vary: Accept-Encoding
etag: W/"61feb22c-15d9d"
expires: Thu, 24 Nov 2022 20:38:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shSxsFlxn%2BwDGayE5KdTc4X3JFq2Y%2BkQT282IXUwFnTT2OFyXDiROAFO1E7Rn4Q1VQxYijqAkvmHMl%2Fs2Rfay29C1RSpIPhzHlb%2FaEUN1ArgmObaSV3prKUTBDLjukUR%2BWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f15aea7b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/waterpolo.png
172.67.135.155200 OK 976 B URL HTTP/2 cdn.streamgoto.me/images/sportsx/waterpolo.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a0e0f01e58e0a549ebb66c97cb440755
6fde4ef22e03072861775c428b511a88ddd9a8b3
e1303d599c87ea494df4597f7aea037cea2ffd5f0669ebdb0047ca2e4f8a6a38
GET /images/sportsx/waterpolo.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 976
last-modified: Sat, 05 Feb 2022 17:23:24 GMT
etag: "61feb28c-3d0"
expires: Sat, 24 Dec 2022 17:20:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 5195
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCfAi0GBKlww4t5lSKFncIa8ZDVPfn7KoM3oIwsiChGHpYM1%2Fx3c06mISrWmwQ%2F0oYo%2FTXbhiQXikhmUfnjS04oOyfE0nusAcatBzG1gEmFuFvVa8llaS0C%2FwNHdjvCxaVBGvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e850b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/americanfootball.png
172.67.135.155200 OK 1.0 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/americanfootball.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fbbf49f72843a0748ffe12741911d873
74beb994ea0d6cb477ee4a82c32a5471e985b769
20751d8b922fafbb97f0c8d5e8a305888398e6249666b2dbd61d1f58caa4d794
GET /images/sportsx/americanfootball.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1005
last-modified: Sat, 05 Feb 2022 17:22:58 GMT
etag: "61feb272-3ed"
expires: Sat, 26 Nov 2022 06:20:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2463981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWv0kQt%2FbG0aevOWkPvecEOhdVIJUY%2BjA8OtPMMxE0n6Ago2mo7zyb8eJ0al6kMwpHtgxIru6%2FoSGPVoJHS9XkHJWFkRFEfpTFgk3CC1ifgwpfqf0VUYboZRUt9PJVeDXkwbyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e858b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/futsal.png
172.67.135.155200 OK 1.4 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/futsal.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fd53138110264beca7e6c82e39ed0a5f
98982045a2bd3ce78bf8228affbb2cf82f9aa918
30990a35bc3f1c013d6cb605c0c849b3fd127aa93472a9489fbf88f595635b92
GET /images/sportsx/futsal.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1363
last-modified: Sat, 05 Feb 2022 17:23:46 GMT
etag: "61feb2a2-553"
expires: Tue, 13 Dec 2022 11:26:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 976801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfjoh41AmmDGlDynqtaXncrnTvta90db1Bev1%2B29Bap0ImZvFApYuVJOmG616rRQsiOEFn4o0AFtaHYkRAkXvVrvYHLzW3V4M7OPr1%2BGsmScZtq1RbrqmJ6MjvabObFFrS%2BAQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e85db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/tabletennis.png
172.67.135.155200 OK 805 B URL HTTP/2 cdn.streamgoto.me/images/sportsx/tabletennis.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 77597b35556afc0c0ce9f8b5e967b45b
1ebdc22792e6c7c625a07046cb6ebe0110c93682
e869f6048ada9b6f5229262927d514c91e3d9b55791c8dec4336e88d6e9cc834
GET /images/sportsx/tabletennis.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 805
last-modified: Sat, 05 Feb 2022 17:24:00 GMT
etag: "61feb2b0-325"
expires: Tue, 13 Dec 2022 14:00:29 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 967573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJSrI4tPLnJ6fXVVihwTrCONiv0DMDwPkfSSUMWrjBAwnc%2B9Izcyg54uuFq1rJLl40extw3Uj3sEfD7dISXxdOHzSZv%2FiAPkhQs1eHqsJU7%2BZO8npEP%2FTRfApMrz6RIYH8acwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e85fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/watersports.png
172.67.135.155200 OK 976 B URL HTTP/2 cdn.streamgoto.me/images/sportsx/watersports.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a0e0f01e58e0a549ebb66c97cb440755
6fde4ef22e03072861775c428b511a88ddd9a8b3
e1303d599c87ea494df4597f7aea037cea2ffd5f0669ebdb0047ca2e4f8a6a38
GET /images/sportsx/watersports.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 976
last-modified: Sat, 05 Feb 2022 17:22:58 GMT
etag: "61feb272-3d0"
expires: Fri, 23 Dec 2022 14:10:25 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 102977
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXoSJhGCB6RUcNNXXZ1HdhrGMBOC3XEgFwb1ih%2Bvfpb17oBFb26py6nZIyozQdWxplLssTd%2FAowAEXCOHIZwJhti4IW7DKMufTsfG1idDguLYw1EkVaOqm3vwbu31ecn5PE3Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e857b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/tvchannel.png
172.67.135.155200 OK 1.1 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/tvchannel.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73b4e5e9fb388b6973c4f1af43a728ab
0c5a6356830fe3e5e022a280ead7871477ee7195
e7334ea45c2b6738e36fced6aef761e5bd387469307349dd5912cd63b4d63dfb
GET /images/sportsx/tvchannel.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1109
last-modified: Sat, 05 Feb 2022 17:24:14 GMT
etag: "61feb2be-455"
expires: Fri, 25 Nov 2022 11:09:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2533046
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoK%2BcEVdDph%2F%2BNABp4fjRwkLXtTh2JGqLdEVkmMFAptEXBb5nNObq06NNZspVCL3yx5PFYQxd8KKqcGDZEwDS74GAS7%2FNMquwGivVtc9XESJAzlCQ4ip0NyPu34uqZy4HOhtWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e859b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/esports.png
172.67.135.155200 OK 1.1 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/esports.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73b4e5e9fb388b6973c4f1af43a728ab
0c5a6356830fe3e5e022a280ead7871477ee7195
e7334ea45c2b6738e36fced6aef761e5bd387469307349dd5912cd63b4d63dfb
GET /images/sportsx/esports.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1109
last-modified: Sat, 05 Feb 2022 17:24:10 GMT
etag: "61feb2ba-455"
expires: Fri, 23 Dec 2022 09:20:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 120361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8ErITyCTKedFOIy2PAnWNa3rvxi2wlUTubAsfI%2BYMdtaWhhWlj0tzFUIqriX1e%2BwtRhcpEK3MU1HlsdYa8OIeR58MimUigcOVPBOpDvwfDQPhOI%2B8fQJTc%2BsqtYgtCpYZel%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e85bb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/flag_xt/de.gif
172.67.217.208200 OK 362 B URL HTTP/1.1 cdn.streamgo.to/images/flag_xt/de.gif
IP 172.67.217.208:0
File type GIF image data, version 89a, 16 x 11\012- data
Hash b0dbdccf1c4e4a267a5cd2bf7ea4cb69
d2b74fbbeb420a6be350e4554233e6db3685f970
4ac4ccd6f0702c91e9251cb2b4bcbfd5854f6cb1d274dd2623f42e38ef7532d5
GET /images/flag_xt/de.gif HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:42 GMT
Content-Type: image/gif
Content-Length: 362
Connection: keep-alive
Last-Modified: Sat, 05 Feb 2022 17:32:28 GMT
ETag: "61feb4ac-16a"
Expires: Tue, 29 Nov 2022 07:44:27 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 2199735
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd1GYpkr2ZYUsX5vA3CzbQZuxFAjfYMipYSY7qJ2vx%2BPiI7q8s00Z13JnNrxFBr7LpDRVOjdqfH6CUrc4Lq4ckEX04g%2F5MgAtsOf11uVfTJ%2BkiedalcVPdt7JYJ8jTFC8fU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f15e81ab527-OSL
alt-svc: h2=":443"; ma=60
cdn.streamgoto.me/images/sportsx/volleyball.png
172.67.135.155200 OK 1.5 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/volleyball.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 430a900ef316ea8f33fc7f4b0ab426ac
bed343eb99a354a3dd6550a7c7797f132d3eec4b
d8a59be0ff8b93b24b2ab2fb679290158bfa3316c3abbda2cd03ee857ccd3991
GET /images/sportsx/volleyball.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1450
last-modified: Sat, 05 Feb 2022 17:22:54 GMT
etag: "61feb26e-5aa"
expires: Thu, 01 Dec 2022 16:36:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1995016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r19pTwpWy3oZEh48gnpjsM3hMtBvnRt0WCQnEVK2OmGC5GtcbiXFaeuu6Q0lmm07tEpofpkmHRM98gN8kPb9%2Bi7BBBViCdyxBmgSlzFKh9gnIL%2FrXrTr1oEOAnAGK3kF1cf%2FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e853b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/images/flag_xt/en.gif
172.67.217.208200 OK 367 B URL HTTP/1.1 cdn.streamgo.to/images/flag_xt/en.gif
IP 172.67.217.208:0
File type GIF image data, version 89a, 16 x 11\012- data
Hash 331d7734597f1b86e1dba8b569707be8
a4be1c433a97b4de6ecf7064a70faeaab7d9ffa0
42e970f2f31f915929e94f2cba9caf7302a0743031789e214932f571a06286a2
GET /images/flag_xt/en.gif HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:42 GMT
Content-Type: image/gif
Content-Length: 367
Connection: keep-alive
Last-Modified: Sat, 05 Feb 2022 17:33:30 GMT
ETag: "61feb4ea-16f"
Expires: Sun, 04 Dec 2022 07:39:21 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 1768041
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FbCqB1gOoB7KoEP%2FzWS%2B%2BK%2BQuodtZhdT7B%2Fcpnc5WsuBsKJcDJTjGqfYVraAH%2FpqPd0Q9MMYFU9Mx9mFO2I57VhMDgbYouF32TT2HGkq1KvXDXD7WAcueTLhMouOaCyUzE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f15eec1b4f9-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 18:11:11 GMT
cache-control: public,max-age=3600
age: 2131
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdn.streamgo.to/images/flag_xt/0.gif
172.67.217.208200 OK 358 B URL HTTP/1.1 cdn.streamgo.to/images/flag_xt/0.gif
IP 172.67.217.208:0
File type GIF image data, version 89a, 16 x 11\012- data
Hash 0a8af60b38ccd60b659d43151b1e45c0
e5be916fd372d3714b6cd2ffc27bb58bafbfbb49
122b9dcbf0013211db5739069b7b42c11ea179c4242a6e3ea89db401a7a81f1c
GET /images/flag_xt/0.gif HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:42 GMT
Content-Type: image/gif
Content-Length: 358
Connection: keep-alive
Last-Modified: Sat, 05 Feb 2022 17:33:38 GMT
ETag: "61feb4f2-166"
Expires: Mon, 28 Nov 2022 13:09:39 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 2266623
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDyW2PlO0GR%2BYo2wU9v5Ym2TLIRNeNuDVBxiNH490Fh52sNo2vTvkBFBTOPNJEIjIaTE3MlpjJNHdfU73TvuUDfPLZlc%2B5tu8PODXpTD%2FFM8ulG%2FSI85WLDqZzrQh2cA%2B1w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f15eb74fab8-OSL
alt-svc: h2=":443"; ma=60
cdn.streamgoto.me/images/sportsx/rugbyunion.png
172.67.135.155200 OK 975 B URL HTTP/2 cdn.streamgoto.me/images/sportsx/rugbyunion.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 45f3c042eb623800124c585e1080a2d5
fedaa25919c596fe7195996d472938568ca83330
8197e46ccc39ae3e9583ba6e4ea2228ad5e97a11bcded9cada2e70e7de02667f
GET /images/sportsx/rugbyunion.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 975
last-modified: Sat, 05 Feb 2022 17:23:14 GMT
etag: "61feb282-3cf"
expires: Sat, 24 Dec 2022 07:46:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 39607
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNJkd7a7wIOpJIbehQrjxQtwFp3Knz471yDSlBhAYjj1NlBlNlJQBt1pSCEs5mZ6%2Fq1Os%2FdRxLhzhEpSOcod37gUniDtRlNJZ3KhoBhgLX1ulgwF63pTKjmxRNBDsVYe3FKNug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e860b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/golf.png
172.67.135.155200 OK 780 B URL HTTP/2 cdn.streamgoto.me/images/sportsx/golf.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 786bd67616ef1c0db3b36f2f8f700792
1d1d36a2adcef332e11f11d6f6b25c178ed762c7
7b3c2c1ad5b62a978bb1c1e9f43110c5b402b75d368087e22214a6e794415780
GET /images/sportsx/golf.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 780
last-modified: Sat, 05 Feb 2022 17:24:14 GMT
etag: "61feb2be-30c"
expires: Sat, 10 Dec 2022 05:31:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1257339
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldGtAJeZc9NITiJmXhfkhMJer8CDhM7EVBlaa0637BjObDWLz3ZOg7%2BSzuoZCxqKs%2BlyScnI2dDe4PJ8zzdFHbx%2BdYL7HvfsV29W5KWuR3sbLN8m63lN9USkKoEwfJ1bLD%2FNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e85cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgoto.me/images/sportsx/handball.png
172.67.135.155200 OK 1.5 kB URL HTTP/2 cdn.streamgoto.me/images/sportsx/handball.png
IP 172.67.135.155:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 430a900ef316ea8f33fc7f4b0ab426ac
bed343eb99a354a3dd6550a7c7797f132d3eec4b
d8a59be0ff8b93b24b2ab2fb679290158bfa3316c3abbda2cd03ee857ccd3991
GET /images/sportsx/handball.png HTTP/1.1
Host: cdn.streamgoto.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: image/png
content-length: 1450
last-modified: Sat, 05 Feb 2022 17:24:30 GMT
etag: "61feb2ce-5aa"
expires: Sun, 27 Nov 2022 12:46:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2354416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cPKgbFaQ3%2FhcW0WaLDJRUEOpRufl2VXJnJlm9jF79VGBbXuknIPbuUxmmDducTfClbr15XVLp8cQxreBV%2BUeCKC4QmHVrOFNMRQVxLPfc74SN8z4zmGsTLLe7RvrKbeZoTqXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f15e85eb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/QOLAKm6LU44
IP 142.250.74.3:0
Hash f0346722280c72683f6ea1e73ea3ef0b
2f04be7427a7a33a9b98e4370c18dbe7b1d993d3
4e1a2a2a8a7d5d03fb0766691c501b870d3a3d5eac92662cb4bc467e8e06b367
POST /s/gts1p5/QOLAKm6LU44 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4096
Cache-Control: max-age=142102
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:43 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:15:05 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.249200 OK 346 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d43c85d8aadfcb26df6345e3a88fca07
aed9cd95bc00e644d43b0ad9bcac7db9e8d672da
774a2d4fc3e7d604cb6dacf29cba350e3bb9b87794437e2449e2f22df5e9aee4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "774A2D4FC3E7D604CB6DACF29CBA350E3BB9B87794437E2449E2F22DF5E9AEE4"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9542
Expires: Thu, 24 Nov 2022 21:25:45 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
livetvon.click/embed/stream-155.php
172.67.211.63301 Moved Permanently 346 B URL HTTP/2 livetvon.click/embed/stream-155.php
IP 172.67.211.63:0
Hash d43c85d8aadfcb26df6345e3a88fca07
aed9cd95bc00e644d43b0ad9bcac7db9e8d672da
774a2d4fc3e7d604cb6dacf29cba350e3bb9b87794437e2449e2f22df5e9aee4
GET /embed/stream-155.php HTTP/1.1
Host: livetvon.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 24 Nov 2022 18:46:43 GMT
location: https://daddyhd.com/embed/stream-155.php
cache-control: max-age=3600
expires: Thu, 24 Nov 2022 19:46:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBx8u0Qw4MiKbq35%2BhuZOUjYXTM7%2F7tTj9gICR5Nmh%2F8CZ91H76s%2BLnTTEwlZKSiGQoJgUOVcr0XRQr8Ke76qidmy7I0ghqNxXg8oEBUmA%2F1Ah2hjYNI5KaNcJt9mvKM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: unsafe-url
server: cloudflare
cf-ray: 76f44f174a67b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 984c3fae36f5794613211e0577a45929
b058412ccf4fbb51e0bd68f4ea59dd22d3b9c6e8
eaed172872782e7a5170aabd2e40d91eeaf83a2e3b20b2f65438cc250fc0155c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "EAED172872782E7A5170AABD2E40D91EEAF83A2E3B20B2F65438CC250FC0155C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Thu, 24 Nov 2022 19:58:17 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 984c3fae36f5794613211e0577a45929
b058412ccf4fbb51e0bd68f4ea59dd22d3b9c6e8
eaed172872782e7a5170aabd2e40d91eeaf83a2e3b20b2f65438cc250fc0155c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "EAED172872782E7A5170AABD2E40D91EEAF83A2E3B20B2F65438CC250FC0155C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Thu, 24 Nov 2022 19:58:17 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
pl16885590.trustedcpmrevenue.com/98/16/4e/98164ece911791317b4bfdec826c3bdb.js
173.233.137.44200 OK 21 kB URL HTTP/1.1 pl16885590.trustedcpmrevenue.com/98/16/4e/98164ece911791317b4bfdec826c3bdb.js
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (60200), with no line terminators
Hash a2f003b151ec3c9736cb4c3cefeda98f
fe4316aca4636c16c227422df5ee2a9698694444
51a627093b38ab8c21e3e7bbd39791f72150c6e06cfa1cdf8c330e10ee398965
GET /98/16/4e/98164ece911791317b4bfdec826c3bdb.js HTTP/1.1
Host: pl16885590.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: beaabf6feebae51b7552f431bfce8318
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d74091efc24e858bc609b7acda08c1a
80a6e9b25c9d18572437c93cb8a74c2dac718c1b
103e7b52938d5cb9de00c55eb68db2c656cbeee193678520035025f2f2d53e77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "103E7B52938D5CB9DE00C55EB68DB2C656CBEEE193678520035025F2F2D53E77"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 24 Nov 2022 19:45:55 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aENK7NaZ1hz5eJ9TA1CVuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2SR/JARw8ebgqn2YnNEvLMg61qA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83d2fc9a74dbfb2d5183682d7959a8f2
9dc6d4d9b9583537afede906a2df78790d628b61
7d1d1a82594f64774099b78c47db2dbedf5daca27f3796850c5496629da86624
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D1D1A82594F64774099B78C47DB2DBEDF5DACA27F3796850C5496629DA86624"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17664
Expires: Thu, 24 Nov 2022 23:41:07 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156200 OK 10 kB URL HTTP/1.1 vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (10176), with no line terminators
Hash 3de3ce8ec950a993d1d3bb362d84f0e7
c938aaab8eed435eb4fd277f1c1ab9976e969043
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
GET /script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/javascript
Content-Length: 10176
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156302 Found 0 B URL HTTP/1.1 origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: origunix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Location: https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
X-Cache-Status: MISS
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1ce845bd3ff6a615692a64d1b8e8ea51
5dc905072ebae56b178eb49f03579f6054e1f3b0
9ff438df985879c9eed13f2429981e6b0b26f5bdc89aa0c284d6a0c3fe92a2bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:04:32 GMT
Expires: Thu, 01 Dec 2022 00:04:31 GMT
Etag: "5dc905072ebae56b178eb49f03579f6054e1f3b0"
Cache-Control: max-age=536867,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f183cc7b51d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 91c705d0a24eb2408eec381e25eefbba
3bc16f969a13c1938af0340a1b58767f61da438e
e95368861ffab69ee2f732ccd5356a78869c5fc0dc9e13fed1cdc7f1489e5ef1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E95368861FFAB69EE2F732CCD5356A78869C5FC0DC9E13FED1CDC7F1489E5EF1"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20070
Expires: Fri, 25 Nov 2022 00:21:13 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1ce845bd3ff6a615692a64d1b8e8ea51
5dc905072ebae56b178eb49f03579f6054e1f3b0
9ff438df985879c9eed13f2429981e6b0b26f5bdc89aa0c284d6a0c3fe92a2bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:04:32 GMT
Expires: Thu, 01 Dec 2022 00:04:31 GMT
Etag: "5dc905072ebae56b178eb49f03579f6054e1f3b0"
Cache-Control: max-age=536867,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f19af2ab51d-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5348b4ee74a9c894db836c2b61cc7086
9a65195ea94f2f7326007ad86ca1675010f4c00e
d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156430
Date: Thu, 24 Nov 2022 18:46:43 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 14:13:53 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hsc3b6h5NkMMybz2bArdyH3XmVBXOL3Psac7GmwgbpmsZtQGPPwmvg==
Age: 2568
tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156200 OK 138 kB URL HTTP/1.1 tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Size 138 kB (138393 bytes)
Hash 527cb1255f6c01f78fc24ab9ac48a73d
6d504e87f4e1f7ea747dd8968a3b8639606b74d2
b550632fd835ca2aa8616c804dbabd76054c6dfe56ab69aae2fed4fe28b2c01b
GET /sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/javascript
Content-Length: 138393
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache-Status: MISS
addresseepaper.com/sfp.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT
ETag: "634f9947-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ksH1sTc9EjXCmWZup74uFSR+dkwy0KAqHyDjqCX5+b0zeGjsBDwHGeUXqHO1YTnGXNMqi9DZqRg/7nsDREvaAw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
c.adsco.re/
104.17.166.186200 OK 28 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 10a01aa4b1b98eaf84bbf379ae1e8a37
8fa47a75106dda08d76725d882fc80a4787a89e0
e7a5d2a6be0bdeed7f340c5da1d39049f8c6aab19ec273a016b4347a43106cf3
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Sun, 25 Dec 2022 18:46:43 GMT
ETag: W/"n/ARilLrRVDeZNVpaPOsXg=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 440853
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f1a6b0c1c0a-OSL
alt-svc: h2=":443"; ma=60
daddyhd.com/embed/adblock.php
172.67.144.96200 OK 555 B URL HTTP/2 daddyhd.com/embed/adblock.php
IP 172.67.144.96:0
File type ASCII text, with very long lines (676)
Hash 85a1eff20dd0f50f33c01c0f9bf1d127
67f32044cd44a48bffa3014f352ef3bf72dd3377
f77e73c676ea2c55eb115df7bad7d5f6502a19418e25558ff4eddfcaaa4cc7cb
GET /embed/adblock.php HTTP/1.1
Host: daddyhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/embed/stream-155.php
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 18:45:50 GMT
x-turbo-charged-by: LiteSpeed
greydedi: HIT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6K%2F%2BCWTtsSAtWm9jlTBn21FC2CU3IBO8Bb%2BdqP6zBOlWtq8gm4t3fGnD9c6ant6zuk403LHl%2B2n%2Fzk3hOcvpI22qD8nRadGCC7xCBdB5nrE0XIdmDruY1O0ZLNMGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f186f4f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://streamgo.to
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f1a8d590b4d-OSL
alt-svc: h2=":443"; ma=60
vmuid.com/uid/send
178.162.196.156200 OK 65 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 96986554b4e39b83e96d4492a399f485
8ae79c823576a4778a54c0857f058753c81e98b5
5fa24dc164fdf827f3048d2f1c9bdb5c749312feea2cadc9e263e56ea7435f7f
POST /uid/send HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------126355854119120141902773790621
Origin: https://daddyhd.com
Content-Length: 323
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/json
Content-Length: 65
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: https://daddyhd.com
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Access-Control-Allow-Credentials: true
Set-Cookie: guid=8240f5d9-16ca-4e5f-8354-804aa986cb73; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://streamgo.to
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67dea4fbc5ae21f4e2255b6f5d8dcc79
f36cc71a80b34faaf3a87349f13e0f1a1268d043
773f511e7d10a0e27a0760cc964654a87b495758f0891d5f6b0bc55204cf78be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "773F511E7D10A0E27A0760CC964654A87B495758F0891D5F6B0BC55204CF78BE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6535
Expires: Thu, 24 Nov 2022 20:35:38 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=1173&rd=1173&fd=658&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 tractorfoolproofstandard.com/pixel/purst?dl=0&th=0&sc=0&rs=1173&rd=1173&fd=658&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1173&rd=1173&fd=658&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tartator.com/hit
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /hit HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------22055541942254275314186677622
Content-Length: 536
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Set-Cookie: av_sw_hit=1; expires=Fri, 25 Nov 2022 18:46:43 GMT; secure; SameSite=None
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f85c97c6fb5db6b7c582ab31a81b009b
3857351cc1777e2cc48649b93964de84a550fd3e
a2e2529077270da0e095618a9298f8287e01c7b62de41345286fd8969f892133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:43 GMT
Last-Modified: Thu, 24 Nov 2022 16:59:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
tartator.com/api/report
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/report HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------297747866213405240721498503734
Content-Length: 446
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
tractorfoolproofstandard.com/fe/eb/07/feeb07fbce09c51f87784484286419a1.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 tractorfoolproofstandard.com/fe/eb/07/feeb07fbce09c51f87784484286419a1.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37159), with no line terminators
Hash 642c4bb9fccd9ce51b542c40cb10aa84
1ba2e3ecd12997797fbe420ef4d10201fc18cbe1
bf13a767611fc4337d3669e39258fe2fbfc13b628a2f12ea570ed966b896c460
Analyzer Verdict Alert quad9 Sinkholed
GET /fe/eb/07/feeb07fbce09c51f87784484286419a1.js HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 971e56f531280d4eb2ddbb1a0f13e472
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3a6a266cdfa7c040acda3c23a5569e1
9d0bf24b5c96459501a797803d11bd9664423a26
275796b75944bd1a656817e144a8977f5d2f29198e51283bc776ffdd7006e490
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "275796B75944BD1A656817E144A8977F5D2F29198E51283BC776FFDD7006E490"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5690
Expires: Thu, 24 Nov 2022 20:21:33 GMT
Date: Thu, 24 Nov 2022 18:46:43 GMT
Connection: keep-alive
tartator.com/api/report
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/report HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------290695559031940344753845793718
Content-Length: 515
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash a41a3192a1bb1e38e8a9bbd4fe2c534c
74fc26432e0986a47a4fe37d61f4f3f7ab54cb55
5b45807182d43b5b2a626dc49ab094c30d11346229b441826ab920a3ed9eb3bb
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99164
Date: Thu, 24 Nov 2022 18:46:43 GMT
Etag: "637e9c6f-1d7"
Expires: Fri, 25 Nov 2022 22:19:27 GMT
Last-Modified: Wed, 23 Nov 2022 22:19:27 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wy_AqJjAUckD-DLBQsxv65ehAuYQDggHUqc1wtd4Rjp_Tnba6DBeaA==
pl16164575.highperformancecpmgate.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
173.233.137.52200 OK 21 kB URL HTTP/1.1 pl16164575.highperformancecpmgate.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (60209), with no line terminators
Hash e98677322c6d219b1642fdea8bd076b5
76e1b970829502e7c01e1b19210a91ec6ab8105d
ac6e5d5cc6615047cbca938af1d4e0f9964879a2e1b98ecbd2e012db50720262
Analyzer Verdict Alert quad9 Sinkholed
GET /dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js HTTP/1.1
Host: pl16164575.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00d5e2a35e5fa505ef3c18221486d46b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 1c664ce76aa9cceeb04c8a3b03b141d1
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 24 Nov 2022 18:46:43 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSM7hq%2FLjkjFmvB%2FOXqbmyujmJ7sHcJB1z2rvWKFhhbgLObuu8fKYDdN8WTLWQIykzk8St%2F4XLGL1E3DijuXpat%2F%2F1z4rqCm3sMGPyVLN4uMyrAomA2lQ3bgbgupeCEQX69lhtc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f1ca95bd174-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1933c91dd098954663a84bdd2e9a86e1
c0a86bb2170091b0fc60baf8717bce819383eef3
c8f7d0ba86d7858855432d442be3c72343a8d52b0042d810d26589d11d5236c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daddyhd.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
bttrl8brgyz4.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 bttrl8brgyz4.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: bttrl8brgyz4.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/DEG64W_zrfc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DEG64W_zrfc
IP 142.250.74.3:0
Hash 61adc80777f00e2847a8a07d40d29cb3
1ee20930e043dd4826239f80e85484e4e3a1d6fb
54d05cc54ec41ee173725af02b151eebe6fc0d89aca83d556a6d50fcfdcd0c83
POST /s/gts1p5/DEG64W_zrfc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.xadsmart.com/countrySelect.min.js
185.76.9.24200 OK 12 kB URL HTTP/2 www.xadsmart.com/countrySelect.min.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 9195bc9c767b0469b826707d0ba95c33
db14da0cfaf4d6442bb13d212319fea7eee98ff3
0be1af6f69b7dafda4674b337bbb69ce104c56dee69b16c5ffb3935e9a3be371
GET /countrySelect.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Tue, 29 Nov 2022 00:56:09 GMT
access-control-allow-origin: *
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1669683369
server: CDN77-Turbo
x-77-nzt: AblMCRRe4Dn/650DAA
x-77-nzt-ray: af58563063b0504814bc7f63f59faa07
x-cache: HIT
x-age: 237035
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DEG64W_zrfc
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DEG64W_zrfc
IP 142.250.74.3:0
Hash 61adc80777f00e2847a8a07d40d29cb3
1ee20930e043dd4826239f80e85484e4e3a1d6fb
54d05cc54ec41ee173725af02b151eebe6fc0d89aca83d556a6d50fcfdcd0c83
POST /s/gts1p5/DEG64W_zrfc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
streamservicehd.click/premiumtv/daddyhd.php?id=155
172.67.220.222200 OK 41 kB URL HTTP/2 streamservicehd.click/premiumtv/daddyhd.php?id=155
IP 172.67.220.222:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64742), with CRLF line terminators
Hash e2e25b4e8aba0158c2575563c95e898d
05f1b3cdd941d37322a7a8645576f69e66952716
8b49b447e20d7ba5f53d1c4ff48925281b9263b7b2fbdbd4d2396edde53d7a89
GET /premiumtv/daddyhd.php?id=155 HTTP/1.1
Host: streamservicehd.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
node: PHP
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 17:04:11 GMT
cf-cache-status: HIT
age: 3201
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq2BW32P6iV8gVXeNrfhTY0Qwz6WTfUr%2FEUlXebAGRev33%2FNyDZqdxsfQwvPSI44TWoUHT2xetxyO3ZMAV10wqoeURuUju1gDBc05VsipQ7e9%2BhXtpzJwRAZ%2BJWAFMRv6oxLoM7%2FkAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: unsafe-url
server: cloudflare
cf-ray: 76f44f1dcd42b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669315604.dop015.sk1.t,1669315604.cds258.sk1.hn,1669315604.cds210.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1aa21370b2e104b0ca69a909d1037b3e
6cee88613ed811405f6e5063b11e3807522460fc
f6e20f227a4820d210d7d3108fd23cd8f5e05a938196780c40a74f83016eec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6E20F227A4820D210D7D3108FD23CD8F5E05A938196780C40A74F83016EEC91"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2839
Expires: Thu, 24 Nov 2022 19:34:03 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1aa21370b2e104b0ca69a909d1037b3e
6cee88613ed811405f6e5063b11e3807522460fc
f6e20f227a4820d210d7d3108fd23cd8f5e05a938196780c40a74f83016eec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6E20F227A4820D210D7D3108FD23CD8F5E05A938196780C40A74F83016EEC91"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2839
Expires: Thu, 24 Nov 2022 19:34:03 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/clappr@latest
151.101.85.229200 OK 141 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr@latest
IP 151.101.85.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141142 bytes)
Hash 7e7fdfacdb1943ea810449001d165a53
fc230e8b4a933497a2da4a783574a5b07b889a7e
d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
GET /npm/clappr@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 18:46:44 GMT
age: 8148
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 492f50d88c3dde38ea918c12ffeb931b
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 6d142c839a94038a766dda43e58f76ed
5bafe63677743ffb3987f83bb95400608a8b81f5
617d58a6a4206a0e73ef5773ffae17cea55b31c22eaa84bd3be3543e7efc2e11
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0807F7D6D69234D472AA36718506DD39A96A2BF1"
Expires: Fri, 25 Nov 2022 05:00:00 GMT
Last-Modified: Thu, 24 Nov 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2755
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f1ec9380b06-OSL
eephaush.com/tag.min.js
139.45.197.236200 OK 23 kB IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 09c6bc35f4808f91eef702f269b590ea
e684a310ca3a4f2fdfb24c5a99a34dd96d634ec5
f50dd06f8c62afb27e75aab75507ff7517b9f896a2f8dc489d458f4e45a14e02
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 23258
content-encoding: br
x-trace-id: cac50be8ec11605b07ebef1785889609
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 10:03:42 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bb0752e5c582d262c6fb2ccbbc4934b2
b284274f65c07ff39fb6c63027ba0d270cfee9a1
e4898311cb2f15694ca5ecae012ab44195e08c1a1f4380958799df7799818dff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=469539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f1cdd3cb51d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d96aa9d9c49414548c2fb2b22b2baa9
5f3111760b65ecc30a29c8f88f0d5ef53b215096
49e29caf256673308aebd986c916165190f52c5ec310b17d3fa4f55473047fef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49E29CAF256673308AEBD986C916165190F52C5EC310B17D3FA4F55473047FEF"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6896
Expires: Thu, 24 Nov 2022 20:41:40 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
plarlyinthes.xyz/redirect?tid=953898
54.230.111.46302 Found 0 B URL HTTP/2 plarlyinthes.xyz/redirect?tid=953898
IP 54.230.111.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=953898 HTTP/1.1
Host: plarlyinthes.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://xml-v4.trafficmoose.com/click?i=1msti-XqEZc_0
date: Thu, 24 Nov 2022 18:46:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b15d9486-8737-492a-99f9-35771076a4d3
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sv1EQdxFzq0-s4lk7SeZ-2cq4-TgGd7RCHsDtu7nVdqrHMLbkYtU4Q==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f1c45518b9bf016e4d08d82627299df
a5952aa6dc61ba3bd4e6149b81a9772034f0ce17
7c7b7487eaeb36381e21338f2192c9c53f2cb7621f536aebebf9472d9e29690b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7B7487EAEB36381E21338F2192C9C53F2CB7621F536AEBEBF9472D9E29690B"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Thu, 24 Nov 2022 19:34:54 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bb0752e5c582d262c6fb2ccbbc4934b2
b284274f65c07ff39fb6c63027ba0d270cfee9a1
e4898311cb2f15694ca5ecae012ab44195e08c1a1f4380958799df7799818dff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=469539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f208c7cb51d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2ceda13c4db11eaaa23e07979fd3ff8d
f87e26e04531704af29c9ea51618e318abdb12ac
8a9f306b19e53ba707dc132ec6974299baead0da24463db53830f9294c35bd7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A9F306B19E53BA707DC132EC6974299BAEAD0DA24463DB53830F9294C35BD7F"
Last-Modified: Thu, 24 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9194
Expires: Thu, 24 Nov 2022 21:19:58 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18875
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18875
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 24 Nov 2022 18:32:37 GMT
expires: Thu, 24 Nov 2022 20:32:37 GMT
cache-control: public, max-age=7200
age: 847
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6919
Expires: Thu, 24 Nov 2022 20:42:03 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c2ecab00f8fbd35087f018c429aacdfa
b61eb50db27c283756384a5c4e36aab9145b1ce6
94dbd78f933f751a1f2b3b25c623a0d77ac383fb16046db1ea5c6f781a0cbf28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DBD78F933F751A1F2B3B25C623A0D77AC383FB16046DB1EA5C6F781A0CBF28"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8585
Expires: Thu, 24 Nov 2022 21:09:49 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 75417
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 41482
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18875
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:36:56 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 527304034
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 75578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 41557
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18875
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=1125&rd=1125&fd=789&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/purst?dl=0&th=0&sc=0&rs=1125&rd=1125&fd=789&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1125&rd=1125&fd=789&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6919
Expires: Thu, 24 Nov 2022 20:42:03 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 74570
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 74964
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 171 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash daa6f1f1fffbe3e73c22c8d1dec764f6
b1ad4fd2a36d7691d35d0492ee0390e4dafd710b
2394b1914b58cd8166a6083b71533eb4b7845b85e50bfb4857d561aa855c925d
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1860
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://streamgo.to
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://daddyhd.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f222916fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4330c15cbec5a3d8735a66499971ca16
febc3a5d12f6def79afd74003b370d054e713196
3f1ebf6792cb8c53345a7378cef23d086f94e57aa9b3826e17c51ec5555edd5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F1EBF6792CB8C53345A7378CEF23D086F94E57AA9B3826E17C51EC5555EDD5D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13613
Expires: Thu, 24 Nov 2022 22:33:37 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e38e74658bc09f31293e68f2fd628762
aadc5b43ce978177f8fb2d5ba7ab8417421c8f91
93c3977f649fea81454e1d7206240bed42a5091240a7c8e35917e12f91884243
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: max-age=141201
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Etag: "637f28f7-118"
Expires: Sat, 26 Nov 2022 10:00:05 GMT
Last-Modified: Thu, 24 Nov 2022 08:19:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a5c1b54daca67c400e76b7224ae5521
2583cebe55e8d1bfe6c921d595d8d36cf480ff2f
941e5441730c4558040e0decdec018ff15dad6abc6be4858c6417f2e941dbcbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "941E5441730C4558040E0DECDEC018FF15DAD6ABC6BE4858C6417F2E941DBCBD"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13143
Expires: Thu, 24 Nov 2022 22:25:47 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68220cac7d3a70bb3d5f6734a84302b3
bc6bb98e39bfc5353804a0388960ecf01a7ab5c5
b108430399664d81ce9cde75b2cd2fa96df821b2639df68926122b10ac2e6b7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B108430399664D81CE9CDE75B2CD2FA96DF821B2639DF68926122B10AC2E6B7F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8691
Expires: Thu, 24 Nov 2022 21:11:35 GMT
Date: Thu, 24 Nov 2022 18:46:44 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://daddyhd.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
my.rtmark.net/gid.js?userId=033a374a72044a66b18ecd23a54edbfd
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=033a374a72044a66b18ecd23a54edbfd
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e41ab1646b57f23966741b5fa4786585
31ea0569f9bc222d41eceb6482cf3c6fdef0f334
6de65e00790fa21a1132c84f557ffd952cd4377c273bb841516b9cd04042364e
GET /gid.js?userId=033a374a72044a66b18ecd23a54edbfd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://daddyhd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=033a374a72044a66b18ecd23a54edbfd; expires=Fri, 24 Nov 2023 18:46:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e38e74658bc09f31293e68f2fd628762
aadc5b43ce978177f8fb2d5ba7ab8417421c8f91
93c3977f649fea81454e1d7206240bed42a5091240a7c8e35917e12f91884243
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: max-age=141201
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:44 GMT
Etag: "637f28f7-118"
Expires: Sat, 26 Nov 2022 10:00:05 GMT
Last-Modified: Thu, 24 Nov 2022 08:19:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
s4.histats.com/stats/0.php?4610896&@f16&@g1&@h1&@i1&@j1669315604039&@k0&@l1&@mStreamGoTo%20!%20Link%201%20Live%20Stream%20Loeven%20Frankfurt%20Vs%20Straubing%20Tigers%20Online%20Free%20Ice%20Hockey%20Germany%20Del&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38726579&@b3:1669315604&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fstreamgo.to%2Fxb_1&@w
192.99.13.63200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4610896&@f16&@g1&@h1&@i1&@j1669315604039&@k0&@l1&@mStreamGoTo%20!%20Link%201%20Live%20Stream%20Loeven%20Frankfurt%20Vs%20Straubing%20Tigers%20Online%20Free%20Ice%20Hockey%20Germany%20Del&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38726579&@b3:1669315604&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fstreamgo.to%2Fxb_1&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 40b601f2e2424e1de58bf0fbfd92a92a
922d1acd479398d6ac13c5eb81c0fe77fa1a60f5
98f7d23a6674d36b1a238820168d49d7add0486d69e7295731d6cbc5c67687f0
GET /stats/0.php?4610896&@f16&@g1&@h1&@i1&@j1669315604039&@k0&@l1&@mStreamGoTo%20!%20Link%201%20Live%20Stream%20Loeven%20Frankfurt%20Vs%20Straubing%20Tigers%20Online%20Free%20Ice%20Hockey%20Germany%20Del&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38726579&@b3:1669315604&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fstreamgo.to%2Fxb_1&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
onvictinitor.com/apu.php?zoneid=4938033
139.45.197.238403 Forbidden 7 B URL HTTP/2 onvictinitor.com/apu.php?zoneid=4938033
IP 139.45.197.238:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=4938033 HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
eephaush.com/5/4284414/?oo=1&aab=1
139.45.197.236200 OK 1.4 kB URL HTTP/2 eephaush.com/5/4284414/?oo=1&aab=1
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (2828), with no line terminators
Hash 7c165d6f07129aa22f43c9d8565aad9a
3d22b69a736e675d847900092f39c6766a7126f1
a86146ac84b718fa89370e2f0a8d7a138d69312e535f0939bb2ac05bd3c2905a
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4284414/?oo=1&aab=1 HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/json
x-trace-id: a4e7b873db66a11d1196fc98a7bd746d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://daddyhd.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=033a374a72044a66b18ecd23a54edbfd; expires=Fri, 24 Nov 2023 18:46:44 GMT; path=/; secure; SameSite=None
oaidts=1669315604; expires=Fri, 24 Nov 2023 18:46:44 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
middayexcessive.com/a7/2e/3f/a72e3fd4d90706e38afbd039886259b1.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 middayexcessive.com/a7/2e/3f/a72e3fd4d90706e38afbd039886259b1.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60162), with no line terminators
Hash dc427b74184c7cf5529eed9a800aed27
bead458b68344fd5dfb94810cefa88b28ca5a55f
55eed6055a17995a30ef578ce675826c696e99287d8ffda0ebf1324febb5127e
Analyzer Verdict Alert quad9 Sinkholed
GET /a7/2e/3f/a72e3fd4d90706e38afbd039886259b1.js HTTP/1.1
Host: middayexcessive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97a9660217d5867cd2095d1c70f3988b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.jsdelivr.net/npm/38861cba61c66739c1452c3a71e39852.ttf
151.101.85.229404 Not Found 53 B URL HTTP/2 cdn.jsdelivr.net/npm/38861cba61c66739c1452c3a71e39852.ttf
IP 151.101.85.229:0
File type ASCII text, with no line terminators
Hash e2044e02048db49e6e3a650790aee28d
9ae5b3f89067f26c7621ccec459c40c78b748a2a
96d7e4248efaa30f7f61bd3bc2bf5c8dc0227d937681e08a51b8b8cdc8084643
GET /npm/38861cba61c66739c1452c3a71e39852.ttf HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamservicehd.click
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"25-junAq5RuYhRu8VSd3vtDZ10zD7Y"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 18:46:44 GMT
age: 25
x-served-by: cache-fra-eddf8230089-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53
X-Firefox-Spdy: h2
cdnondemand.org/script/ut.js?cb=1669315603565
104.16.166.16200 OK 38 kB URL HTTP/2 cdnondemand.org/script/ut.js?cb=1669315603565
IP 104.16.166.16:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 6296001a5834c8b2abcf07223803dcd6
e7d08d81e101873fd41e0d3364da521fa18384b2
875fb6768ae7dcb7b5df6fcfc220b6ec9a51421102288a5eb4dfaadd22fef031
GET /script/ut.js?cb=1669315603565 HTTP/1.1
Host: cdnondemand.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvUmumt2jqdPxpXWqKrbKnQd62mHtEzTjwzpswSgr40xMYzf9auOZgUpuzscwyH2OvxdlNIzznGeQkqjWaCVHGo2g
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 22:46:43 GMT
cache-control: public, max-age=14400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
cf-cache-status: HIT
age: 1447
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f1c9e020b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bttrl8brgyz4.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 bttrl8brgyz4.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: bttrl8brgyz4.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1933c91dd098954663a84bdd2e9a86e1
c0a86bb2170091b0fc60baf8717bce819383eef3
c8f7d0ba86d7858855432d442be3c72343a8d52b0042d810d26589d11d5236c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamservicehd.click
Connection: keep-alive
Referer: https://streamservicehd.click/
Cookie: uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://streamservicehd.click
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1933c91dd098954663a84bdd2e9a86e1
c0a86bb2170091b0fc60baf8717bce819383eef3
c8f7d0ba86d7858855432d442be3c72343a8d52b0042d810d26589d11d5236c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daddyhd.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 346 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8b0a6ea4a1b52f72d93c9e643b0dd179
02df9611887db2044802892f436f0448eb0e332c
ec8284c369490389342d5a3a33d3501262ecd1498d46153689de13e4356b799c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC8284C369490389342D5A3A33D3501262ECD1498D46153689DE13E4356B799C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8427
Expires: Thu, 24 Nov 2022 21:07:12 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=369389,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f23c98cb51d-OSL
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_266285.953898
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_266285.953898
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_266285.953898 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 24 Nov 2022 18:46:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 18:46:45 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86262456%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669315605098)%5c%2f%22%2c%22CookieTag%22%3a%223795086262456451240919C202211241846%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228459930157%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 24-Nov-3021 18:46:45 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=54
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 922
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://daddyhd.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 114fcbbbf1c185d571af73ae9ccf0730
b5e6644662439e6e80cbe9206b7047c22942afe7
742f3855fe106545e8f28ecdf5649649b5fe76099866379276defd773647ba70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "742F3855FE106545E8F28ECDF5649649B5FE76099866379276DEFD773647BA70"
Last-Modified: Tue, 22 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1868
Expires: Thu, 24 Nov 2022 19:17:53 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
www.unibet.nu/stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 24 Nov 2022 18:46:45 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86262456-37950
set-cookie: JSESSIONID=node01bq13qztgywl319e33nkv9ew76095145.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01bq13qztgywl319e33nkv9ew7; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 18:46:45 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 18:46:45 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://daddyhd.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 23-Nov-2024 18:46:45 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 18:47:00 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
PID=86262456; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fdaddyhd.com%2F; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 18:47:00 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2806377; Path=/; Domain=.unibet.nu; Expires=Fri, 25-Nov-2022 18:59:59 GMT; Max-Age=87194; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Thu, 24-Nov-2022 18:47:00 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://daddyhd.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 24 Nov 2022 18:46:45 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 346 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8b0a6ea4a1b52f72d93c9e643b0dd179
02df9611887db2044802892f436f0448eb0e332c
ec8284c369490389342d5a3a33d3501262ecd1498d46153689de13e4356b799c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC8284C369490389342D5A3A33D3501262ECD1498D46153689DE13E4356B799C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8427
Expires: Thu, 24 Nov 2022 21:07:12 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
45tcleeo7fvv.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 45tcleeo7fvv.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 45tcleeo7fvv.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86262456-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86262456-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2806377&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&sref=TRM&TRM=dL_266285.953898&affiliateId=1&pid=86262456&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A320665405%3A86262456-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/
Connection: keep-alive
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 24 Nov 2022 18:46:45 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86262456-37950&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&bid=37950&campaignId=2806377&pid=86262456
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 24 Nov 2022 18:46:45 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
nanouwho.com/9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://daddyhd.com/
Origin: https://daddyhd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 24 Nov 2022 18:46:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://daddyhd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5150086&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&wy=0&wx=0&ww=1280&wh=1024&cw=1080&wiw=1080&wih=608&wfc=5&sah=1002&drf=http%3A%2F%2Fstreamgo.to%2F&hil=1&ist=0&oaid=033a374a72044a66b18ecd23a54edbfd HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 43
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: scm=1; OAID=9051f09f916e40139d10e588ae4ad770; oaidts=1669315604
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://daddyhd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9d4c687023d98adf807fa7f6a8e6e97f
access-control-expose-headers: X-Sc
set-cookie: OAID=033a374a72044a66b18ecd23a54edbfd; expires=Fri, 24 Nov 2023 18:46:45 GMT; secure; SameSite=None
oaidts=1669315604; expires=Fri, 24 Nov 2023 18:46:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betteradsystem.com/Kog.asp?_=BAYAY3-8FAFjf7wUgAGBAsAAIBj0R8tfuJXOr7fGjUk9nXmU3VW0H3BuRAjq2cJGVTaZwQBHMEUCIFTJU_GXnziWOaXFf77FnEDfIMFHNfGxB8-frOTz57WgAiEA3NIK7GToqPvOWaRWMZLHchJ_9uKi6ThXbTlNSUoyVqo&v=4&WJDglCsN=4715884&minBid=0.0005&wFUJSDqX=0,0&VnYuGKtx=&MrPmJRYf=&s=1280,1024,1,1280,1024,0
162.252.213.208200 OK 44 B URL HTTP/1.1 betteradsystem.com/Kog.asp?_=BAYAY3-8FAFjf7wUgAGBAsAAIBj0R8tfuJXOr7fGjUk9nXmU3VW0H3BuRAjq2cJGVTaZwQBHMEUCIFTJU_GXnziWOaXFf77FnEDfIMFHNfGxB8-frOTz57WgAiEA3NIK7GToqPvOWaRWMZLHchJ_9uKi6ThXbTlNSUoyVqo&v=4&WJDglCsN=4715884&minBid=0.0005&wFUJSDqX=0,0&VnYuGKtx=&MrPmJRYf=&s=1280,1024,1,1280,1024,0
IP 162.252.213.208:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /Kog.asp?_=BAYAY3-8FAFjf7wUgAGBAsAAIBj0R8tfuJXOr7fGjUk9nXmU3VW0H3BuRAjq2cJGVTaZwQBHMEUCIFTJU_GXnziWOaXFf77FnEDfIMFHNfGxB8-frOTz57WgAiEA3NIK7GToqPvOWaRWMZLHchJ_9uKi6ThXbTlNSUoyVqo&v=4&WJDglCsN=4715884&minBid=0.0005&wFUJSDqX=0,0&VnYuGKtx=&MrPmJRYf=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: betteradsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 24 Nov 2022 18:46:45 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5415ce9f48521f24db23adf96a352b1
0233ac89af3fdc5cc1a2bc48e68b304b6972fbb4
b2787f8d3a5ec94336402997b8f05e24463e06a009a07e77d2f0d11658ff2e72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2787F8D3A5EC94336402997B8F05E24463E06A009A07E77D2F0D11658FF2E72"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Thu, 24 Nov 2022 20:07:48 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 938ccb8b09d8eb1c3c909124a75d53bb
d94b46efce8c3c0ceebc07aefe6054e963d86009
ab13d34d311327cc274a6ed4b51e9a6ba9c858290b8b3ad4962073a98de516ca
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1968
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://daddyhd.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1282da333101ca2229d6bbe482ca939
80a54289cbf8023dc45058af9391c52b956a4b8a
8e30655f84c3dedd33c4a3b98fc024c4e4905f6a51d8ae3317cba80aca268693
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E30655F84C3DEDD33C4A3B98FC024C4E4905F6A51D8AE3317CBA80ACA268693"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6900
Expires: Thu, 24 Nov 2022 20:41:45 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fstreamgo.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:49429871&@b3:1669315605&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&@w
192.99.13.63200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fstreamgo.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:49429871&@b3:1669315605&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 2528859ca87a6541a3f1a3e604cdd1c9
3021215ccf18e1c3b00a9758ba15e08b4fd6d645
3640e2a075d0636cbfd54b2fd59abf05570071b3db45646fc48b1bf3c3b0d659
GET /stats/0.php?2162676&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttp%3A%2F%2Fstreamgo.to%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:49429871&@b3:1669315605&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cfbd2ce6112b02f7372b98eee8cfea35
4139505fedf43dcff8f0750a8b756597b1b53a49
402f64d53dab79cf3b42e9fad35e4c5f762fc74b699ccb4f366dfe150ac5a5bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145913
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:45 GMT
Etag: "637f530e-116"
Expires: Sat, 26 Nov 2022 11:18:38 GMT
Last-Modified: Thu, 24 Nov 2022 11:18:38 GMT
Server: nginx
Content-Length: 278
soldierreproduceadmiration.com/sbar.json?key=feeb07fbce09c51f87784484286419a1&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1
192.243.59.13200 OK 4.1 kB URL HTTP/1.1 soldierreproduceadmiration.com/sbar.json?key=feeb07fbce09c51f87784484286419a1&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5835), with no line terminators
Hash a26259b801b2144c2cd500b84031e2d7
ab1fe7581f6441927cc1e761a1b5a2376fbab592
16e710fc211f5b0bf46482e156de7930e1f24db036f04e01c3d4237443c505eb
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=feeb07fbce09c51f87784484286419a1&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://streamgo.to
Access-Control-Allow-Origin: http://streamgo.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17018029; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; expires=Thu, 01 Dec 2022 18:46:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
slecfeeb07fbce09c51f87784484286419a1=[3760951]; expires=Thu, 24 Nov 2022 18:46:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c03afdda283d674efbe964184969ffa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
173.233.137.36200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e42ad97958495a2d8281ea284a78d293
Strict-Transport-Security: max-age=0; includeSubdomains
majorityevaluatewiped.com/pixel/purst?dl=0&th=0&sc=0&rs=922&rd=922&fd=829&bv=22.10.v.9&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 majorityevaluatewiped.com/pixel/purst?dl=0&th=0&sc=0&rs=922&rd=922&fd=829&bv=22.10.v.9&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=922&rd=922&fd=829&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: majorityevaluatewiped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamservicehd.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 28d04006a3e449b28e65369f3a70f4ea
20a461f8c035e118ba0bc6a8bc00d4b0913286bf
82c5a1a32ab313cd38b37983b758e02b1d0c95900a92b16e860e1b3ccb5d7d4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6105
Cache-Control: max-age=91221
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:45 GMT
Etag: "637e6591-117"
Expires: Fri, 25 Nov 2022 20:07:06 GMT
Last-Modified: Wed, 23 Nov 2022 18:25:21 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 02fb0ba28bfdf0f9a98ba86b83d44eac
3c48b9c2bf93d636f714023be338b24e30f6c750
899ad65ce1785f4a764d8ba3edd1eb6f5709ac89aacce61a6e0fcc03af48c319
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 62eade5fdfb410aabf8e48f64881aa7c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 18:46:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI2QihgfgbnIdaQqQOwLOgp2Lim1E%2BUcgMENGsSOeibqmsukUsBUEcNsf0yS%2FroqkB27mWPd6Vw82zIyPUqhMZ32Bj%2Bg4X3vplKA8mJI1VbjDGCLPUVCYH6qbXDFpxb2JphgzgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f242a47889d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2d5709a3262f2899e74a9922328a9332
19151c45fe6bca05d8ef34d55b47c0415afbe14a
3fed15e3ea2626759e34932b2ea8d0af694e2b5e7518b08134c3d402217d9b17
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 05:30:48 GMT
Expires: Thu, 01 Dec 2022 05:30:47 GMT
Etag: "19151c45fe6bca05d8ef34d55b47c0415afbe14a"
Cache-Control: max-age=556441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f44f282a2db51d-OSL
soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM9O93uIe4fVxb3T8iu5GpVdfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysyjXRpazdu1zy37p6vrcj0nH%2B%2B1pv8TPcNz23V3ddqbwu%2Bphcarue6nuvVrkgjYt1bmKKQ2V7o1UO37jfqXstHz%2Fz3bAsHljqIukfkWcho%2FL%2FVB%2FuQfIg0%2Be6ysGu5zl5%2FKykUzbVBN9p9N11LdZkiORlj4yBOd2dsaDsm5MtT0OnuzAF0d3viAEyOifOHB5buzmSCdXeOlTIFkYJFT6PsDiHUEJIOwfUdyOghAXiEGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gA8%2Fwgy%2BpUsPLmGNNm%2BaZWGjA7PUh54XjtqzfuBK%2BZ9RuP5kDfZvNtuBYyFARecTyOScggZD6FEH9Q6KCafdFDEDorMQRId1mgrjF23HbO42Qx8znmzyXkrOBe1oqYfxC4KPvHQR571wVUf3GwiM5tYk32Y4ifY1Qo2cmBzgm5UoRQEpSUoKUEpCcqcoOxWO5GyDVvdi5QtmDfrjVlvVgOdd7bojs47IiVb2RF5ZhKcc3rvG6yJw1osBJuI5MINecuLg3Y78P3AbwTnfC%2BkHqysIO2pqc0NOSYvLf6DTI4JqX4Gowew6gBcPgdavAxaDtoNF3R14AcuNtL7NjeCJh1dzzUiXSHL55CvO1vqiLw43V%2FI2xB89OaZ3%2F5878InbXBTITMV3pe%2FEHTU3cGyLsn2si4t2b%2BZ5TKRG3Sy21s5zcXc1%2B%2BI9VKb6Opl2%2F%2FqAp8Ak3HvtrD5NZpGMu1Ycv%2BijCJhrmjDBfnhql0RbKmwqxcLkxbZtaVLV64mmRHWSp0OQeXD9ufgckyeur45fbWvfPoA0gxhigpJMSKzgtQH4NkmbDZa%2FOvSFx%2F%2B%2F%2BwjWE1g1AmHZQ7KohqYBju5VHJMGo9fgBKjxf2jePlyZkBZBStOYmBi9OPfx%2Fwtexcd44Dmd5AmFbqmQldVoKoPW5we5JkZLf7enBaYcgZMGWebKaM%2BO47XysOaaMVuLNyGYHHI4jZ1ozD2Q0ZDT7RZi3rI7Zh%2F8P3z%2FwIAAP%2F%2FAQAA%2F%2F%2FiadxQkQQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 soldierreproduceadmiration.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM9O93uIe4fVxb3T8iu5GpVdfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysyjXRpazdu1zy37p6vrcj0nH%2B%2B1pv8TPcNz23V3ddqbwu%2Bphcarue6nuvVrkgjYt1bmKKQ2V7o1UO37jfqXstHz%2Fz3bAsHljqIukfkWcho%2FL%2FVB%2FuQfIg0%2Be6ysGu5zl5%2FKykUzbVBN9p9N11LdZkiORlj4yBOd2dsaDsm5MtT0OnuzAF0d3viAEyOifOHB5buzmSCdXeOlTIFkYJFT6PsDiHUEJIOwfUdyOghAXiEGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gA8%2Fwgy%2BpUsPLmGNNm%2BaZWGjA7PUh54XjtqzfuBK%2BZ9RuP5kDfZvNtuBYyFARecTyOScggZD6FEH9Q6KCafdFDEDorMQRId1mgrjF23HbO42Qx8znmzyXkrOBe1oqYfxC4KPvHQR571wVUf3GwiM5tYk32Y4ifY1Qo2cmBzgm5UoRQEpSUoKUEpCcqcoOxWO5GyDVvdi5QtmDfrjVlvVgOdd7bojs47IiVb2RF5ZhKcc3rvG6yJw1osBJuI5MINecuLg3Y78P3AbwTnfC%2BkHqysIO2pqc0NOSYvLf6DTI4JqX4Gowew6gBcPgdavAxaDtoNF3R14AcuNtL7NjeCJh1dzzUiXSHL55CvO1vqiLw43V%2FI2xB89OaZ3%2F5878InbXBTITMV3pe%2FEHTU3cGyLsn2si4t2b%2BZ5TKRG3Sy21s5zcXc1%2B%2BI9VKb6Opl2%2F%2FqAp8Ak3HvtrD5NZpGMu1Ycv%2BijCJhrmjDBfnhql0RbKmwqxcLkxbZtaVLV64mmRHWSp0OQeXD9ufgckyeur45fbWvfPoA0gxhigpJMSKzgtQH4NkmbDZa%2FOvSFx%2F%2B%2F%2BwjWE1g1AmHZQ7KohqYBju5VHJMGo9fgBKjxf2jePlyZkBZBStOYmBi9OPfx%2Fwtexcd44Dmd5AmFbqmQldVoKoPW5we5JkZLf7enBaYcgZMGWebKaM%2BO47XysOaaMVuLNyGYHHI4jZ1ozD2Q0ZDT7RZi3rI7Zh%2F8P3z%2FwIAAP%2F%2FAQAA%2F%2F%2FiadxQkQQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM9O93uIe4fVxb3T8iu5GpVdfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysyjXRpazdu1zy37p6vrcj0nH%2B%2B1pv8TPcNz23V3ddqbwu%2Bphcarue6nuvVrkgjYt1bmKKQ2V7o1UO37jfqXstHz%2Fz3bAsHljqIukfkWcho%2FL%2FVB%2FuQfIg0%2Be6ysGu5zl5%2FKykUzbVBN9p9N11LdZkiORlj4yBOd2dsaDsm5MtT0OnuzAF0d3viAEyOifOHB5buzmSCdXeOlTIFkYJFT6PsDiHUEJIOwfUdyOghAXiEGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gA8%2Fwgy%2BpUsPLmGNNm%2BaZWGjA7PUh54XjtqzfuBK%2BZ9RuP5kDfZvNtuBYyFARecTyOScggZD6FEH9Q6KCafdFDEDorMQRId1mgrjF23HbO42Qx8znmzyXkrOBe1oqYfxC4KPvHQR571wVUf3GwiM5tYk32Y4ifY1Qo2cmBzgm5UoRQEpSUoKUEpCcqcoOxWO5GyDVvdi5QtmDfrjVlvVgOdd7bojs47IiVb2RF5ZhKcc3rvG6yJw1osBJuI5MINecuLg3Y78P3AbwTnfC%2BkHqysIO2pqc0NOSYvLf6DTI4JqX4Gowew6gBcPgdavAxaDtoNF3R14AcuNtL7NjeCJh1dzzUiXSHL55CvO1vqiLw43V%2FI2xB89OaZ3%2F5878InbXBTITMV3pe%2FEHTU3cGyLsn2si4t2b%2BZ5TKRG3Sy21s5zcXc1%2B%2BI9VKb6Opl2%2F%2FqAp8Ak3HvtrD5NZpGMu1Ycv%2BijCJhrmjDBfnhql0RbKmwqxcLkxbZtaVLV64mmRHWSp0OQeXD9ufgckyeur45fbWvfPoA0gxhigpJMSKzgtQH4NkmbDZa%2FOvSFx%2F%2B%2F%2BwjWE1g1AmHZQ7KohqYBju5VHJMGo9fgBKjxf2jePlyZkBZBStOYmBi9OPfx%2Fwtexcd44Dmd5AmFbqmQldVoKoPW5we5JkZLf7enBaYcgZMGWebKaM%2BO47XysOaaMVuLNyGYHHI4jZ1ozD2Q0ZDT7RZi3rI7Zh%2F8P3z%2FwIAAP%2F%2FAQAA%2F%2F%2FiadxQkQQAAA%3D%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Cookie: u_pl=17018029; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfeeb07fbce09c51f87784484286419a1=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78ced97f45e5e765c76e1cd49d9f77d9
Strict-Transport-Security: max-age=0; includeSubdomains
xadsmart.com/NJi.htm?_=BAYAY3-8FQFjf7wVgAGBAsAAILzETAXYZVR670anKHvPX6VGTl6bOUR_vdckpZ5CyI5dwQBHMEUCIEiiG-DKuX_r1gYeg8ggtNRd8Uk5Yww04awryLlM9KGYAiEA5lWa1wyAs7NxUuWupwV-VqOFHHFI_2j-bRV0Y3gor8Q&v=4&aOuednGi=4893132&minBid=&ZOXflEFV=0,0&TYZFAnXf=&IOSxlrFZ=http%3A%2F%2Fstreamgo.to%2F&s=1280,1024,1,1280,1024,1
104.153.197.251200 OK 44 B URL HTTP/2 xadsmart.com/NJi.htm?_=BAYAY3-8FQFjf7wVgAGBAsAAILzETAXYZVR670anKHvPX6VGTl6bOUR_vdckpZ5CyI5dwQBHMEUCIEiiG-DKuX_r1gYeg8ggtNRd8Uk5Yww04awryLlM9KGYAiEA5lWa1wyAs7NxUuWupwV-VqOFHHFI_2j-bRV0Y3gor8Q&v=4&aOuednGi=4893132&minBid=&ZOXflEFV=0,0&TYZFAnXf=&IOSxlrFZ=http%3A%2F%2Fstreamgo.to%2F&s=1280,1024,1,1280,1024,1
IP 104.153.197.251:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /NJi.htm?_=BAYAY3-8FQFjf7wVgAGBAsAAILzETAXYZVR670anKHvPX6VGTl6bOUR_vdckpZ5CyI5dwQBHMEUCIEiiG-DKuX_r1gYeg8ggtNRd8Uk5Yww04awryLlM9KGYAiEA5lWa1wyAs7NxUuWupwV-VqOFHHFI_2j-bRV0Y3gor8Q&v=4&aOuednGi=4893132&minBid=&ZOXflEFV=0,0&TYZFAnXf=&IOSxlrFZ=http%3A%2F%2Fstreamgo.to%2F&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 24 Nov 2022 18:46:45 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7759
Expires: Thu, 24 Nov 2022 20:56:04 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.249200 OK 344 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7759
Expires: Thu, 24 Nov 2022 20:56:04 GMT
Date: Thu, 24 Nov 2022 18:46:45 GMT
Connection: keep-alive
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
104.18.25.188200 OK 18 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
IP 104.18.25.188:0
File type Unicode text, UTF-8 text, with very long lines (2096)
Hash e6e3a86f50bef2920ffb2a02b8854577
a4915f0e73d7a8c9ba298582699179c9478dd2f6
e91dfeeb8e51e1231b44c0c3a02118e55ef0d538b776140bb555b5f747622490
GET /nu/pop/sportsbook/football/wc/2022/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: EqJ6l4cI9XyehxuJDe4EbA==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
etag: W/"0x8DACD36E31CDDD4"
x-ms-request-id: 2e48c7f9-401e-005d-4a20-ff1886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f296eb6b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fe7888cbc24bb2a70759f2d7b0503265
6ee27717a365a89f41b90388174fc557a1158fde
af4ee1bef93a2d65c8e464b148f42ccc4c2e2210e73df1d26f9281719ddab1df
GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E3B02EBB"
x-ms-request-id: a2357d1a-b01e-0049-4f20-ff50e9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ee5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 06:32:03 GMT
expires: Thu, 23 Nov 2023 06:32:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 130483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 957 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86262456%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669315605098)%5c%2f%22%2c%22CookieTag%22%3a%223795086262456451240919C202211241846%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
104.18.25.188200 OK 6.5 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 58ecfa5cf5d37eb6a8a7a879dbe5e4d2
7d89c28b5790cfe514b7710be18c0ee7c8b442c3
5d904d160027d0c3fd8808704a7325cc648caec7f07ea895ee6f4088749d0be6
GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4DBD8DB"
x-ms-request-id: deea5553-401e-003f-1d20-ffdaa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118926
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ecab512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.25.188200 OK 2.7 kB URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.25.188:0
Hash 39140a6623f9c96b1b8c256a36eda489
1bd92730124b57fdd97c1e5f8b08388456352101
d71968ca9756b7d1364ecb94863e361d21ecaa5d42fb6220718a691175e94800
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 180312
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f296eb8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f2d8c84168fac835cfedc4e3f49dd87e
8850fca6914fe68a79ba16dbf5d8aa120ba9eed6
02366941cc203e7fb16325c12b9c3e59952473eab7a943b3a9faeef2eaeb5218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5981
Cache-Control: max-age=154783
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:46 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 13:46:29 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
104.18.25.188200 OK 176 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2084), with no line terminators
Size 176 kB (175458 bytes)
Hash c24aaaddafbadfa591b476678efd2a1d
4747f416da16fd85097ed38f6d56dc6132bc9b85
ac729acd04d93dab5610f5ae09606ec28debcf71a4645ba090f3a905d30936c0
GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: u/57C1Al21ESpXtbDs6sbw==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4CEBB6D"
x-ms-request-id: 1a7d30f0-801e-0042-4320-ffab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ed3b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=48
192.243.59.13200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=48
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Findex.html&l=1525&fd=48 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.3 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash cbef8dfd9099a242337be2297ad8c1a7
ce80a525c9e69c5f69ea887d138c45355b5b5274
6725117c6e50ed8eb848459c1de9009cf0d85cec6e289f6a486c512cd0f912fd
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86262456%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669315605098)%5c%2f%22%2c%22CookieTag%22%3a%223795086262456451240919C202211241846%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js
172.64.108.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash b72af9d2278a182226733fe1a5c40f0c
680d33bcfbc5a2de350b70606adabefcbb9130b4
f3f0e3aaab1b5950f45aa20351828b55840f5dc9690d868179e8aa44a27df000
GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 90226
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lo%2B7XBpyrGc3tCWVpRJCO99OiIMhyvA71yJumveZmpbFWqdO%2BL9ORQq4OLNsM2KLkTn%2Fiut8Jxkhuc5tB7D9wLIq3vdkMmVt00Imbalv50EcpAVwnrbUpBABBt0oM1EW2hVABMpPikFs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f29bc5d75b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
45tcleeo7fvv.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 45tcleeo7fvv.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 45tcleeo7fvv.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:45 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
104.18.25.188200 OK 1.3 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash b9b8af06f6f0c330eecde65fee95a9d2
708564769bc03e852facad42bd4f463eb539e7e5
a71629afab6258a97be4b6423e02a1aae2963c91b44a9baf068ce22a0befae85
GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E38C7F49"
x-ms-request-id: fbb0f526-001e-0011-3020-ff88b6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ec5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ifknittedhurtful.com/sbar.json?key=1843019bf263f39accf339e8c46780a9&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1
192.243.59.20200 OK 3.9 kB URL HTTP/1.1 ifknittedhurtful.com/sbar.json?key=1843019bf263f39accf339e8c46780a9&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5791), with no line terminators
Hash 485564089cf2cbf9caf73db18e0ac2ff
cdebe41747d7f98b53132ed5c9545888090b46b2
180ea7acc37a6f3b62793d61ef0528228a906543b28a58ea890e98ab66e4151a
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=1843019bf263f39accf339e8c46780a9&uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc%3A1%3A1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://daddyhd.com
Access-Control-Allow-Origin: https://daddyhd.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16749046; expires=Fri, 25 Nov 2022 18:46:45 GMT; secure; SameSite=None
uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; expires=Thu, 01 Dec 2022 18:46:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 18:46:46 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 18:46:46 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 18:46:46 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 18:46:46 GMT; secure; SameSite=None
slec1843019bf263f39accf339e8c46780a9=[3396716]; expires=Thu, 24 Nov 2022 18:46:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15d647593a4415b96e0dc3b450b3f28f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86262456-37950&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&bid=37950&campaignId=2806377&pid=86262456
104.18.25.188200 OK 291 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86262456-37950&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&bid=37950&campaignId=2806377&pid=86262456
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (493)
Size 291 kB (291240 bytes)
Hash e89798068c22b0e119640fa1ea550f95
6c89d7f042112127d34c434459295a784e19e7de
82d97712e6159041c88fceed0cac42d64b7940f00ccab270884c55078b2989c2
GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:320665405:86262456-37950&btag=320665405_1176A66E79ED440785E4BB57A311A1BD&bid=37950&campaignId=2806377&pid=86262456 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddyhd.com/
Connection: keep-alive
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: z9wBcojvf/7eDR39nfDjGQ==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
x-ms-request-id: 5b7665bc-401e-0072-1735-00154d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f279b75b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
104.18.25.188200 OK 19 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash f0b87ac99c601f939efc5e8d3b509f79
e41647be664ff2bd06da45a4e0b67e4b405a87b5
b893404c99d827648cb84688b1e6dad305fdb21f6866d721cf318c326372a4d1
GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Wed, 23 Nov 2022 09:41:25 GMT
etag: W/"0x8DACD36E36045A2"
x-ms-request-id: ad0e1658-501e-0033-8020-ff4da9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118926
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ec6b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
104.18.25.188200 OK 86 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b3990054bfde84e95cf50b01148c6e82
1d7b4eb50887d02d08d73e80c155c052cc42a76d
a43747b2a4a5c7f44728e47599c6d99499e9ec45864ff6d712456a5d57e52a22
GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Wed, 23 Nov 2022 09:41:26 GMT
etag: W/"0x8DACD36E40AC4AE"
x-ms-request-id: 0138e59e-301e-0047-1920-ff7959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ee6b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=255
192.243.59.13200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=255
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=255 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.25.188404 Not Found 74 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 41d4115775d78d89f2f64a5fa155fc23
b0a4b824a59df8c6f8fd539084bbd0db42feb222
2e1ceb48acdba734520d9904fc5e5390584edcc7cc7f2669f794e13d655dc57a
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/xml
x-ms-request-id: 63d8d41b-301e-0057-2134-00bc31000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 177
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ed4b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
172.64.108.13200 OK 19 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css
IP 172.64.108.13:0
Hash 94b63cd868de9d7bb81af7d53223a4b8
f4e19dece150eeb4df3838a7574a5745a593c80d
905f6886dd3d5e9331e123820202dea624331d10f297affc336619098b02dd33
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPQIAp9s7nEP7VQAi7lPgdIB06SAubtZWTIhwQzEPKIifvw%2Fcr1szF79h8mTUVXoPDE2n9AfX87MViGR14I2h10DEf2uFeDLApxSiUC5SPKvmhnqtqMdU2avAi9%2Bc6ElqHCWy21ueFze"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f298c0175b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/widget/betslip/betslip.js
104.18.25.188200 OK 22 kB URL HTTP/2 welcome.unibet.nu/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash e8ff042d048f7e620ba5e7a18e3fd52c
4e6c78dd5c72912eff00a05a18062b82b583166e
61b2db7dd796549301f5c04e8dddafcd2d1d0b6f0210b87b09243b9456f3ad1d
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118928
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2a88a2b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: null
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 83558
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 18:46:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ifknittedhurtful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzsZncsWKw1EkyT0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3c%2FPiI%2Bcjjdum12lNV1sVP3Ka5sqEaZwlbV7lcCv%2BtcrmypZql%2Bv9CY%2F230z8BtV%2F%2FXKe5Jvm8WaH%2Fh%2B4AeVZWVlbHqLUxYqPY6CauRX67Vq0KijZ%2F%2BLXe7BUQ%2Bie0aehxKj%2F239%2BBSKD5F0ntySbjsz6RvvdnJNM2PRFUcfJNuJKRJ05mNsPcTJ0Wwbxo0I%2BewSTHI0cwDTPZg4AFMj4v0agCVHM5lg3cMLpUxDJmDi%2Fyi6Q0g9hKJDcHMfSjwjABdYW0fSebRmbEF3Llg6YUfkyvmfUMWIXPn9RSSdL29q1avcNTrPlEkcenEJ1RtCtYdI8xNkux5UcQKefQIlfiKL56tIOgfrThsoMX6V8lYQNEVjod7y5UKd0Xgh4iFb8JuNFmNRi0vOpxEpNYSKh9CyD%2Bo85JNPechjD3nqoSPGFdqIYt9vxiwOw1adcx6GnDdaS6Ihwnor9pHziYc%2BsrQPrvvgdg%2Bp3cO26sPm38JtlXDCg8sIuqJEIQkKR1BQgkIRFBlB0S0PhXY1Vz4S2uUsmPXarIflwGTtfXposrZMyH56Rp6bBvf3w3Nsy3ElaNVDP4hYXFsK4zCinMdhGMkWry81Wz6N4FQJ5S5Nbe6qEbn2%2FVWk6tlbAzB6AqdPwNULoPkroMWgWfNBtwb1lo%2Fd5FhQIXa06soqNxCmRJpdQbbj7esz8tJURfiLhuSnNz5kt0d%2FPP4L3JZIbYmP1HcEbf1gcMcU5OCOKRx5up5mqqN26eRq72Y0k5c%2Ff1%2FuFMaKlVuu%2F%2FhtPiEm4%2FE96bJVmgiVtB354qYSQtplY7kk36y4Tck2crd1M7dJnq5uvLO80kmtdE6ZZAiqRoT8cAquRuTqV%2BPps335tydQdgibl%2Bjkp2RWUOYEPN2DS%2Bf6nSGwer7DUg9FXg5sjc0PtSLQco4pK%2BH%2Bhdl83ncP0LYeaHYfSadE15bo6hJU9%2BHyy4Mstac3fg6nBaa9AdPWO2Da6ocX4To1rshG7MfSr0kWRyxuUl9EcT1iNApkkzVogMyN%2BMdfX%2FsHAAD%2F%2FwEAAP%2F%2Fmf2mWo4EAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 ifknittedhurtful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzsZncsWKw1EkyT0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3c%2FPiI%2Bcjjdum12lNV1sVP3Ka5sqEaZwlbV7lcCv%2BtcrmypZql%2Bv9CY%2F230z8BtV%2F%2FXKe5Jvm8WaH%2Fh%2B4AeVZWVlbHqLUxYqPY6CauRX67Vq0KijZ%2F%2BLXe7BUQ%2Bie0aehxKj%2F239%2BBSKD5F0ntySbjsz6RvvdnJNM2PRFUcfJNuJKRJ05mNsPcTJ0Wwbxo0I%2BewSTHI0cwDTPZg4AFMj4v0agCVHM5lg3cMLpUxDJmDi%2Fyi6Q0g9hKJDcHMfSjwjABdYW0fSebRmbEF3Llg6YUfkyvmfUMWIXPn9RSSdL29q1avcNTrPlEkcenEJ1RtCtYdI8xNkux5UcQKefQIlfiKL56tIOgfrThsoMX6V8lYQNEVjod7y5UKd0Xgh4iFb8JuNFmNRi0vOpxEpNYSKh9CyD%2Bo85JNPechjD3nqoSPGFdqIYt9vxiwOw1adcx6GnDdaS6Ihwnor9pHziYc%2BsrQPrvvgdg%2Bp3cO26sPm38JtlXDCg8sIuqJEIQkKR1BQgkIRFBlB0S0PhXY1Vz4S2uUsmPXarIflwGTtfXposrZMyH56Rp6bBvf3w3Nsy3ElaNVDP4hYXFsK4zCinMdhGMkWry81Wz6N4FQJ5S5Nbe6qEbn2%2FVWk6tlbAzB6AqdPwNULoPkroMWgWfNBtwb1lo%2Fd5FhQIXa06soqNxCmRJpdQbbj7esz8tJURfiLhuSnNz5kt0d%2FPP4L3JZIbYmP1HcEbf1gcMcU5OCOKRx5up5mqqN26eRq72Y0k5c%2Ff1%2FuFMaKlVuu%2F%2FhtPiEm4%2FE96bJVmgiVtB354qYSQtplY7kk36y4Tck2crd1M7dJnq5uvLO80kmtdE6ZZAiqRoT8cAquRuTqV%2BPps335tydQdgibl%2Bjkp2RWUOYEPN2DS%2Bf6nSGwer7DUg9FXg5sjc0PtSLQco4pK%2BH%2Bhdl83ncP0LYeaHYfSadE15bo6hJU9%2BHyy4Mstac3fg6nBaa9AdPWO2Da6ocX4To1rshG7MfSr0kWRyxuUl9EcT1iNApkkzVogMyN%2BMdfX%2FsHAAD%2F%2FwEAAP%2F%2Fmf2mWo4EAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzsZncsWKw1EkyT0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3c%2FPiI%2Bcjjdum12lNV1sVP3Ka5sqEaZwlbV7lcCv%2BtcrmypZql%2Bv9CY%2F230z8BtV%2F%2FXKe5Jvm8WaH%2Fh%2B4AeVZWVlbHqLUxYqPY6CauRX67Vq0KijZ%2F%2BLXe7BUQ%2Bie0aehxKj%2F239%2BBSKD5F0ntySbjsz6RvvdnJNM2PRFUcfJNuJKRJ05mNsPcTJ0Wwbxo0I%2BewSTHI0cwDTPZg4AFMj4v0agCVHM5lg3cMLpUxDJmDi%2Fyi6Q0g9hKJDcHMfSjwjABdYW0fSebRmbEF3Llg6YUfkyvmfUMWIXPn9RSSdL29q1avcNTrPlEkcenEJ1RtCtYdI8xNkux5UcQKefQIlfiKL56tIOgfrThsoMX6V8lYQNEVjod7y5UKd0Xgh4iFb8JuNFmNRi0vOpxEpNYSKh9CyD%2Bo85JNPechjD3nqoSPGFdqIYt9vxiwOw1adcx6GnDdaS6Ihwnor9pHziYc%2BsrQPrvvgdg%2Bp3cO26sPm38JtlXDCg8sIuqJEIQkKR1BQgkIRFBlB0S0PhXY1Vz4S2uUsmPXarIflwGTtfXposrZMyH56Rp6bBvf3w3Nsy3ElaNVDP4hYXFsK4zCinMdhGMkWry81Wz6N4FQJ5S5Nbe6qEbn2%2FVWk6tlbAzB6AqdPwNULoPkroMWgWfNBtwb1lo%2Fd5FhQIXa06soqNxCmRJpdQbbj7esz8tJURfiLhuSnNz5kt0d%2FPP4L3JZIbYmP1HcEbf1gcMcU5OCOKRx5up5mqqN26eRq72Y0k5c%2Ff1%2FuFMaKlVuu%2F%2FhtPiEm4%2FE96bJVmgiVtB354qYSQtplY7kk36y4Tck2crd1M7dJnq5uvLO80kmtdE6ZZAiqRoT8cAquRuTqV%2BPps335tydQdgibl%2Bjkp2RWUOYEPN2DS%2Bf6nSGwer7DUg9FXg5sjc0PtSLQco4pK%2BH%2Bhdl83ncP0LYeaHYfSadE15bo6hJU9%2BHyy4Mstac3fg6nBaa9AdPWO2Da6ocX4To1rshG7MfSr0kWRyxuUl9EcT1iNApkkzVogMyN%2BMdfX%2FsHAAD%2F%2FwEAAP%2F%2Fmf2mWo4EAAA%3D HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7730944b71fc46b57916b8779474b3f
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=395
192.243.59.13200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=395
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=395 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
secure.adnxs.com/seg?add=9755599
37.252.171.85307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 88f2e7c9-5d85-41d6-8e33-2d50d2548eef
Set-Cookie: uuid2=2942133429008684610; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 18:46:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.85200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 48654803-b8ad-4ccf-af30-ffdd35126cff
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVMdw)nH!]tbP6j2F-XstGt!@E$:%#x?A; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 18:46:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=28
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=28
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=28 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f44f2d3af5b517-OSL
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1933c91dd098954663a84bdd2e9a86e1
c0a86bb2170091b0fc60baf8717bce819383eef3
c8f7d0ba86d7858855432d442be3c72343a8d52b0042d810d26589d11d5236c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daddyhd.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg
172.64.108.13200 OK 22 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg
IP 172.64.108.13:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x292, components 3\012- data
Hash e1f754e6014f2a7636aa19acdf37eaa7
72ded7fb65560b2702630d5208386654f294e8e9
8b9e400d61eb3c28929db8209c3136b14e2112d6eb8b4f504b74f6cca67b50fe
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: image/jpeg
content-length: 21845
last-modified: Wed, 03 Aug 2022 08:33:45 GMT
etag: "62ea32e9-5555"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 795346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHkjQGszhxKx9QPoDB%2BC0lCM8HZxINbj5GP0YDojiP2lBf8CrnBVdCrrrDmiD1J%2FchvnuMbRDBQh4A5AHvbFOWjlhSmqYY%2FplJfT42RMAVkxQh7cXF2bxH6EMsO3GcdWOskYRmKlDY60"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2d4a1675b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css
172.64.108.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css
IP 172.64.108.13:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/css
last-modified: Tue, 17 Aug 2021 13:04:04 GMT
etag: W/"611bb3c4-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 757319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHLhrkTBWk9CM%2BU5%2FfF%2BhTR2pW3C4uWvCVubQae8x549nrtgUQ%2FW9DWHOHdMjSjYL2D4jHZchJP3853gqompHOmdoVQIlcvBPuhtboPmzi%2FtPigky2B62naww3cIxso7RNctzKIxQm1V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2c88c875b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css
172.64.108.13200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css
IP 172.64.108.13:0
Hash d3b82ac873ac7422d92e1ee874bf042c
fcf8a5d8bbaef2733d30c487ab54a7c73fdd083c
dcdbb8172c8fb7aca5842a27db335a3c8ff79fbb4cb59f94ef2f0570fb2e63ba
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 15:54:46 GMT
etag: W/"61f80646-e35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 757319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJdepRLchdIFo2xPytVLnQ64EcwyV7c0JDy1ciXRBtCADIFwQywNaz0iENr81MLQIPW9rKLavC10WeI58%2F698rtPd%2FFKc9WRTDs3v5NBIUWLScypZ5FzV%2BdFQBaWkyNiTmd2%2FIEBQsfy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2c88cc75b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
172.64.108.13200 OK 4.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js
IP 172.64.108.13:0
Hash 52e09a76d5c77aea6e4e39c37ed23f50
671ab4ce2e6ce4bbd4b99b5a32bd2dea4723d50d
57dd0534bbb95e1f81aee274ec01852b8a965ecd6a274551ab395584248c3108
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7st2CISXS2DE9FFk61%2BD5wJKPl8kte%2BN%2FeRwUNna%2F7%2BVvNyAA4Ev46CP4Xt6LhdWAJlu3OI4A0CpbBgDyqOTghbyXlXM734BNRXGVXL%2F%2B%2F%2FpX64yli%2FqJ4x5b%2Bpuj%2F%2FlHxqDbOvc%2BKBK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2a6d4775b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 20:16:50 GMT
Expires: Thu, 23 Nov 2023 20:16:50 GMT
Cache-Control: public, max-age=31536000
Age: 80996
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=40
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=40
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=40 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 20:16:46 GMT
Expires: Thu, 23 Nov 2023 20:16:46 GMT
Cache-Control: public, max-age=31536000
Age: 81000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=39
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=39
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=39 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 85977
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM92z3uIe4fVxb3T8iu5Gp1VfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysy5bq0tRu3a55bd8%2FXVmR6zj9f601%2BpvuG57bq7mu1twVb0wsN13Ndz%2FVqV6QRse4tTFHIbK%2Ft1dtu3W%2FUvZaPnvnv2RYOLHXAu0fkWUg%2B%2Ft%2Fqg31INkSafHdZ2LVcZ6%2B%2FlRSK5tqgy3ffTddSXaZITsbYOIjT3Rkb2o4J%2BfIUdLo7cwDd3Z44QCTHxPnDQ5TuzmQi6u4cK40URIqIP42yO4RQQ0g6BNN3IPlDAjCOGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gAs%2FwiS%2F0oWnlxDmmzftEpD8sOzlIWeF%2FDWvB%2B6Yt6PaDzfZs1o3g1aYRS1QyYYm0Yk5RAyHkKJPqh1UEw%2B6aCIHRSZg4Qf1mirHbtuEEdxsxn6jLFmk7FWeI63eNMPYxcFm3joI8%2F6YKoPZjaRmU2syT5M8RPsagXLHdicoMsrlIKgtAQlJSglQZkTlN1qhyvbsNU9rmwRebPemPVmNdB5Z4vu6LwjUrKVHZFnJsE5p%2Fe%2BwZo4rMVCRBORTLht1vLiMAhC3w%2F9RnjO99rUg5UVpD01tbkhx%2BSlxX%2BQyTEh1c%2BI6AGsOgCTz4EWL4OWg6Dhgq4O%2FNDFRnrf5kbQpKPruQbXFbJ8Dvm6s6WOyIvT%2FbVZAMFGb5757c%2F3LnwSgJkKmanwvvyFoKPuDpZ1SbaXdWnJ%2Fs0sl4ncoJPd3sppLua%2Bfkesl9rwq5dt%2F6sLbAJMxr3bwubXaMpl2rHk%2FkXJuTBXtGGC%2FHDVrohoqbCrFwuTFtm1pUtXriaZEdZKnQ5B5cPgczA5Jk9d35y%2B2lc%2BfQBphjBFhaQYkVlB6gOwbBM2Gy3%2BdemLD%2F9%2F9hGsJjDqhBNlDsqiGphGdHKp5Jg0Hr8AJUaL%2B0fx8uXMgEYVrDiJIRKjH%2F8%2B5m%2FZu%2BgYBzS%2FgzSp0DUVuqoCVX3Y4vQgz8xo8ffmtBApZxAp42xHyqjPjuO18rDW8nwRRmHAOI8E417QaIZN121w7gdt4bWR2zH74Pvn%2FwUAAP%2F%2FAQAA%2F%2F%2F2YVK2kQQAAA%3D%3D
192.243.59.13200 OK 432 B URL HTTP/1.1 soldierreproduceadmiration.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM92z3uIe4fVxb3T8iu5Gp1VfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysy5bq0tRu3a55bd8%2FXVmR6zj9f601%2BpvuG57bq7mu1twVb0wsN13Ndz%2FVqV6QRse4tTFHIbK%2Ft1dtu3W%2FUvZaPnvnv2RYOLHXAu0fkWUg%2B%2Ft%2Fqg31INkSafHdZ2LVcZ6%2B%2FlRSK5tqgy3ffTddSXaZITsbYOIjT3Rkb2o4J%2BfIUdLo7cwDd3Z44QCTHxPnDQ5TuzmQi6u4cK40URIqIP42yO4RQQ0g6BNN3IPlDAjCOGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gAs%2FwiS%2F0oWnlxDmmzftEpD8sOzlIWeF%2FDWvB%2B6Yt6PaDzfZs1o3g1aYRS1QyYYm0Yk5RAyHkKJPqh1UEw%2B6aCIHRSZg4Qf1mirHbtuEEdxsxn6jLFmk7FWeI63eNMPYxcFm3joI8%2F6YKoPZjaRmU2syT5M8RPsagXLHdicoMsrlIKgtAQlJSglQZkTlN1qhyvbsNU9rmwRebPemPVmNdB5Z4vu6LwjUrKVHZFnJsE5p%2Fe%2BwZo4rMVCRBORTLht1vLiMAhC3w%2F9RnjO99rUg5UVpD01tbkhx%2BSlxX%2BQyTEh1c%2BI6AGsOgCTz4EWL4OWg6Dhgq4O%2FNDFRnrf5kbQpKPruQbXFbJ8Dvm6s6WOyIvT%2FbVZAMFGb5757c%2F3LnwSgJkKmanwvvyFoKPuDpZ1SbaXdWnJ%2Fs0sl4ncoJPd3sppLua%2Bfkesl9rwq5dt%2F6sLbAJMxr3bwubXaMpl2rHk%2FkXJuTBXtGGC%2FHDVrohoqbCrFwuTFtm1pUtXriaZEdZKnQ5B5cPgczA5Jk9d35y%2B2lc%2BfQBphjBFhaQYkVlB6gOwbBM2Gy3%2BdemLD%2F9%2F9hGsJjDqhBNlDsqiGphGdHKp5Jg0Hr8AJUaL%2B0fx8uXMgEYVrDiJIRKjH%2F8%2B5m%2FZu%2BgYBzS%2FgzSp0DUVuqoCVX3Y4vQgz8xo8ffmtBApZxAp42xHyqjPjuO18rDW8nwRRmHAOI8E417QaIZN121w7gdt4bWR2zH74Pvn%2FwUAAP%2F%2FAQAA%2F%2F%2F2YVK2kQQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash e4e15f608aa4846cd71d321e204009d9
43c2c2df9e328a303e7e2934944e7280aa4ed148
fece560e38bd9009a02165dfc8ffcc0e70193d01dbf49000a9b1fbe41726a187
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRut3s3vd9CTuiIKyhz2oGAm3TM92z3uIe4fVxb3T8iu5Gp1VfWkTHVXU9U9PcnF6IKs4GFEBI%2BdN8kG3SjmrqgTL8uAuONBctjcPHkRFha8yUwGgh90f1%2FVe4f33lcfbxVHxEVBD5eu6w2pFF1o1d3aqysy5bq0tRu3a55bd8%2FXVmR6zj9f601%2BpvuG57bq7mu1twVb0wsN13Ndz%2FVqV6QRse4tTFHIbK%2Ft1dtu3W%2FUvZaPnvnv2RYOLHXAu0fkWUg%2B%2Ft%2Fqg31INkSafHdZ2LVcZ6%2B%2FlRSK5tqgy3ffTddSXaZITsbYOIjT3Rkb2o4J%2BfIUdLo7cwDd3Z44QCTHxPnDQ5TuzmQi6u4cK40URIqIP42yO4RQQ0g6BNN3IPlDAjCOGzeRJvduaFPS9WOUTtAxmXvyGLIck7lHZ5Am315Usle7pVWRS51a9OIKsjeE7AyRFQfINxzI8gAs%2FwiS%2F0oWnlxDmmzftEpD8sOzlIWeF%2FDWvB%2B6Yt6PaDzfZs1o3g1aYRS1QyYYm0Yk5RAyHkKJPqh1UEw%2B6aCIHRSZg4Qf1mirHbtuEEdxsxn6jLFmk7FWeI63eNMPYxcFm3joI8%2F6YKoPZjaRmU2syT5M8RPsagXLHdicoMsrlIKgtAQlJSglQZkTlN1qhyvbsNU9rmwRebPemPVmNdB5Z4vu6LwjUrKVHZFnJsE5p%2Fe%2BwZo4rMVCRBORTLht1vLiMAhC3w%2F9RnjO99rUg5UVpD01tbkhx%2BSlxX%2BQyTEh1c%2BI6AGsOgCTz4EWL4OWg6Dhgq4O%2FNDFRnrf5kbQpKPruQbXFbJ8Dvm6s6WOyIvT%2FbVZAMFGb5757c%2F3LnwSgJkKmanwvvyFoKPuDpZ1SbaXdWnJ%2Fs0sl4ncoJPd3sppLua%2Bfkesl9rwq5dt%2F6sLbAJMxr3bwubXaMpl2rHk%2FkXJuTBXtGGC%2FHDVrohoqbCrFwuTFtm1pUtXriaZEdZKnQ5B5cPgczA5Jk9d35y%2B2lc%2BfQBphjBFhaQYkVlB6gOwbBM2Gy3%2BdemLD%2F9%2F9hGsJjDqhBNlDsqiGphGdHKp5Jg0Hr8AJUaL%2B0fx8uXMgEYVrDiJIRKjH%2F8%2B5m%2FZu%2BgYBzS%2FgzSp0DUVuqoCVX3Y4vQgz8xo8ffmtBApZxAp42xHyqjPjuO18rDW8nwRRmHAOI8E417QaIZN121w7gdt4bWR2zH74Pvn%2FwUAAP%2F%2FAQAA%2F%2F%2F2YVK2kQQAAA%3D%3D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Cookie: u_pl=17018029; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfeeb07fbce09c51f87784484286419a1=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:46 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43b740c5c8fc1e79b6db34ecfb8eace5
Strict-Transport-Security: max-age=0; includeSubdomains
ifknittedhurtful.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ifknittedhurtful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzMZmctWKy1Umyb0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3S1OiI%2BCTtZumW2lNV1u1v3aa%2BsqFaZ0tdv3aoFf9y%2FX1lW6El2u9ac%2F23sz8Jt1%2F%2FXae5JvmuWGH%2Fh%2B4Ae168rKxPSXZyxUdtgO6m2%2FHjXqQTNC3%2F4Xu8KDox5E74Q8DyXG%2F9v48SkUHyHtPrkm3WZusjfe7Raa5saiJw4%2BSDdTU6boLsbEekjSg%2Fk2jBsT8tk5mPRg7gCmtzd1AKbGxPs1AEsP5jLBevtnSpmGTMHE%2F1H2RpB6BEVH4OY%2BlHhGAC5wexVp99FtY0u6dcbSKTsmF07%2FhCrH5MLvLyLtfnlVq37trtFFrkzq0E8qqP4IqjNCVhwh3%2FagyiPw%2FBMo8RNZPr2JtLu36rSBEpNXKY%2BDoCWaS1Hsy6WI0WSpzUO25LeaMWPtmEvOZxEpNYJKRtByAOo8FNNPeSgSD0XmoSsmNdpsJ77fSlgShnHEOQ9DzpvximiKMIoTHwWfehggzwbgegBud5DZHWyqAWzxLdxGBSc8uJygJyqUkqB0BCUlKBVBmROUvWpfaNdw1SOhXcGCeW%2FMe1gNTd7Zpfsm78iU7GYn5LlZcH8%2FPMWmnNSCOAr9oM2SxkqYhG3KeRKGbRnzaKUV%2B7QNpyood25mc1uNyaXvLyJTz94agtEjOH0Erl4ALV4BLYethg%2B6MYxiH9vpoaBCbGnVk3VuIEyFLL%2BAfMvb1SfkpZmK8BcNyY%2BvfMhujf94%2FBe4rZDZCh%2Bp7wg6%2BsHwjinJ3h1TOvJ0NctVV23T6dXezWkuz3%2F%2BvtwqjRU3rrnB47f5lJiOh%2Feky2%2FSVKi048gXV5UQ0l43lkvyzQ23Ltla4TauFjYtsptr71y%2F0c2sdE6ZdASqxoT8cAyuxuTiV5PZs335tydQdgRbVOgWx2ReUOYIPNuByxb6nSGwerHDMg9lUQ1tgy0OtSLQcoEpq%2BD%2Bhdli3nUP0LEeaH4fabdCz1bo6QpUD%2BCK88M8s8dXfg5nBaa9IdPW22Pa6odn4To1qTWDSMYsbnEhmOQiaDXCOPT9hhBRqy2DNnI35h9%2FfekfAAAA%2F%2F8BAAD%2F%2F431KLyOBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 ifknittedhurtful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzMZmctWKy1Umyb0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3S1OiI%2BCTtZumW2lNV1u1v3aa%2BsqFaZ0tdv3aoFf9y%2FX1lW6El2u9ac%2F23sz8Jt1%2F%2FXae5JvmuWGH%2Fh%2B4Ae168rKxPSXZyxUdtgO6m2%2FHjXqQTNC3%2F4Xu8KDox5E74Q8DyXG%2F9v48SkUHyHtPrkm3WZusjfe7Raa5saiJw4%2BSDdTU6boLsbEekjSg%2Fk2jBsT8tk5mPRg7gCmtzd1AKbGxPs1AEsP5jLBevtnSpmGTMHE%2F1H2RpB6BEVH4OY%2BlHhGAC5wexVp99FtY0u6dcbSKTsmF07%2FhCrH5MLvLyLtfnlVq37trtFFrkzq0E8qqP4IqjNCVhwh3%2FagyiPw%2FBMo8RNZPr2JtLu36rSBEpNXKY%2BDoCWaS1Hsy6WI0WSpzUO25LeaMWPtmEvOZxEpNYJKRtByAOo8FNNPeSgSD0XmoSsmNdpsJ77fSlgShnHEOQ9DzpvximiKMIoTHwWfehggzwbgegBud5DZHWyqAWzxLdxGBSc8uJygJyqUkqB0BCUlKBVBmROUvWpfaNdw1SOhXcGCeW%2FMe1gNTd7Zpfsm78iU7GYn5LlZcH8%2FPMWmnNSCOAr9oM2SxkqYhG3KeRKGbRnzaKUV%2B7QNpyood25mc1uNyaXvLyJTz94agtEjOH0Erl4ALV4BLYethg%2B6MYxiH9vpoaBCbGnVk3VuIEyFLL%2BAfMvb1SfkpZmK8BcNyY%2BvfMhujf94%2FBe4rZDZCh%2Bp7wg6%2BsHwjinJ3h1TOvJ0NctVV23T6dXezWkuz3%2F%2BvtwqjRU3rrnB47f5lJiOh%2Feky2%2FSVKi048gXV5UQ0l43lkvyzQ23Ltla4TauFjYtsptr71y%2F0c2sdE6ZdASqxoT8cAyuxuTiV5PZs335tydQdgRbVOgWx2ReUOYIPNuByxb6nSGwerHDMg9lUQ1tgy0OtSLQcoEpq%2BD%2Bhdli3nUP0LEeaH4fabdCz1bo6QpUD%2BCK88M8s8dXfg5nBaa9IdPW22Pa6odn4To1qTWDSMYsbnEhmOQiaDXCOPT9hhBRqy2DNnI35h9%2FfekfAAAA%2F%2F8BAAD%2F%2F431KLyOBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RS32sc1R%2B90%2FYLhe%2BTPygoCPvgg4LZzOzMZmctWKy1Umyb0Fby6v01m2vuzh3undnZ5MVgQfq4ffNxcjZpqAZpwUcF2YgiAaGrIAua%2F0GEPAnKbhZWPzDz%2BZx7Pg%2FnnHs%2F3S1OiI%2BCTtZumW2lNV1u1v3aa%2BsqFaZ0tdv3aoFf9y%2FX1lW6El2u9ac%2F23sz8Jt1%2F%2FXae5JvmuWGH%2Fh%2B4Ae168rKxPSXZyxUdtgO6m2%2FHjXqQTNC3%2F4Xu8KDox5E74Q8DyXG%2F9v48SkUHyHtPrkm3WZusjfe7Raa5saiJw4%2BSDdTU6boLsbEekjSg%2Fk2jBsT8tk5mPRg7gCmtzd1AKbGxPs1AEsP5jLBevtnSpmGTMHE%2F1H2RpB6BEVH4OY%2BlHhGAC5wexVp99FtY0u6dcbSKTsmF07%2FhCrH5MLvLyLtfnlVq37trtFFrkzq0E8qqP4IqjNCVhwh3%2FagyiPw%2FBMo8RNZPr2JtLu36rSBEpNXKY%2BDoCWaS1Hsy6WI0WSpzUO25LeaMWPtmEvOZxEpNYJKRtByAOo8FNNPeSgSD0XmoSsmNdpsJ77fSlgShnHEOQ9DzpvximiKMIoTHwWfehggzwbgegBud5DZHWyqAWzxLdxGBSc8uJygJyqUkqB0BCUlKBVBmROUvWpfaNdw1SOhXcGCeW%2FMe1gNTd7Zpfsm78iU7GYn5LlZcH8%2FPMWmnNSCOAr9oM2SxkqYhG3KeRKGbRnzaKUV%2B7QNpyood25mc1uNyaXvLyJTz94agtEjOH0Erl4ALV4BLYethg%2B6MYxiH9vpoaBCbGnVk3VuIEyFLL%2BAfMvb1SfkpZmK8BcNyY%2BvfMhujf94%2FBe4rZDZCh%2Bp7wg6%2BsHwjinJ3h1TOvJ0NctVV23T6dXezWkuz3%2F%2BvtwqjRU3rrnB47f5lJiOh%2Feky2%2FSVKi048gXV5UQ0l43lkvyzQ23Ltla4TauFjYtsptr71y%2F0c2sdE6ZdASqxoT8cAyuxuTiV5PZs335tydQdgRbVOgWx2ReUOYIPNuByxb6nSGwerHDMg9lUQ1tgy0OtSLQcoEpq%2BD%2Bhdli3nUP0LEeaH4fabdCz1bo6QpUD%2BCK88M8s8dXfg5nBaa9IdPW22Pa6odn4To1qTWDSMYsbnEhmOQiaDXCOPT9hhBRqy2DNnI35h9%2FfekfAAAA%2F%2F8BAAD%2F%2F431KLyOBAAA HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: u_pl=16749046; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1843019bf263f39accf339e8c46780a9=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fdaf146dce9bf9d1df8f029c77a47f0
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 soldierreproduceadmiration.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Cookie: u_pl=17018029; uid_id2=ac8117d5-480e-4baf-9c3b-0758bb98cecc:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfeeb07fbce09c51f87784484286419a1=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=feeb07fbce09c51f87784484286419a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=feeb07fbce09c51f87784484286419a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=feeb07fbce09c51f87784484286419a1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46a68ab1f91d3bff54e1f9f46ada8836
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65f96a268c71dd2240b791911c212326
1c35b60c96efc632a131cb94748ee415a879f3b2
eecc5be54045ae30a37b00d7b96102d40dacc0e1c761a6432425673e04761c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EECC5BE54045AE30A37B00D7B96102D40DACC0E1C761A6432425673E04761C3A"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9589
Expires: Thu, 24 Nov 2022 21:26:36 GMT
Date: Thu, 24 Nov 2022 18:46:47 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=98164ece911791317b4bfdec826c3bdb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=98164ece911791317b4bfdec826c3bdb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=98164ece911791317b4bfdec826c3bdb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://streamgo.to/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98b31d7d4f225f8b162c94be6c40ff79
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=1843019bf263f39accf339e8c46780a9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=1843019bf263f39accf339e8c46780a9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=1843019bf263f39accf339e8c46780a9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1662a2e8aa03c85583aee709e0984760
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ddd430767cdbddd8ac0726a842abd6c0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ddd430767cdbddd8ac0726a842abd6c0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ac8117d5-480e-4baf-9c3b-0758bb98cecc&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ddd430767cdbddd8ac0726a842abd6c0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 18:46:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0641b4f9104176b4f11a2ee739ac62a
Strict-Transport-Security: max-age=0; includeSubdomains
daddyhd.com/embed/stream-155.php
172.67.144.96200 OK 0 B URL HTTP/2 daddyhd.com/embed/stream-155.php
IP 172.67.144.96:0
GET /embed/stream-155.php HTTP/1.1
Host: daddyhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
greydedi: HIT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvn%2FSGowKAg1pOk9otMT2%2FfBU6SWUT1DbVXp94Rii5Pvi3aFc4AWE4ec8Nnk3Bfufdi7twGZ8mqx%2F6tTR6BbjFJKZKD79Nz2av95xsgOv48EH5Jab9mWMkZigOv56w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f17deaa1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/1?z=5150086
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5150086 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 129eaf69f6ef759f57212d6563bd8f10
access-control-expose-headers: X-Sc
x-sc: dsmQi5nTEEvWtYRQVI76bCJTCz4keVZwv-vq9m-8KMNUXBpohgjUXCShhk5jjEBalj0sHOpM_HJOV5dOIGu6oZmvXfo=
set-cookie: scm=1; expires=Fri, 24 Nov 2023 18:46:44 GMT; secure; SameSite=None
OAID=9051f09f916e40139d10e588ae4ad770; expires=Fri, 24 Nov 2023 18:46:44 GMT; secure; SameSite=None
oaidts=1669315604; expires=Fri, 24 Nov 2023 18:46:44 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/css
x-amz-id-2: GP5TLlGL6fxvBVRKVrTSMaeseGxq5NLybMNUb7wSTUhaPlwWOAOsQTzZPyB8kzIskrQRzNihLEQ=
x-amz-request-id: XDPV9ZGAD5SGXBYJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2308031
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n59SFhYc97eq3GDitEukQRiSRCDmrc5taeNecj6alXV4b5VFNW35Vq6HH0s5LlhHFfXsZN6fCUENxQ%2B37HT%2FxaXILX4Sa5GTF%2B8zi7MrNWUaFxz%2FZJF3ymTj9lkxcl4rf02xvZH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f2a4eb18e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css
IP 172.64.108.13:0
GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBGwtgsBtSC%2BXsiCdVw02JbFv%2FUNcJyUL6JveutVIB37mv7ksGh5kX5jV24Hu7yCtWsP16yBptNr8C8rELMXgvgyycA871cBr%2BppJ1JLQHcyqW04S8pFZxtFRvyfgJHgGor%2FRIa3uXdL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f29bc4f75b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
streamservicehd.click/blast.js
172.67.220.222200 OK 0 B URL HTTP/2 streamservicehd.click/blast.js
IP 172.67.220.222:0
GET /blast.js HTTP/1.1
Host: streamservicehd.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamservicehd.click/premiumtv/daddyhd.php?id=155
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 11:49:59 GMT
etag: W/"634163e7-13040"
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFZMqvRFeyfB7NkBqfh691g9LUzrv%2F708fXPQu3%2FS3wEd3XKB0T9%2BNMLecdoyHwzsOjhzbTI1frZ5Y0qYewBR6UK1AXW9%2BLSUy1CK6JwhCdB6rwlKB4IATGEd1rRnaTu4tnr0cntBZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: unsafe-url
server: cloudflare
cf-ray: 76f44f1e1dd4b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/27/41ab89fd46dee73b88e90458e19140c8
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/41ab89fd46dee73b88e90458e19140c8
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/41ab89fd46dee73b88e90458e19140c8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: scm=1; OAID=9051f09f916e40139d10e588ae4ad770; oaidts=1669315604
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Tue, 22 Nov 2022 04:37:20 GMT
expires: Tue, 22 Dec 2082 04:37:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js
IP 172.64.108.13:0
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/javascript
last-modified: Tue, 17 Aug 2021 13:04:06 GMT
etag: W/"611bb3c6-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 795248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk87yiX6%2Bwh5AHn8bLKZLsV0R28Pq66IsWSjZqbL%2FQsY0SkJX35oFr%2F8PWsTCDuEKaBry%2FAlCBE9OJsALPymFgzJsy2LOnKqTeXenlmzfCr0CbXtoECRhZw9%2BaVjeLbq2V4gBeECPv2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2c88ce75b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/js/clock1.js
172.67.217.208200 OK 0 B URL HTTP/2 cdn.streamgo.to/js/clock1.js
IP 172.67.217.208:0
GET /js/clock1.js HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: application/javascript
last-modified: Sat, 05 Feb 2022 17:22:10 GMT
vary: Accept-Encoding
etag: W/"61feb242-11e3"
expires: Thu, 24 Nov 2022 20:38:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVa232TcIevkKchwN9OPJXSZSfPEPj3Qy1JWAz0I2%2FasSanOSTABDmAQdAA56jb9Tj7OcjUtN9vtCQ0N2p2P4ghxXnboI%2FgFsGHl5DFhP4oaon9j2b0l%2BnSxLuj%2BUJH4ag8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f15aeaab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: lMc9drvQACpBd5pyJgR1QA==
last-modified: Wed, 23 Nov 2022 09:41:24 GMT
etag: W/"0x8DACD36E2F5D37E"
x-ms-request-id: bc91156d-201e-0016-1520-ffe4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118927
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f296eb5b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.betteradsystem.com/rrssb.min.js
185.76.9.17200 OK 0 B URL HTTP/2 www.betteradsystem.com/rrssb.min.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /rrssb.min.js HTTP/1.1
Host: www.betteradsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Mon, 28 Nov 2022 17:18:18 GMT
access-control-allow-origin: *
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1669655898
server: CDN77-Turbo
x-77-nzt: AblMCQ1FAin/OQkEAA
x-77-nzt-ray: c0a4cc2840cc6db413bc7f6395215004
x-cache: HIT
x-age: 264505
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
eephaush.com/?rb=cMUg8ZEXohBo-KvhaTIfjw38P77sTFMR0nnQLOdeP5IzWO-uS_IvCe0URJDR2byo9Eo6LavZ4QgF7kdWshIMr785Km_0Mbl1d2q9_RflHgpak73NG3LRioF3aBUVPCpHtQXC-plmj3hx7D485HshaM6nWkw3-kJgMxwxBfYz43_suzm7RGFcR0HdXgtC-Y8cq-2gehFRa5Xdb9uP6mJ_T8hW5my7sVVPX5YVChDE8EA%3D&request_ab2=96003&zoneid=4284414&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1080&wih=608&wiw=1080&wfc=2&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&drf=http%3A%2F%2Fstreamgo.to%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4ea4144f-2480-49a8-a4c9-0bef15551e44&userId=033a374a72044a66b18ecd23a54edbfd&m=link
139.45.197.236200 OK 0 B URL HTTP/2 eephaush.com/?rb=cMUg8ZEXohBo-KvhaTIfjw38P77sTFMR0nnQLOdeP5IzWO-uS_IvCe0URJDR2byo9Eo6LavZ4QgF7kdWshIMr785Km_0Mbl1d2q9_RflHgpak73NG3LRioF3aBUVPCpHtQXC-plmj3hx7D485HshaM6nWkw3-kJgMxwxBfYz43_suzm7RGFcR0HdXgtC-Y8cq-2gehFRa5Xdb9uP6mJ_T8hW5my7sVVPX5YVChDE8EA%3D&request_ab2=96003&zoneid=4284414&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1080&wih=608&wiw=1080&wfc=2&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&drf=http%3A%2F%2Fstreamgo.to%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4ea4144f-2480-49a8-a4c9-0bef15551e44&userId=033a374a72044a66b18ecd23a54edbfd&m=link
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=cMUg8ZEXohBo-KvhaTIfjw38P77sTFMR0nnQLOdeP5IzWO-uS_IvCe0URJDR2byo9Eo6LavZ4QgF7kdWshIMr785Km_0Mbl1d2q9_RflHgpak73NG3LRioF3aBUVPCpHtQXC-plmj3hx7D485HshaM6nWkw3-kJgMxwxBfYz43_suzm7RGFcR0HdXgtC-Y8cq-2gehFRa5Xdb9uP6mJ_T8hW5my7sVVPX5YVChDE8EA%3D&request_ab2=96003&zoneid=4284414&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1080&wih=608&wiw=1080&wfc=2&pl=https%3A%2F%2Fdaddyhd.com%2Fembed%2Fstream-155.php&drf=http%3A%2F%2Fstreamgo.to%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4ea4144f-2480-49a8-a4c9-0bef15551e44&userId=033a374a72044a66b18ecd23a54edbfd&m=link HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Cookie: OAID=033a374a72044a66b18ecd23a54edbfd; oaidts=1669315604
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: application/json
x-trace-id: c3d43b3b0dd87998131cf90e281cbbc9
access-control-allow-origin: https://daddyhd.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=033a374a72044a66b18ecd23a54edbfd; expires=Fri, 24 Nov 2023 18:46:45 GMT; path=/; secure; SameSite=None
oaidts=1669315605; expires=Fri, 24 Nov 2023 18:46:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 01 Dec 2022 18:46:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=6430390&cbur=0.7482315455973002&cbiframe=1&cbWidth=1080&cbHeight=608&cbtitle=&cbpage=http%3A%2F%2Fstreamgo.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=6430390&cbur=0.7482315455973002&cbiframe=1&cbWidth=1080&cbHeight=608&cbtitle=&cbpage=http%3A%2F%2Fstreamgo.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=6430390&cbur=0.7482315455973002&cbiframe=1&cbWidth=1080&cbHeight=608&cbtitle=&cbpage=http%3A%2F%2Fstreamgo.to%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddyhd.com
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Dgscetro6eh4LJi70vp80EHxTNcLBf8zchdYXx62cJvAJROEe0P84sb2Arobwjvfl7gvcBL0N%2B1K1uE7Exg5YAgHIeGl6Im7pb5TadXrcG8lEKabMqa5j4nr5tUqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f229ffe0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 18:46:46 GMT
date: Thu, 24 Nov 2022 18:46:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Wed, 23 Nov 2022 09:41:27 GMT
etag: W/"0x8DACD36E4D54A22"
x-ms-request-id: c1d9b3be-a01e-0055-6520-ff0289000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 118926
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f297ec8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
172.67.74.218200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html
IP 172.67.74.218:0
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://streamgo.to
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:45 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 203503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmYQtA8lwPZVJhz81nt2IaEEJmo4W0ODupf%2FoA5oyq%2BwfrLhgTxLfE6o2dcQ4GEvERzY%2FTYzZ%2FJ51KjzrCPM62GYWLXkaBj0ZS8b%2F2Pcxb3rKw55R432nvZTqRuzy0FrCMlKNvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f284fc2b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.streamgo.to/js/ppj.js
172.67.217.208200 OK 0 B URL HTTP/2 cdn.streamgo.to/js/ppj.js
IP 172.67.217.208:0
GET /js/ppj.js HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 12:35:30 GMT
etag: W/"62d15f12-3a1"
expires: Thu, 24 Nov 2022 20:38:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69Vf9JfnvjOTQxiEAwahAWoXAjYmVCJxCSOX34JyKxRGrg6jEGf7Te0xDF2GUFKxb7gm8qmMdtb44KvwmE8i0mQKWU5u3U6KiVNxNuYo%2BZqM77LeP7a5pNwgYNu4%2Fl3IVZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f159e65b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 25 Dec 2022 18:46:43 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
cf-cache-status: HIT
age: 440853
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f198cd70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: __ucbt=node01bq13qztgywl319e33nkv9ew7; uniattr=ST.0.T; uniattr_ref="https://daddyhd.com/"; campaignId=2806377; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_1176A66E79ED440785E4BB57A311A1BD; BID=37950; PID=86262456; REFERER=https%3A%2F%2Fdaddyhd.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2806377%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320665405_1176A66E79ED440785E4BB57A311A1BD%26sref%3DTRM%26TRM%3DdL_266285.953898%26affiliateId%3D1%26pid%3D86262456%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2806377
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 24 Nov 2022 18:46:46 GMT
content-type: application/xml
x-ms-request-id: 63d8d41b-301e-0057-2134-00bc31000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 177
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f2ac91db512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.streamgo.to/asset_res/bootstrap_4_slate.min.css
172.67.217.208200 OK 0 B URL HTTP/2 cdn.streamgo.to/asset_res/bootstrap_4_slate.min.css
IP 172.67.217.208:0
GET /asset_res/bootstrap_4_slate.min.css HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: text/css
last-modified: Sat, 05 Feb 2022 17:21:36 GMT
vary: Accept-Encoding
etag: W/"61feb220-29e70"
expires: Thu, 24 Nov 2022 20:38:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj%2BAjeF6IIwp3HzQv%2Bk9cz5XCwXI%2FqWt0%2B5jvLMS2LE%2BZkkTQJGb%2FwmTugHPBPcs2iqjkwCYZ%2FgLd1%2FnQ9X8qZeiAC7YCrgD%2FZ6KepNI7k%2BdN0vMAoIEE1GEKgzIZjnkjbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f15aea6b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.streamgo.to/asset_res/bootstrap.bundle.min.js
172.67.217.208200 OK 0 B URL HTTP/2 cdn.streamgo.to/asset_res/bootstrap.bundle.min.js
IP 172.67.217.208:0
GET /asset_res/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.streamgo.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://streamgo.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:42 GMT
content-type: application/javascript
last-modified: Sat, 05 Feb 2022 17:22:08 GMT
vary: Accept-Encoding
etag: W/"61feb240-13131"
expires: Thu, 24 Nov 2022 20:38:59 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07vbX8OYAyOlEPIy9DDtEz3XxzKEzZQNckn%2Fxi7XZEJWXsT521jlTjCSYpobGvY1DL5QziGG02kKEIHDDIgKiWOSJE%2FwmrdlL2KCtMZc6E%2FvGQ7OuuuJ%2FB%2BUrXE2k7djmUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f44f15deeab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnondemand.org/script/bootstrap.js
104.16.166.16200 OK 0 B URL HTTP/2 cdnondemand.org/script/bootstrap.js
IP 104.16.166.16:0
GET /script/bootstrap.js HTTP/1.1
Host: cdnondemand.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daddyhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 18:46:43 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsIo54DFIP8mT6xlEm7mT_Prw2OVP3L_MxvzQP5AgwmTf_Cjhx2toryVnv6MB4TywlZgAA3IzX9I1YDnPWEkrHGrBtcsJy_
x-goog-generation: 1669191375948071
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 24 Nov 2022 22:46:43 GMT
cache-control: public, max-age=14400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
age: 2719
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f44f1c2d570b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2